arp-scan sends ARP (Address Resolution Protocol) queries to the specified targets, and displays any responses that are received. It allows any part of the outgoing ARP packets to be changed, allowing the behavior of targets to non-standard ARP packets to be examined. The IP address and hardware address of received packets are displayed, together with the vendor details. These details are obtained from the IEEE OUI and IAB listings, plus a few manual entries. It includes arp-fingerprint, which allows a system to be fingerprinted based on how it responds to non-standard ARP packets.
ce908ac71c48e85dddf6dd4fe5151d13c7528b1f49717a98b2a2535bd797d892arp-scan sends ARP (Address Resolution Protocol) queries to the specified targets, and displays any responses that are received. It allows any part of the outgoing ARP packets to be changed, allowing the behavior of targets to non-standard ARP packets to be examined. The IP address and hardware address of received packets are displayed, together with the vendor details. These details are obtained from the IEEE OUI and IAB listings, plus a few manual entries. It includes arp-fingerprint, which allows a system to be fingerprinted based on how it responds to non-standard ARP packets.
61055bf9e7c15e34f8adabebb4a9b035cb0030a3cd19b4f00df9fea483c0256farp-scan sends ARP (Address Resolution Protocol) queries to the specified targets, and displays any responses that are received. It allows any part of the outgoing ARP packets to be changed, allowing the behavior of targets to non-standard ARP packets to be examined. The IP address and hardware address of received packets are displayed, together with the vendor details. These details are obtained from the IEEE OUI and IAB listings, plus a few manual entries. It includes arp-fingerprint, which allows a system to be fingerprinted based on how it responds to non-standard ARP packets.
3e4d2ddb0634dad07cbe7206349e0eb389e37510883b0735a450adef41df6f26arp-scan sends ARP (Address Resolution Protocol) queries to the specified targets, and displays any responses that are received. It allows any part of the outgoing ARP packets to be changed, allowing the behavior of targets to non-standard ARP packets to be examined. The IP address and hardware address of received packets are displayed, together with the vendor details. These details are obtained from the IEEE OUI and IAB listings, plus a few manual entries. It includes arp-fingerprint, which allows a system to be fingerprinted based on how it responds to non-standard ARP packets.
f50e2f3a2ec6cfe4e4d15a6de0cfb5c707b7e703687800deb35456f914492ee4ike-scan is a utility that discovers IKE hosts and can also fingerprint them using the retransmission backoff pattern.
05d15c7172034935d1e46b01dacf1101a293ae0d06c0e14025a4507656f1a7b6NTA Monitor discovered a denial of service vulnerability in the Cisco VPN 3000 series concentrator products while performing a VPN security test for a customer in July 2005. The vulnerability affects Phase-1 of the IKE protocol. Both Main Mode and Aggressive Mode over both UDP and TCP transports are affected. The vulnerability allows an attacker to exhaust the IKE resources on a VPN concentrator by sending a high rate of IKE requests, which will prevent valid clients from connected or re-keying. The attack does not require a high bandwidth, so one attacker could potentially target many concentrators. This mechanism behind this vulnerability is similar to the well-known TCP SYN flood vulnerability.
be9e71e7ed762a62e165c493b33ebe9e8bc248cea205d65985b9212c0de7e083ike-scan is a utility that discovers IKE hosts and can also fingerprint them using the retransmission backoff pattern.
fc7b4aea32e4cf577411237410323c8bc327f65e54b88184b1a85118d79c918cNTA Monitor has discovered a VPN username enumeration vulnerability in the Juniper Netscreen integrated Firewall/VPN products while performing a VPN security test for a customer. The issue is believed to affect all models of Juniper Netscreen running all ScreenOS software versions up to 5.2.0.
c62ad783ef552c15a0b4c2b7381e46c7d0b0f66225ab7c1191509fba5dade3fcNortel VPN Router products are susceptible to a denial of service attack via a malformed IPsec IKE packet.
3757ae9bdbba6788484a12d306d65e40e70d5721c7b1adb352c54fee941eaf06A vulnerability in Cisco VPN concentrators allows an attacker to enumerate valid groupnames on a through either a dictionary attack, or a brute-force attack. The issue exists because the concentrator responds to valid groupnames differently to the way in which it responds to invalid groupnames. The issue is believed to affect all models of Cisco VPN 3000 Concentrator: 3005, 3015, 3020, 3030, 3060 and 3080. It is believed that all software versions prior to 4.1.7.F are vulnerable.
2e460ecbb84d0cf7cfa5a0a6fbd7103c9f804914e042195662abb8fd2f0a6d00NTA Monitor has discovered a password disclosure issue in the Nortel Windows VPN client. The Nortel client stores the password in an obfuscated form in the Windows registry, but it also stores the unencrypted password in process memory.
b5520600578557d7becbbed66dbfcd57616c4dd922b9a02a69974e53503b38a9The SafeNet SoftRemote VPN client has an issue where a password is stored as clear text in memory.
4ddf3ab879d0979c09c314bbcf63db87068c3b3d1bffa3e1403cc152a76748afike-scan is a utility that discovers IKE hosts and can also fingerprint them using the retransmission backoff pattern.
52d5be7cfeddbc5fd01bec42fc8d39f1d86ce5584bc8e2553ab2b55673835e60Checkpoint Firewall-1 version 4.1 and later with IPsec VPN enabled will return an IKE Vendor ID payload when it receives an IKE packet with a specific Vendor ID payload. The Vendor ID payload that is returned identifies the system as Checkpoint Firewall-1 and also determines the Firewall-1 version and service-pack or feature-pack revision number. This is an information leakage issue which can be used to fingerprint the Firewall-1 system.
440208d725a4ec5c0d16e26260994618621b0231f531a80db7b7c381d24b4f4fike-scan is a utility that discovers IKE hosts and can also fingerprint them using the retransmission backoff pattern.
50fa57f374ffd7a9406734dc7e7d5d00813ae61122ca580dd8221720e77d2ce2ike-scan is a utility that discovers IKE hosts and can also fingerprint them using the retransmission backoff pattern.
ef4da0b8fb8c43faed743d094966384c7c9a1e8041a8e811b657bc9863951839Checkpoint Firewall-1 SecuRemote IKE usernames can be guessed or sniffed using IKE exchange and can be guessed separately from the password. Firewall-1 versions 4.0 SP 7, 4.1 SP2, 4.1 SP6, NG Base, NG FP1 and NG FP2 allow username guessing using IKE aggressive mode.
5a400ed8f87e890c92da75c23f927c0c3da387065ed5af4a3ab88c33d6c785a6
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed