A company hires a penetration tester to determine if there are any vulnerabilities in its new VPN concentrator installation with an external IP of 100.170.60.5. Which of the following commands will test if the VPN is available?
A.
fpipe.exe -1 8080 -r 80 100.170.60.5
B.
ike-scan -A -t 1 --sourceip=spoof_ip 100.170.60.5
I would go for B.
"ike-scan is a command-line IPSec VPN Scanner & Testing Tool for discovering, fingerprinting and testing IPsec VPN systems."
https://www.darknet.org.uk/2008/11/ike-scan-ipsec-vpn-scanner-testing-tool/
https://docs.paloaltonetworks.com/pan-os/7-1/pan-os-admin/vpns/site-to-site-vpn-concepts/set-up-site-to-site-vpn/test-vpn-connectivity
https://subscription.packtpub.com/book/networking_and_servers/9781787121829/1/ch01lvl1sec17/pentesting-vpn-s-ike-scan
a.) fpipe ... is a tool to somehow redirect local ports
d.) nc (netcat) you just connect to one port, this does not give you enought info ... and the bin/bash at the end is missplace so i would not work anyway
b.) is the Trap answer: ike-scan is indeed used to scan IP-Sec based VPN server.
But Spoiler: Not all VPN Use IP-Sec ... like Cisco Anyconnect users SSL and open-vpn also works diffrent.
But what realy kills B is the wrong syntax and the spoofing:
there is a -sourceip option . But it only accepts an doted ip address or the value "random"
Anyway even if the syntax was right and it would would use a "Random" source adress ... no packets would be returned to you ... because its not your source address ... so you wont get any info if the service is up or down
http://www.royhills.co.uk/wiki/index.php/Ike-scan_help_output
After looking into this I agree with you. Found on https://www.systutorials.com/docs/linux/man/1-ike-scan/
--sourceip=<s>
Set source IP address for outgoing packets to <s>. This option causes the outgoing IKE packets to have the specified source IP address. The address can either be an IP address in dotted quad format, or the string "random" which will use a different random source address for each packet that is sent. If this option is used, no packets will be received This option requires raw socket support, and you will need superuser privileges to use this option, even if you specify a high source port. This option does not work on all operating systems.
Why is it that I see a lot of people say these answers are wrong but when I search the question it's the same as it is on this site. So are all these questions answered wrong by all of the other sites as well, are people trying to throw others off on this site for some reason or maybe overthinking it? I'm a bit frustrated as to what the correct answers are most of the time.
niceeee tricky question ...
after 20 Minutes or so im pretty sure it's
C. good old nmap
Why you propably ask ?
Nmap Syntax seems correct ...
-A: Enable OS detection, version detection, script scanning, and traceroute
-f; --mtu <val>: fragment packets (optionally w/given MTU)
Scripts and OS Detection and tracerout should give you good information if the host is UP.
a.) fpipe ... is a tool to somehow redirect local ports
d.) nc (netcat) you just connect to one port, this does not give you enought info ... and the bin/bash at the end is missplace so i would not work anyway
b.) is the Trap answer: ike-scan is indeed used to scan IP-Sec based VPN server.
But Spoiler: Not all VPN Use IP-Sec ... like Cisco Anyconnect users SSL and open-vpn also works diffrent.
But what realy kills B is the wrong syntax and the spoofing:
there is a -sourceip option . But it only accepts an doted ip address or the value "random"
Anyway even if the syntax was right and it would would use a "Random" source adress ... no packets would be returned to you ... because its not your source address ... so you wont get any info if the service is up or down
http://www.royhills.co.uk/wiki/index.php/Ike-scan_help_output
upvoted 1 times
...
...
This section is not available anymore. Please use the main Exam Page.PT0-001 Exam Questions
Log in to ExamTopics
Sign in:
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.
Upvoting a comment with a selected answer will also increase the vote count towards that answer by one.
So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.
mr_robot
Highly Voted 5 years agoMrRiver
3 years, 8 months agodustercan
3 years, 8 months agomiabe
Most Recent 2 years, 10 months agoanonamphibian
3 years, 2 months agorunagerj
3 years, 7 months agomattlai
3 years, 2 months agorose_y
3 years, 7 months ago9SH4
3 years, 7 months agoMrRiver
3 years, 8 months agoMrRiver
3 years, 8 months ago