search

dlenski / what-vpn

Identify servers running various SSL VPNs based on protocol-specific behaviors
GNU General Public License v3.0
81 stars 16 forks source link

Why would vpn.drew.edu be a "false-negative SonicWall"? #3

Closed DimitriPapadopoulos closed 2 years ago

DimitriPapadopoulos commented 2 years ago

https://github.com/dlenski/what-vpn/blob/d76f7aa83df4e5b4376efc3d31c499262585b17f/tests/test_sniffers.py#L53

drew

DimitriPapadopoulos commented 2 years ago

Oh, it's a false negative, not a false-positive.

It's just that the script is unable to test vpn.drew.edu:

.WARNING:root:sniffing vpn.drew.edu for anyconnect resulted in exception ('Connection aborted.', RemoteDisconnected('Remote end closed connection without response'))
WARNING:root:sniffing vpn.drew.edu for check_point resulted in exception The read operation timed out
WARNING:root:sniffing vpn.drew.edu for sstp resulted in exception ('Connection aborted.', RemoteDisconnected('Remote end closed connection without response'))

But we need a different ticket for that.