LinuxCommandLibrary

ike-scan

TLDR

Scan for IKE hosts

$ sudo ike-scan [192.168.1.0/24]
copy
Aggressive mode
$ sudo ike-scan -A [target]
copy
Specify transform
$ sudo ike-scan --trans=[5,2,1,2] [target]
copy
Show vendor ID
$ sudo ike-scan -M [target]
copy
Source port
$ sudo ike-scan -s [500] [target]
copy

SYNOPSIS

ike-scan [options] targets

DESCRIPTION

ike-scan discovers and fingerprints IPsec VPN servers. It sends IKE packets and analyzes responses to identify VPN implementations.
The tool performs IKE protocol scanning for security assessment. It identifies vendor, version, and supported transforms.
ike-scan scans for IPsec VPN servers.

PARAMETERS

TARGETS

IP addresses or ranges.
-A, --aggressive
Aggressive mode.
-M, --multiline
Multiline output.
--trans SET
Transform set.
-s PORT
Source port.
-d PORT
Destination port.
--help
Display help information.

CAVEATS

Security testing tool. Authorization required. UDP port 500.

HISTORY

ike-scan was created by Roy Hills for IPsec VPN discovery and fingerprinting.

SEE ALSO

nmap(1), strongswan(8), ipsec(8)

Copied to clipboard