500, 4500 ) IPsec IKE
Basic scan
ike-scan -M 10.10.10.116
Aggressive scan
ike-scan -A -M 10.10.10.116
IPsec Tunneling/Transport
##-- Install StrongsWan
apt-get install strongswan
##-- Edit the /etc/ipsec.secrets (strongSwan IPsec secrets) file
<AttackersIP> %any : PSK "v+NkxY9LL..<ReplaceThiskey>"
##-- Edit the /etc/ipsec.conf file
conn ConfigNameHere
type=transport
keyexchange=<ReplaceIKEVersion>
authby=psk
right=<AttackerIP>
rightprotoport=tcp # if you want tcp,if not remove this
leftprotoport=tcp # if you want tcp,if not remove this
esp=3des-sha1 # we can get this from ike-scan -M AttackerIP | grep 'SA' | awk -F= '{print $3}'
ike=3des-sha1-modp1024 #we can get this from ike-scan -M AttackerIP | grep 'SA' | awk -F= '{print $5}'
auto=start
##-- Start service
ipsec start --nofork
Last updated