IPSEC Internet Key Exchange (IKE) Version 2 Detection

info Nessus Plugin ID 62695

Synopsis

A VPN server is listening on the remote port.

Description

The remote host seems to be enabled to do Internet Key Exchange (IKE).
This is typically indicative of a VPN server. VPN servers are used to connect remote hosts into internal resources.

Make sure that the use of this VPN endpoint is done in accordance with your corporate security policy.

Note that if the remote host is not configured to allow the Nessus host to perform IKE/IPSEC negotiations, Nessus won't be able to detect the IKE service.

Also note that this plugin does not run over IPv6.

Solution

If this service is not needed, disable it or filter incoming traffic to this port.

Plugin Details

Severity: Info

ID: 62695

File Name: ike2_detect.nasl

Version: 1.10

Type: remote

Published: 10/24/2012

Updated: 9/22/2020

Asset Inventory: true

Supported Sensors: Nessus

Reference Information

IAVT: 0001-T-0900