Copyedit the index.

2025-12-16 12:49:02 +00:00 · 2008-07-07 07:25:48 +00:00
parent 5fcb0dd09a
commit 055b6afca1
3 changed files with 162 additions and 128 deletions
--- a/docs/nmap-install.xml
+++ b/docs/nmap-install.xml
@@ -1,6 +1,6 @@
 <!-- $Id$ -->
-<indexterm><primary>installation</primary></indexterm>
+<indexterm class="startofrange" id="install-indexterm"><primary>installation</primary></indexterm>
 <sect1 id="inst-intro"><title>Introduction</title>
@@ -20,7 +20,7 @@ mind.</para>
 have it.  Many free operating system distributions (including most
 Linux and BSD systems) come with Nmap, although it may not be
 installed by default.  On Unix systems, open a terminal window and try executing the command
-<command>nmap <option>--version</option></command><indexterm><primary><option>--version</option></primary></indexterm>.
+<command>nmap <option>--version</option></command>.
 If Nmap exists and is in your <envar>PATH</envar>,
 <indexterm><primary><envar>PATH</envar> environment variable</primary></indexterm>
 you should see output similar to <xref linkend="ex-checking-for-nmap" />.</para>
@@ -28,6 +28,7 @@ you should see output similar to <xref linkend="ex-checking-for-nmap" />.</para>
 <indexterm><primary>version number of Nmap</primary><see><option>--version</option></see></indexterm>
 <example id="ex-checking-for-nmap"><title>Checking for Nmap and determining its version number</title>
 <indexterm><primary><option>--version</option></primary><secondary>example of</secondary></indexterm>
 <!--REMEMBER TO UPDATE TEXT BELOW THE SCREENSHOT WHEN I UPDATE THE SCREENSHOT
    TO LATEST VERSION -->
 <screen>
@@ -75,7 +76,7 @@ Nmap offers more than a hundred
 command-line options, although many are obscure features or debugging
 controls that most users can ignore.  Many graphical frontends have been
 created for those users who prefer a GUI interface.  Nmap has traditionally included a simple GUI for Unix named <application>NmapFE</application><indexterm><primary>NmapFE</primary></indexterm>, but that was replaced in 2007 by Zenmap,
-<indexterm><primary>Zenmap</primary><secondary>advantages of</secondary></indexterm>which we had been developing since 2005.  Zenmap is far more powerful and effective than NmapFE, particularly in results viewing.  Zenmap's tab-based interface lets you search and sort
+which we had been developing since 2005.  Zenmap is far more powerful and effective than NmapFE, particularly in results viewing.  Zenmap's tab-based interface lets you search and sort
 results, and also browse them in several ways (host details, raw Nmap
 output, and ports/hosts).  It works on Microsoft Windows, Linux, Mac
 OS X, and other platforms.  Zenmap is covered in depth in <xref linkend="zenmap"/>.  The rest of this book focuses on command-line invocations of Nmap.
@@ -265,7 +266,6 @@ SVN is most useful for Nmap developers and users who need a fix which
 hasn't yet been formally released.</para>
 <para>
 <indexterm><primary>Subversion</primary><secondary>checking out from</secondary></indexterm>
 SVN write access is strictly limited to a few top Nmap
 developers, but everyone has read access to the repository.  Check out
 the latest code using the command <command>svn co --username guest
@@ -286,7 +286,7 @@ url="http://cgi.insecure.org/mailman/listinfo/nmap-svn"/>.</para>
 </sect1>
 <sect1 id="inst-source"><title>Unix Compilation and Installation from Source Code</title> 
-<indexterm><primary>Unix</primary><secondary>compilation and installation</secondary></indexterm>
+<indexterm><primary>Unix</primary><secondary>installing on</secondary></indexterm>
 <indexterm><primary>installation</primary><secondary>from source</secondary></indexterm>
 <indexterm><primary>source code</primary></indexterm>
 <indexterm><primary>compilation</primary></indexterm>
@@ -434,7 +434,7 @@ error.</para></listitem></varlistentry>
 <varlistentry><term>Consider binary packages</term>
 <listitem>
-<indexterm><primary>binary packages</primary><secondary>advantages of</secondary></indexterm>
+<indexterm><primary>binary packages</primary></indexterm>
 <para>Binary packages of Nmap are available on most
 platforms and are usually easy to install.  The downsides are that
 they may not be as up-to-date and you lose some of the flexibility of
@@ -448,7 +448,7 @@ packages.</para></listitem></varlistentry>
 </sect1>
 <sect1 id="inst-linux"><title>Linux Distributions</title>
-<indexterm><primary>Linux</primary></indexterm>
+<indexterm><primary>Linux</primary><secondary>installing on</secondary></indexterm>
 <para>
 <indexterm><primary>Linux</primary><secondary>popularity as Nmap platform</secondary></indexterm>
@@ -474,10 +474,10 @@ the most common distributions.</para>
 <sect2 id="inst-rpm"><title>RPM-based Distributions (Red Hat, Mandrake, Suse, Fedora)</title>
 <indexterm><primary>RPM</primary></indexterm>
-<indexterm><primary>Red Hat (Linux distribtion)</primary><see>RPM</see></indexterm>
+<indexterm><primary>Red Hat (Linux distribtion)</primary><secondary>installing on, with RPM</secondary>></indexterm>
-<indexterm><primary>Mandrake (Linux distribution)</primary><see>RPM</see></indexterm>
+<indexterm><primary>Mandrake (Linux distribution)</primary><secondary>installing on, with RPM</secondary></indexterm>
-<indexterm><primary>Suse (Linux distribution)</primary><see>RPM</see></indexterm>
+<indexterm><primary>Suse (Linux distribution)</primary><secondary>installing on, with RPM</secondary></indexterm>
-<indexterm><primary>Fedora (Linux distribution)</primary><see>RPM</see></indexterm>
+<indexterm><primary>Fedora (Linux distribution)</primary><secondary>installing on, with RPM</secondary></indexterm>
 <para>I build RPM packages for every release of Nmap and post them to
 the Nmap download page at <ulink url="http://nmap.org/download.html" />.
@@ -536,10 +536,10 @@ reason there are no Zenmap source RPMs.</para>
 <sect2 id="inst-yum"><title>Updating Red Hat, Fedora, Mandrake, and Yellow Dog Linux with Yum</title>
 <indexterm><primary>Yum</primary></indexterm>
-<indexterm><primary>Red Hat (Linux distribtion)</primary><see>Yum</see></indexterm>
+<indexterm><primary>Red Hat (Linux distribtion)</primary><secondary>installing on, with Yum</secondary></indexterm>
-<indexterm><primary>Mandrake (Linux distribution)</primary><see>Yum</see></indexterm>
+<indexterm><primary>Mandrake (Linux distribution)</primary><secondary>installing on, with Yum</secondary></indexterm>
-<indexterm><primary>Yellow Dog (Linux distribution)</primary><see>Yum</see></indexterm>
+<indexterm><primary>Yellow Dog (Linux distribution)</primary><secondary>installing on, with Yum</secondary></indexterm>
-<indexterm><primary>Fedora (Linux distribution)</primary><see>Yum</see></indexterm>
+<indexterm><primary>Fedora (Linux distribution)</primary><secondary>installing on, with Yum</secondary></indexterm>
 <para>The Red Hat, Fedora, Mandrake, and Yellow Dog Linux
 distributions have an application named <application>Yum</application>
@@ -610,10 +610,10 @@ Complete!
 <sect2 id="inst-debian"><title>Debian Linux and Derivatives such as Ubuntu</title>
 <indexterm><primary>Debian</primary><secondary>installing on</secondary></indexterm>
-<indexterm><primary>Ubuntu</primary><see>Debian</see></indexterm>
+<indexterm><primary>Ubuntu</primary><secondary>installing on</secondary></indexterm>
 <para>LaMont Jones
 <indexterm><primary>Jones, LaMont</primary></indexterm>
-does a fabulous job maintaining the Nmap .deb<indexterm><primary>installation</primary><secondary>from deb packages</secondary></indexterm>
+does a fabulous job maintaining the Nmap .deb
 packages, including keeping them reasonably up-to-date.  The proper
 upgrade/install command is <command>apt-get install nmap</command>.
 <indexterm><primary><application>apt-get</application></primary></indexterm>
@@ -646,7 +646,7 @@ Because of this popularity and the fact that
 many Windows users do not have a compiler, binary executables are
 distributed for each major Nmap release.  While it has improved
 dramatically, the Windows port is not quite as efficient or stable as
-on Unix.  Here are some known limitations:<indexterm><primary>Windows</primary><secondary>limitations</secondary></indexterm>
+on Unix.  Here are some known limitations:
 </para>
@@ -693,12 +693,11 @@ the <literal>CurrentControlSet\Services\Tcpip\Parameters</literal> entry under <
  years, Nmap was a Unix-only tool, and it would likely still be that
  way if not for their efforts.</para></note>
-<indexterm><primary>Windows</primary><secondary>installation on</secondary></indexterm>
+<indexterm><primary>Windows</primary><secondary>installing on</secondary></indexterm>
 <para>Windows users have three choices for installing
 Nmap, all of which are available from the
-download page at <ulink
+download page at <ulink url="http://nmap.org/download.html" />.</para>
 url="http://nmap.org/download.html" />.<indexterm><primary>installation</primary><secondary>from Windows binaries</secondary></indexterm></para>
@@ -712,7 +711,7 @@ self-installer named
 specific release).  Most Nmap users choose this option since it is so
 easy.  Simply run the installer file and let it walk you through
 panels for choosing an install path and installing WinPcap.  The
-installer was created with the open source <ulink
+installer was created with the open-source <ulink
 url="http://nsis.sourceforge.net/Main_Page">Nullsoft Scriptable
 Install System</ulink>.  After it completes, read <xref
 linkend="inst-win-exec"/> for instructions on executing Nmap on the
@@ -730,7 +729,9 @@ command-line binaries and associated files in a Zip archive.  No
 graphical interface is included, so you need to run
 <literal>nmap.exe</literal> from a DOS/command window.  Or you can
 download and install a superior command shell such as those included
-with the free Cygwin system available from <ulink url="http://www.cygwin.com" />.  Here are the step-by-step instructions for installing and executing the Nmap .zip binaries.</para>
+with the free Cygwin
 <indexterm><primary>Cygwin</primary></indexterm>
 system available from <ulink url="http://www.cygwin.com" />.  Here are the step-by-step instructions for installing and executing the Nmap .zip binaries.</para>
 <sect3 id="inst-win-zip-install"><title>Installing the Nmap zip binaries</title>
 <orderedlist>
@@ -744,7 +745,7 @@ the Nmap executable and data files.  Microsoft Windows XP and Vista
 include zip extraction&mdash;just right-click on the file in
 <application>Explorer</application>.  If you do not have a Zip
 decompression program, there is one (called unzip) in Cygwin described
-above, or you can download the open source and free <ulink
+above, or you can download the open-source and free <ulink
 url="http://www.7-zip.org">7-zip utility</ulink>.  Commercial
 alternatives are <ulink url="http://www.winzip.com">Winzip</ulink> and
 <ulink url="http://www.pkware.com">PKZIP</ulink>.</para></listitem>
@@ -815,7 +816,7 @@ interfaces:</para>
 <orderedlist>
 <listitem><para>Make sure the user you are logged in as has administrative privileges
-<indexterm><primary>administrator (root) privileges</primary></indexterm>
+<indexterm><primary>privileged users</primary></indexterm>
 on the computer (user should be a member of the <literal>administrators</literal> group).</para></listitem>
 <listitem><para>Open a command/DOS Window.  Though it can be found in
 the program menu tree, the simplest approach is to choose <guimenu>Start</guimenu> 
@@ -897,7 +898,7 @@ you have more flexibility in the build process.
 </sect1>
 <sect1 id="inst-macosx"><title>Apple Mac OS X</title>
-<indexterm><primary>Mac OS X</primary></indexterm>
+<indexterm><primary>Mac OS X</primary><secondary>installing on</secondary></indexterm>
 <indexterm><primary>Apple Mac OS X</primary><see>Mac OS X</see></indexterm>
 <para>Thanks to several people graciously donating shell accounts on
@@ -1034,7 +1035,7 @@ install nmap</command>. Nmap will be installed as
 <filename>/Applications/Utilities</filename>. Open it and you will see a
 terminal window. This is where you will type your commands.</para>
-<para><indexterm><primary>root</primary><secondary>with <command>sudo</command></secondary></indexterm>
+<para><indexterm><primary><command>sudo</command></primary></indexterm>
 By default the root user is disabled on Mac OS X. To run a scan with
 root privileges prefix the command name with <application>sudo</application>,
 <indexterm><primary><application>sudo</application></primary></indexterm>
@@ -1049,7 +1050,7 @@ an optional install on the Mac OS X installation discs.</para>
 <para>When Zenmap is started, a dialog is displayed requesting that you
 type your password. Users with administrator privileges
-<indexterm><primary>administrator (root) privileges</primary></indexterm>
+<indexterm><primary>privileged users</primary></indexterm>
 may enter their
 password to allow Zenmap to run as the root user and run more advanced
 scans. To run Zenmap in unprivileged mode, just select the
@@ -1062,7 +1063,7 @@ scans. To run Zenmap in unprivileged mode, just select the
 <indexterm><primary>BSDs</primary></indexterm>
-<para><indexterm><primary>installation</primary><secondary>on BSD</secondary></indexterm>The BSD flavors are well supported by Nmap, so you can simply
+<para>The BSD flavors are well supported by Nmap, so you can simply
 compile it from source as described in <xref linkend="inst-source"
 />.  This provides the normal advantages of always having the latest
 version and a flexible build process.  If you prefer binary packages,
@@ -1072,7 +1073,6 @@ popular applications.   Instructions for installing Nmap on
 the most popular *BSD variants follow.</para>
 <sect2 id="inst-openbsd"><title>OpenBSD Binary Packages and Source Ports Instructions</title>
 <indexterm><primary>OpenBSD</primary><secondary>installation on</secondary></indexterm>
 <para>According to the <ulink
 url="http://www.openbsd.org/faq/">OpenBSD FAQ</ulink>, users
@@ -1219,3 +1219,5 @@ specified <option>--prefix</option> or other install-path option when
 first installing Nmap.  The files relating to zenmap, nmapfe, and xnmap do not exist if you did not install the <application>Zenmap</application> frontend initially.</para>
 </sect1>
 <indexterm class="endofrange" startref="install-indexterm"/>
--- a/docs/refguide.xml
+++ b/docs/refguide.xml
@@ -150,8 +150,12 @@ substitute for the in-depth documentation in the rest of this
 manual.  Some obscure options aren't even included here.</para>
 <para>
-<indexterm class="startofrange" id="nmap-usage-indexterm"><primary sortas=" ">summary of options</primary></indexterm>
+<!-- sortas="#" puts it before the entries that start with '-' in the options
     section. -->
 <indexterm class="startofrange" id="nmap-usage-indexterm"><primary sortas="#">summary of options</primary></indexterm>
 <indexterm class="startofrange" id="nmap-usage-nmap-indexterm"><primary>command-line options</primary><secondary>of Nmap</secondary></indexterm>
 &nmap-usage;
 <indexterm class="endofrange" startref="nmap-usage-nmap-indexterm"/>
 <indexterm class="endofrange" startref="nmap-usage-indexterm"/>
 </para>
@@ -167,8 +171,8 @@ simplest case is to specify a target IP address or hostname for scanning.</para>
 <para>Sometimes you wish to scan a whole network of adjacent hosts.
 For this, Nmap supports CIDR-style addressing.
-<indexterm><primary>Classless Inter-Domain Routing (CIDR)</primary></indexterm>
+<indexterm><primary>CIDR (Classless Inter-Domain Routing)</primary></indexterm>
-You can append<indexterm><primary>CIDR addressing</primary></indexterm>
+You can append
 /<replaceable>numbits</replaceable> to an IP address or hostname and
 Nmap will scan every IP address for which the first
 <replaceable>numbits</replaceable> are the same as for the reference
@@ -252,9 +256,12 @@ you would expect.</para>
          some network administrators bristle at unauthorized scans of
          their networks and may complain.  Use this option at your
          own risk!  If you find yourself really bored one rainy
-          afternoon, try the command <command>nmap -sS -PS80 -iR 0 -p
+          afternoon, try the command
-          80</command> to locate random web servers for
+          <command>nmap -sS -PS80 -iR 0 -p 80</command>
-          browsing.</para>
+          <indexterm><primary><option>-sS</option></primary><secondary>example of</secondary></indexterm>
          <indexterm><primary><option>-PS</option></primary><secondary>example of</secondary></indexterm>
          <indexterm><primary><option>-iR</option></primary><secondary>example of</secondary></indexterm>
          to locate random web servers for browsing.</para>
        </listitem>
      </varlistentry>
@@ -262,7 +269,7 @@ you would expect.</para>
        <term>
          <option>--exclude
          &lt;host1[,host2][,host3],...&gt;</option> (Exclude hosts/networks)
-          <indexterm><primary><option>--exclude</option></primary></indexterm>
+          <indexterm significance="preferred"><primary><option>--exclude</option></primary></indexterm>
          <indexterm><primary>excluding targets</primary></indexterm>
        </term>
        <listitem>
@@ -280,7 +287,7 @@ you would expect.</para>
      <varlistentry>
        <term>
          <option>--excludefile &lt;exclude_file&gt;</option> (Exclude list from file)
-          <indexterm><primary><option>--excludefile</option></primary></indexterm>
+          <indexterm significance="preferred"><primary><option>--excludefile</option></primary></indexterm>
        </term>
        <listitem>
          <para>This offers the same functionality as the <option>--exclude</option>
@@ -347,7 +354,9 @@ you would expect.</para>
    ping types) can be combined.  You can increase your odds of
    penetrating strict firewalls by sending many probe types using
    different TCP ports/flags and ICMP codes.  Also note that ARP
-    discovery (<option>-PR</option>) is done by default against
+    discovery (<option>-PR</option>)
    <indexterm><primary><option>-PR</option></primary></indexterm>
    is done by default against
    targets on a local ethernet network even if you specify other
    <option>-P*</option> options, because it is almost always faster
    and more effective.</para>
@@ -368,7 +377,7 @@ you would expect.</para>
        <term>
        <option>-sL</option> (List Scan)
          <indexterm><primary><option>-sL</option></primary></indexterm>
-          <indexterm><primary>List scan</primary></indexterm>
+          <indexterm><primary>list scan</primary></indexterm>
        </term>
        <listitem>
          <para>The list scan is a degenerate form of host discovery
@@ -425,7 +434,9 @@ you would expect.</para>
           (using a <function>connect()</function> call) to port 80 on
           the target.  When a privileged user tries to scan targets
           on a local ethernet network, ARP requests
-           (<option>-PR</option>) are used unless
+           (<option>-PR</option>)
           <indexterm><primary><option>-PR</option></primary></indexterm>
           are used unless
           <option>--send-ip</option> was specified.
           The <option>-sP</option> option can be combined with any of the
           discovery probe types (the <option>-P*</option> options,
@@ -514,14 +525,14 @@ you would expect.</para>
          <para>On Unix boxes, only the privileged user
          <literal>root</literal>
-          <indexterm><primary>authorized (root) user</primary></indexterm>
+          <indexterm><primary>privileged users</primary></indexterm>
          is generally able to send and
          receive raw TCP packets.
          <indexterm><primary>raw packets</primary></indexterm>
          For unprivileged users, a
          workaround is automatically employed whereby the connect()
          system call is initiated against each target port.
-          <indexterm><primary>unprivileged users</primary><secondary>limitations on</secondary></indexterm>
+          <indexterm><primary>unprivileged users</primary><secondary>limitations of</secondary></indexterm>
          This has
          the effect of sending a SYN packet to the target host, in an
          attempt to establish a connection.  If connect() returns
@@ -573,7 +584,6 @@ you would expect.</para>
          approach takes up few resources on the firewall/router and
          is widely supported by hardware and software filters.  The
          Linux Netfilter/iptables
          <indexterm><primary>Netfilter</primary></indexterm>
          <indexterm><primary>iptables</primary></indexterm>
          firewall software offers the
          <option>--syn</option> convenience option to implement this
@@ -701,7 +711,7 @@ you would expect.</para>
        <term>
        <option>-PO [protolist]</option> (IP Protocol Ping)
          <indexterm><primary><option>-PO</option></primary></indexterm>
-          <indexterm><primary>IP Protocol ping</primary></indexterm>
+          <indexterm><primary>IP protocol ping</primary></indexterm>
        </term>
        <listitem>
@@ -772,7 +782,7 @@ you would expect.</para>
 <varlistentry>
 <term>
  <option>--traceroute</option> (Trace path to host)
-   <indexterm significance="normal"><primary><option>--traceroute</option></primary></indexterm>
+   <indexterm significance="preferred"><primary><option>--traceroute</option></primary></indexterm>
   <indexterm significance="normal"><primary>traceroute</primary></indexterm>
 </term>
 <listitem>
@@ -844,7 +854,7 @@ even if this option is not specified.
      <varlistentry>
        <term>
          <option>--system-dns</option> (Use system DNS resolver)
-          <indexterm><primary><option>--system-dns</option></primary></indexterm>
+          <indexterm significance="preferred"><primary><option>--system-dns</option></primary></indexterm>
        </term>
        <listitem>
@@ -866,7 +876,7 @@ even if this option is not specified.
        <term>
          <option>--dns-servers &lt;server1[,server2],...&gt;
          </option> (Servers to use for reverse DNS queries)
-          <indexterm><primary><option>--dns-servers</option></primary></indexterm>
+          <indexterm significance="preferred"><primary><option>--dns-servers</option></primary></indexterm>
        </term>
        <listitem>
@@ -1017,7 +1027,7 @@ determine that you need a strut spring compressor, then you still
 have to pay thousands of dollars for it.</para>
 <para>Most of the scan types are only available to privileged users.
-<indexterm><primary>authorized (root) users</primary></indexterm>
+<indexterm><primary>privileged users</primary></indexterm>
 This is because they send and receive raw packets,
 <indexterm><primary>raw packets</primary></indexterm>
 which requires root
@@ -1094,7 +1104,7 @@ error (type 3, code 1,2, 3, 9, 10, or 13) is received.</para>
        <term>
        <option>-sT</option> (TCP connect scan)
        <indexterm><primary><option>-sT</option></primary></indexterm>
-        <indexterm><primary>connect() scan</primary></indexterm>
+        <indexterm><primary>connect scan</primary></indexterm>
        </term>
        <listitem>
 <para>TCP connect scan is the default TCP scan type when SYN scan is
@@ -1131,7 +1141,7 @@ know that she has been connect scanned.</para>
      <varlistentry>
        <term>
        <option>-sU</option> (UDP scans)
-<indexterm><primary>-sU</primary></indexterm>
+<indexterm><primary><option>-sU</option></primary></indexterm>
 <indexterm><primary>UDP scan</primary></indexterm>
 </term>
        <listitem>
@@ -1189,7 +1199,7 @@ hosts.</para>
      <varlistentry>
        <term>
-        <option>-sN</option>; <option>-sF</option>; <option>-sX</option> (TCP Null, FIN, and Xmas scans)
+        <option>-sN</option>; <option>-sF</option>; <option>-sX</option> (TCP NULL, FIN, and Xmas scans)
 <indexterm><primary><option>-sN</option></primary></indexterm>
 <indexterm><primary><option>-sF</option></primary></indexterm>
 <indexterm><primary><option>-sX</option></primary></indexterm>
@@ -1286,7 +1296,7 @@ or 13), are labeled <literal>filtered</literal>.</para>
        <term>
        <option>-sW</option> (TCP Window scan)
 <indexterm><primary><option>-sW</option></primary></indexterm>
-<indexterm><primary>Window scan</primary></indexterm>
+<indexterm><primary>window scan</primary></indexterm>
 </term>
        <listitem>
@@ -1350,7 +1360,7 @@ canned scan types offered.  The <option>--scanflags</option> option allows
 you to design your own scan by specifying arbitrary TCP flags.
 <indexterm><primary>TCP flags</primary></indexterm>
 Let your creative juices flow, while evading intrusion detection systems
-<indexterm><primary>intrusion detection systems</primary><secondary>avoiding</secondary></indexterm>
+<indexterm><primary>intrusion detection systems</primary><secondary>evading</secondary></indexterm>
 whose vendors simply paged through the Nmap man page adding specific rules!</para>
 <para>The <option>--scanflags</option> argument can be a numerical
@@ -1442,7 +1452,7 @@ underlying scan engine as the true port scanning methods. So it is
 close enough to a port scan that it belongs here.</para>
 <para>Besides being useful in its own right, protocol scan
-demonstrates the power of open source software.  While the fundamental
+demonstrates the power of open-source software.  While the fundamental
 idea is pretty simple, I had not thought to add it nor received any
 requests for such functionality.  Then in the summer of 2000, Gerhard
 Rieger
@@ -1575,7 +1585,8 @@ way.</para>
          the port numbers are added to all protocol lists.</para>
-          <para><indexterm><primary>wildcards in port specifications</primary></indexterm>Ports can also be specified by name according to what the
+          <para><indexterm><primary>port specification</primary><secondary>wildcards in</secondary></indexterm>
          Ports can also be specified by name according to what the
          port is referred to in the <filename>nmap-services</filename>. You
          can even use the wildcards * and ? with the names. For example, to scan
          FTP and all ports whose names begin with http, use <option>-p ftp,http*</option>.
@@ -1592,7 +1603,7 @@ way.</para>
      <varlistentry>
        <term>
          <option>-F</option> (Fast (limited port) scan)
-          <indexterm><primary><option>-F</option></primary></indexterm>
+          <indexterm significance="preferred"><primary><option>-F</option></primary></indexterm>
        </term>
        <listitem>
          <para>Specifies that you only wish to scan
@@ -1604,7 +1615,10 @@ way.</para>
          (about 1650 ports) isn't dramatic.  The difference can be
          enormous if you specify your own tiny
          <filename>nmap-services</filename> file using the
-          <option>--servicedb</option> or <option>--datadir</option> options.</para>
+          <option>--servicedb</option> or <option>--datadir</option> options.
          <indexterm><primary><option>--servicedb</option></primary></indexterm>
          <indexterm><primary><option>--datadir</option></primary></indexterm>
          </para>
        </listitem>
      </varlistentry>
@@ -1811,7 +1825,7 @@ way.</para>
      <varlistentry>
        <term>
          <option>--version-trace</option> (Trace version scan activity)
-          <indexterm><primary><option>--version-trace</option></primary></indexterm>
+          <indexterm significance="preferred"><primary><option>--version-trace</option></primary></indexterm>
        </term>
        <listitem>
          <para>This causes Nmap to print out extensive debugging info
@@ -1823,8 +1837,10 @@ way.</para>
      <varlistentry>
        <term>
        <option>-sR</option> (RPC scan)
-          <indexterm><primary><option>-sR</option></primary></indexterm>
+          <indexterm significance="preferred"><primary><option>-sR</option></primary></indexterm>
-          <indexterm><primary>RPC scan</primary></indexterm></term>
+          <indexterm><primary>RPC scan</primary><see>RPC grinder</see></indexterm>
          <indexterm><primary>RPC grinder</primary></indexterm>
          </term>
        <listitem>
          <para>This method works in conjunction with the various port
@@ -1915,7 +1931,7 @@ way.</para>
      <varlistentry>
        <term>
          <option>-O</option> (Enable OS detection)
-          <indexterm><primary><option>-O</option></primary></indexterm>
+          <indexterm significance="preferred"><primary><option>-O</option></primary></indexterm>
        </term>
        <listitem>
@@ -1931,7 +1947,7 @@ way.</para>
        <term>
          <option>--osscan-limit</option> (Limit OS detection to
          promising targets)
-          <indexterm><primary><option>--osscan-limit</option></primary></indexterm>
+          <indexterm significance="preferred"><primary><option>--osscan-limit</option></primary></indexterm>
        </term>
        <listitem>
@@ -1947,8 +1963,8 @@ way.</para>
      <varlistentry>
        <term>
          <option>--osscan-guess</option>; <option>--fuzzy</option> (Guess OS detection results)
-          <indexterm><primary><option>--osscan-guess</option></primary></indexterm>
+          <indexterm significance="preferred"><primary><option>--osscan-guess</option></primary></indexterm>
-          <indexterm><primary><option>--fuzzy</option></primary><see>--osscan-guess</see></indexterm>
+          <indexterm><primary><option>--fuzzy</option></primary><see><option>--osscan-guess</option></see></indexterm>
        </term>
        <listitem>
@@ -1965,7 +1981,7 @@ way.</para>
      <varlistentry>
        <term>
          <option>--max-os-tries</option> (Set the maximum number of OS detection tries against a target)
-          <indexterm><primary><option>--max-os-tries</option></primary></indexterm>
+          <indexterm significance="preferred"><primary><option>--max-os-tries</option></primary></indexterm>
        </term>
        <listitem>
@@ -2106,7 +2122,7 @@ way.</para>
 	<variablelist>
      <varlistentry>
        <term><option>-sC</option>
-          <indexterm>
+          <indexterm significance="preferred">
            <primary><option>-sC</option></primary>
          </indexterm>
         </term>
@@ -2121,7 +2137,7 @@ way.</para>
      </varlistentry>
      <varlistentry>
-        <term><option>--script &lt;script-categories|directory|filename|all&gt;</option><indexterm><primary><option>--script</option></primary></indexterm></term>
+        <term><option>--script &lt;script-categories|directory|filename|all&gt;</option><indexterm significance="preferred"><primary><option>--script</option></primary></indexterm></term>
 <listitem>
 <para>Runs a script scan (like <option>-sC</option>) with the scripts you have chosen rather than the defaults.  Arguments can be script categories, single scripts or directories with scripts which are to be run against the target hosts instead of the default set. Nmap will try to interpret the arguments at first as categories and afterwards as files or directories.  Absolute paths are used as is, relative paths are searched in the following places until found:
@@ -2155,7 +2171,10 @@ categories.</para>
 </varlistentry>
 	  <varlistentry>
-        <term><option>--script-args &lt;name1=value1,name2={name3=value3},name4=value4&gt;</option><indexterm><primary><option>--script-args</option></primary></indexterm><indexterm>script arguments</indexterm></term>
+        <term><option>--script-args &lt;name1=value1,name2={name3=value3},name4=value4&gt;</option>
        <indexterm significance="preferred"><primary><option>--script-args</option></primary></indexterm>
        <indexterm><primary>script arguments</primary></indexterm>
        <indexterm><primary>script arguments</primary><seealso><option>--script-args</option></seealso></indexterm></term>
 <listitem>
 <para>lets you provide arguments to NSE scripts. Arguments are passed
@@ -2177,11 +2196,9 @@ script knows about its special argument.</para>
 </listitem>
 </varlistentry>
      <varlistentry>
        <term><option>--script-trace</option>
-          <indexterm><primary><option>--script-trace</option></primary></indexterm></term>
+          <indexterm significance="preferred"><primary><option>--script-trace</option></primary></indexterm></term>
        <listitem>
          <para>
@@ -2198,7 +2215,7 @@ script knows about its special argument.</para>
      <varlistentry>
        <term><option>--script-updatedb</option>
-        <indexterm><primary><option>--script-updatedb</option></primary></indexterm></term>
+        <indexterm significance="preferred"><primary><option>--script-updatedb</option></primary></indexterm></term>
        <listitem>
@@ -2485,7 +2502,7 @@ implements strict rate limiting.</para>
 <para>Another use of <option>--scan-delay</option> is to evade
 threshold based intrusion detection and prevention systems (IDS/IPS).
-<indexterm><primary>intrusion detection systems</primary><secondary>avoiding</secondary></indexterm>
+<indexterm><primary>intrusion detection systems</primary><secondary>evading</secondary></indexterm>
 </para>
        </listitem>
@@ -2526,7 +2543,9 @@ faster than a network can support may lead to a loss of accuracy. In
 some cases, using a faster rate can make a scan take
 <emphasis>longer</emphasis> than it would with a slower rate. This is
 because Nmap's adaptive
-retransmission<indexterm><primary>adaptive retransmission</primary></indexterm>
+retransmission
 <indexterm><primary>adaptive retransmission</primary><see>retransmission</see></indexterm>
 <indexterm><primary>retransmission</primary></indexterm>
 will detect the network congestion caused by an excessive scanning rate
 and increase the number of retransmissions in order to improve accuracy.
 So even though packets are sent at a higher rate, more packets are sent
@@ -2608,7 +2627,7 @@ The template names are <option>paranoid</option>&nbsp;(<option>0</option>),
 <option>insane</option>&nbsp;(<option>5</option>).
 <indexterm><primary><literal>insane</literal> (<option>-T5</option>) timing template</primary></indexterm>
 The first two are for IDS evasion.
-<indexterm><primary>intrusion detection systems</primary><secondary>avoiding</secondary></indexterm>
+<indexterm><primary>intrusion detection systems</primary><secondary>evading</secondary></indexterm>
 Polite mode slows down the scan to use less bandwidth
 and target machine resources.  Normal mode is the default and so
 <option>-T3</option> does nothing. Aggressive mode speeds scans up by
@@ -2689,7 +2708,7 @@ setting the maximum TCP scan delay to 5&nbsp;ms.</para>
  <refsect1 id='man-bypass-firewalls-ids'>
    <title>Firewall/IDS Evasion and Spoofing</title>
    <indexterm class="startofrange" id="man-bypass-filewalls-indexterm"><primary>firewalls</primary><secondary>bypassing</secondary></indexterm>
-    <indexterm class="startofrange" id="man-bypass-ids-indexterm"><primary>intrusion detection systems</primary><secondary>avoiding</secondary></indexterm>
+    <indexterm class="startofrange" id="man-bypass-ids-indexterm"><primary>intrusion detection systems</primary><secondary>evading</secondary></indexterm>
 <para>Many Internet pioneers envisioned a global open network with a
 universal IP address space allowing virtual connections between any
@@ -2757,8 +2776,8 @@ lists the relevant options and describes what they do.</para>
        <term>
          <option>-f</option> (fragment packets);
          <option>--mtu</option> (using the specified MTU)
-          <indexterm><primary><option>-f</option></primary></indexterm>
+          <indexterm significance="preferred"><primary><option>-f</option></primary></indexterm>
-          <indexterm><primary><option>--mtu</option></primary></indexterm>
+          <indexterm significance="preferred"><primary><option>--mtu</option></primary></indexterm>
        </term>
        <listitem>
@@ -2776,7 +2795,9 @@ lists the relevant options and describes what they do.</para>
          packets. Two with eight bytes of the TCP header, and one
          with the final four. Of course each fragment also has an
          IP header. Specify <option>-f</option> again to use 16 bytes per fragment
-          (reducing the number of fragments). Or you can specify
+          (reducing the number of fragments).
          <indexterm><primary><option>-f</option></primary><secondary>giving twice for small fragments</secondary></indexterm>
          Or you can specify
          your own offset size with the <option>--mtu</option> option. Don't also
          specify <option>-f</option> if you use <option>--mtu</option>. The offset must be a
          multiple of 8. While fragmented packets won't get by
@@ -2905,8 +2926,8 @@ lists the relevant options and describes what they do.</para>
        <term>
          <option>--source-port &lt;portnumber&gt;;</option>
          <option>-g &lt;portnumber&gt;</option> (Spoof source port number)
-          <indexterm><primary><option>--source-port</option></primary></indexterm>
+          <indexterm significance="preferred"><primary><option>--source-port</option></primary></indexterm>
-          <indexterm><primary><option>-g</option></primary></indexterm>
+          <indexterm significance="preferred"><primary><option>-g</option></primary></indexterm>
          <indexterm><primary>source port number</primary></indexterm>
        </term>
        <listitem>
@@ -2965,7 +2986,9 @@ support the option completely, as does UDP scan.</para>
          bytes and ICMP echo requests are just 28. This option
          tells Nmap to append the given number of random bytes to
          most of the packets it sends. OS detection (<option>-O</option>) packets
-          are not affected because accuracy there requires probe consistency, but most pinging and portscan packets
+          are not affected
          <indexterm><primary><option>--data-length</option></primary><secondary>no effect in OS detection</secondary></indexterm>
          because accuracy there requires probe consistency, but most pinging and portscan packets
          support this. It slows things down a little, but can make a scan slightly less
          conspicuous.</para>
        </listitem>
@@ -3006,9 +3029,9 @@ support the option completely, as does UDP scan.</para>
      options.  Simply pass the letter <literal>R</literal>,
      <literal>T</literal>, or <literal>U</literal> to request
      record-route,
-      <indexterm><primary>record-route IP option</primary></indexterm>
+      <indexterm><primary>record route IP option</primary></indexterm>
      record-timestamp,
-      <indexterm><primary>record-timestamp IP option</primary></indexterm>
+      <indexterm><primary>record timestamp IP option</primary></indexterm>
      or both options together,
      respectively.  Loose or strict source routing
      <indexterm><primary>source routing</primary></indexterm>
@@ -3041,7 +3064,7 @@ support the option completely, as does UDP scan.</para>
      <varlistentry>
        <term>
          <option>--randomize-hosts</option> (Randomize target host order)
-          <indexterm><primary><option>--randomize-hosts</option></primary></indexterm>
+          <indexterm significance="preferred"><primary><option>--randomize-hosts</option></primary></indexterm>
          <indexterm><primary>randomization of hosts</primary></indexterm>
        </term>
        <listitem>
@@ -3060,7 +3083,9 @@ support the option completely, as does UDP scan.</para>
          with a list scan (<option>-sL -n -oN
          <replaceable>filename</replaceable></option>), randomize it
          with a Perl script, then provide the whole list to Nmap with
-          <option>-iL</option>.</para>
+          <option>-iL</option>.
          <indexterm><primary><option>-iL</option></primary><secondary>randomizing hosts with</secondary></indexterm>
          </para>
        </listitem>
      </varlistentry>
@@ -3068,7 +3093,7 @@ support the option completely, as does UDP scan.</para>
        <term>
          <option>--spoof-mac &lt;MAC address, prefix, or vendor
          name&gt;</option> (Spoof MAC address)
-        <indexterm><primary><option>--spoof-mac</option></primary></indexterm>
+        <indexterm significance="preferred"><primary><option>--spoof-mac</option></primary></indexterm>
        <indexterm><primary>spoofing MAC address</primary></indexterm>
        </term>
        <listitem>
@@ -3090,7 +3115,7 @@ support the option completely, as does UDP scan.</para>
  (it is case insensitive).  If a match is found, Nmap uses the
  vendor's OUI (3-byte prefix)
  <indexterm><primary>organizationally unique identifier (OUI)</primary></indexterm>
-  <indexterm><primary>organizationally unique identifier (OUI)</primary><seealso><filename>nmap-max-prefixes</filename></seealso></indexterm>
+  <indexterm><primary>organizationally unique identifier (OUI)</primary><seealso><filename>nmap-mac-prefixes</filename></seealso></indexterm>
  and fills out the remaining 3 bytes
  randomly.  Valid <option>--spoof-mac</option> argument examples are <literal>Apple</literal>, <literal>0</literal>,
  <literal>01:02:03:04:05:06</literal>, <literal>deadbeefcafe</literal>, <literal>0020F2</literal>, and <literal>Cisco</literal>.  This option only affects raw packet scans such as SYN scan or OS detection, not connection-oriented features such as version detection or the Nmap Scripting Engine.</para>
@@ -3359,7 +3384,7 @@ format is available
     <varlistentry>
        <term>
        <option>-oA &lt;basename&gt;</option> (Output to all formats)
-           <indexterm><primary><option>-oA</option></primary></indexterm></term>
+           <indexterm significance="preferred"><primary><option>-oA</option></primary></indexterm></term>
       <listitem><para>
           As a convenience, you may specify <option>-oA
@@ -3501,7 +3526,7 @@ overwhelming requests.  Specify <option>--open</option> to only see
      <varlistentry>
        <term>
          <option>--log-errors</option> (Log errors/warnings to normal mode output file)
-          <indexterm><primary><option>--log-errors</option></primary></indexterm>
+          <indexterm significance="preferred"><primary><option>--log-errors</option></primary></indexterm>
        </term>
        <listitem>
@@ -3588,7 +3613,7 @@ overwhelming requests.  Specify <option>--open</option> to only see
      <varlistentry>
        <term>
          <option>--stylesheet &lt;path or URL&gt;</option> (Set XSL stylesheet to transform XML output)
-          <indexterm><primary><option>--stylesheet</option></primary></indexterm>
+          <indexterm significance="preferred"><primary><option>--stylesheet</option></primary></indexterm>
        </term>
        <listitem>
@@ -3599,7 +3624,7 @@ overwhelming requests.  Specify <option>--open</option> to only see
          named <filename>nmap.xsl</filename>
          <indexterm><primary><filename>nmap.xsl</filename></primary></indexterm>
          for viewing or translating XML output to HTML.
-          <indexterm><primary>HTML</primary><secondary>from XML output</secondary></indexterm>
+          <indexterm><primary>HTML from XML output</primary></indexterm>
          The XML output includes an <literal>xml-stylesheet</literal>
          directive which points to <filename>nmap.xml</filename>
          where it was initially installed by Nmap (or in the current
@@ -3626,19 +3651,19 @@ overwhelming requests.  Specify <option>--open</option> to only see
      <varlistentry>
        <term>
          <option>--webxml</option> (Load stylesheet from Nmap.Org)
-          <indexterm><primary><option>--webxml</option></primary></indexterm>
+          <indexterm significance="preferred"><primary><option>--webxml</option></primary></indexterm>
        </term>
        <listitem>
          <para>This convenience option is simply an alias for
-          <option>--stylesheet http://nmap.org/data/nmap.xsl</option>.</para>
+          <option significance="preferred">--stylesheet http://nmap.org/data/nmap.xsl</option>.</para>
        </listitem>
      </varlistentry>
      <varlistentry>
        <term>
-          <option>--no-stylesheet</option> (Omit XSL stylesheet declaration from XML)
+          <option significance="preferred">--no-stylesheet</option> (Omit XSL stylesheet declaration from XML)
-          <indexterm><primary><option>--no-stylesheet</option></primary></indexterm>
+          <indexterm significance="preferred"><primary><option>--no-stylesheet</option></primary></indexterm>
        </term>
        <listitem>
@@ -3663,7 +3688,7 @@ overwhelming requests.  Specify <option>--open</option> to only see
      <varlistentry>
        <term>
          <option>-6</option> (Enable IPv6 scanning)
-          <indexterm><primary><option>-6</option></primary></indexterm>
+          <indexterm significance="preferred"><primary><option>-6</option></primary></indexterm>
          <indexterm><primary>IPv6</primary></indexterm>
        </term>
        <listitem>
@@ -3710,7 +3735,9 @@ overwhelming requests.  Specify <option>--open</option> to only see
          stands for yet. Presently this enables OS detection
          (<option>-O</option>), version scanning (<option>-sV</option>),
 	  script scanning (<option>-sC</option>) and 
-	  traceroute (<option>--traceroute</option>). More features may be
+	  traceroute (<option>--traceroute</option>).
          <indexterm><primary><option>-A</option></primary><secondary>features enabled by</secondary></indexterm>
          More features may be
          added in the future. The point is to enable a
          comprehensive set of scan options without people having
          to remember a large set of flags. However, because script
@@ -3725,7 +3752,7 @@ overwhelming requests.  Specify <option>--open</option> to only see
      <varlistentry>
        <term>
          <option>--datadir &lt;directoryname&gt;</option> (Specify custom Nmap data file location)
-          <indexterm><primary><option>--datadir</option></primary></indexterm>
+          <indexterm significance="preferred"><primary><option>--datadir</option></primary></indexterm>
        </term>
        <listitem>
@@ -3738,6 +3765,8 @@ overwhelming requests.  Specify <option>--open</option> to only see
          <filename>nmap-os-db</filename>.  If the
          location of any of these files has been specified (using the
          <option>--servicedb</option> or <option>--versiondb</option> options),
          <indexterm><primary><option>--servicedb</option></primary></indexterm>
          <indexterm><primary><option>--versiondb</option></primary></indexterm>
          that location is used for that file. After that, Nmap
          searches these files in the directory specified with the
          <option>--datadir</option> option (if any). Any files not
@@ -3756,7 +3785,7 @@ overwhelming requests.  Specify <option>--open</option> to only see
      <varlistentry>
        <term>
          <option>--servicedb &lt;services file&gt;</option> (Specify custom services file)
-          <indexterm significance="normal"><primary><option>--servicedb</option></primary></indexterm>
+          <indexterm significance="preferred"><primary><option>--servicedb</option></primary></indexterm>
        </term>
        <listitem>
@@ -3772,7 +3801,7 @@ overwhelming requests.  Specify <option>--open</option> to only see
      <varlistentry>
        <term>
          <option>--versiondb &lt;service probes file&gt;</option> (Specify custom service probes file)
-          <indexterm significance="normal"><primary><option>--versiondb</option></primary></indexterm>
+          <indexterm significance="preferred"><primary><option>--versiondb</option></primary></indexterm>
        </term>
        <listitem>
@@ -3787,7 +3816,7 @@ overwhelming requests.  Specify <option>--open</option> to only see
      <varlistentry>
        <term>
          <option>--send-eth</option> (Use raw ethernet sending)
-          <indexterm><primary><option>--send-eth</option></primary></indexterm>
+          <indexterm significance="preferred"><primary><option>--send-eth</option></primary></indexterm>
        </term>
        <listitem>
@@ -3809,7 +3838,7 @@ overwhelming requests.  Specify <option>--open</option> to only see
      <varlistentry>
        <term>
          <option>--send-ip</option> (Send at raw IP level)
-          <indexterm><primary><option>--send-ip</option></primary></indexterm>
+          <indexterm significance="preferred"><primary><option>--send-ip</option></primary></indexterm>
        </term>
        <listitem>
@@ -3823,14 +3852,15 @@ overwhelming requests.  Specify <option>--open</option> to only see
      <varlistentry>
        <term>
          <option>--privileged</option> (Assume that the user is fully privileged)
-          <indexterm><primary><option>--privileged</option></primary></indexterm>
+          <indexterm significance="preferred"><primary><option>--privileged</option></primary></indexterm>
        </term>
        <listitem>
          <para>Tells Nmap to simply assume that it is privileged
          enough to perform raw socket sends, packet sniffing, and
          similar operations that usually require root privileges
-          <indexterm><primary>authorized (root) users</primary></indexterm>
+          <indexterm><primary>privileged users</primary></indexterm>
          <indexterm><primary>authorized users</primary><see>privileged users</see></indexterm>
          on Unix systems. By default Nmap quits if such operations are
          requested but geteuid() is not
          zero. <option>--privileged</option> is useful with Linux
@@ -3839,7 +3869,7 @@ overwhelming requests.  Specify <option>--open</option> to only see
          scans. Be sure to provide this option flag before any flags
          for options that require privileges (SYN scan, OS detection,
          etc.). The <envar>NMAP_PRIVILEGED</envar> environmental variable
-          <indexterm><primary><envar>NMAP_PRIVILEGED</envar></primary></indexterm>
+          <indexterm><primary><envar>NMAP_PRIVILEGED</envar> environment variable</primary></indexterm>
          may be set as an equivalent alternative to
          <option>--privileged</option>.</para>
        </listitem>
@@ -3848,7 +3878,8 @@ overwhelming requests.  Specify <option>--open</option> to only see
      <varlistentry>
        <term>
          <option>--unprivileged</option> (Assume that the user lacks raw socket privileges)
-          <indexterm><primary><option>--unprivileged</option></primary></indexterm>
+          <indexterm significance="preferred"><primary><option>--unprivileged</option></primary></indexterm>
          <indexterm><primary>unprivileged users</primary></indexterm>
        </term>
        <listitem>
@@ -3860,7 +3891,7 @@ overwhelming requests.  Specify <option>--open</option> to only see
          This is useful for testing, debugging, or when the raw
          network functionality of your operating system is somehow
          broken. The <envar>NMAP_UNPRIVILEGED</envar> environmental variable
-          <indexterm><primary><envar>NMAP_UNPRIVILEGED</envar></primary></indexterm>
+          <indexterm><primary><envar>NMAP_UNPRIVILEGED</envar> environment variable</primary></indexterm>
          may be set as an equivalent alternative to
          <option>--unprivileged</option>.</para>
@@ -3888,6 +3919,7 @@ overwhelming requests.  Specify <option>--open</option> to only see
        <term>
          <option>--interactive</option> (Start in interactive mode)
          <indexterm><primary><option>--interactive</option></primary></indexterm>
          <indexterm><primary><option>interactive mode</option></primary></indexterm>
        </term>
        <listitem>
@@ -3903,7 +3935,7 @@ overwhelming requests.  Specify <option>--open</option> to only see
          are usually more familiar and feature-complete.  This option
          includes a bang (!) operator for executing shell commands,
          which is one of many reasons not to install Nmap setuid root.
-          <indexterm><primary>setuid</primary></indexterm>
+          <indexterm><primary>setuid, why Nmap shouldn't be</primary></indexterm>
          </para>
        </listitem>
      </varlistentry>
@@ -4039,7 +4071,6 @@ overwhelming requests.  Specify <option>--open</option> to only see
    running. This requires root privileges because of the SYN scan
    and OS detection.</para>
    <para>
      <indexterm><primary><option>-sV</option></primary><secondary>example of</secondary></indexterm>
      <indexterm><primary><option>-p</option></primary><secondary>example of</secondary></indexterm>
      <command>nmap -sV -p 22,53,110,143,4564
      198.116.0-255.1-127</command>
@@ -4067,7 +4098,6 @@ overwhelming requests.  Specify <option>--open</option> to only see
    <para>
      <indexterm><primary><option>-PN</option></primary><secondary>example of</secondary></indexterm>
      <indexterm><primary><option>-p</option></primary><secondary>example of</secondary></indexterm>
      <indexterm><primary><option>-oX</option></primary><secondary>example of</secondary></indexterm>
      <indexterm><primary><option>-oG</option></primary><secondary>example of</secondary></indexterm>
      <command>nmap -PN -p80 -oX logs/pb-port80scan.xml -oG
@@ -4080,7 +4110,7 @@ overwhelming requests.  Specify <option>--open</option> to only see
  <refsect1 id='man-bugs'>
    <title>Bugs</title>
-    <indexterm><primary>bugs</primary></indexterm>
+    <indexterm><primary>bugs, reporting</primary></indexterm>
    <para>Like its author, Nmap isn't perfect.  But you can help make
    it better by sending bug reports or even writing patches.  If Nmap
--- a/docs/scripting.xml
+++ b/docs/scripting.xml
@@ -223,7 +223,7 @@ Nmap finished: 1 IP address (1 host up) scanned in 0.907 seconds
     <variablelist>
        <varlistentry>
          <term>
-            <indexterm><primary><literal>safe</literal></primary> script category</indexterm>
+            <indexterm><primary><literal>safe</literal> script category</primary></indexterm>
            <option>safe</option>
          </term>
          <listitem>
@@ -242,7 +242,7 @@ Nmap finished: 1 IP address (1 host up) scanned in 0.907 seconds
        <varlistentry>
          <term>
-            <indexterm><primary><literal>intrusive</literal></primary> script category</indexterm>
+            <indexterm><primary><literal>intrusive</literal> script category</primary></indexterm>
            <option>intrusive</option>
          </term>
          <listitem>
@@ -257,7 +257,7 @@ Nmap finished: 1 IP address (1 host up) scanned in 0.907 seconds
        <varlistentry>
          <term>
-            <indexterm><primary><literal>malware</literal></primary> script category</indexterm>
+            <indexterm><primary><literal>malware</literal> script category</primary></indexterm>
            <option>malware</option>
          </term>
          <listitem>
@@ -268,8 +268,8 @@ Nmap finished: 1 IP address (1 host up) scanned in 0.907 seconds
        <varlistentry>
          <term>
-            <indexterm><primary><literal>version</literal></primary> script category</indexterm>
+            <indexterm><primary><literal>version</literal> script category</primary></indexterm>
-            <indexterm><primary>version detection</primary><seealso><literal>version</literal> script caetgory</seealso></indexterm>
+            <indexterm><primary>version detection</primary><seealso><literal>version</literal> script category</seealso></indexterm>
            <option>version</option>
          </term>
          <listitem>
@@ -285,7 +285,7 @@ Nmap finished: 1 IP address (1 host up) scanned in 0.907 seconds
        <varlistentry>
          <term>
-            <indexterm><primary><literal>discovery</literal></primary> script category</indexterm>
+            <indexterm><primary><literal>discovery</literal> script category</primary></indexterm>
            <option>discovery</option>
          </term>
          <listitem>
@@ -297,7 +297,7 @@ Nmap finished: 1 IP address (1 host up) scanned in 0.907 seconds
        <varlistentry>
          <term>
-            <indexterm><primary><literal>vuln</literal></primary> script category</indexterm>
+            <indexterm><primary><literal>vuln</literal> script category</primary></indexterm>
            <option>vuln</option>
          </term>
          <listitem>
@@ -308,7 +308,7 @@ Nmap finished: 1 IP address (1 host up) scanned in 0.907 seconds
        <varlistentry>
          <term>
-            <indexterm><primary><literal>auth</literal></primary> script category</indexterm>
+            <indexterm><primary><literal>auth</literal> script category</primary></indexterm>
            <option>auth</option>
          </term>
          <listitem>
@@ -319,7 +319,7 @@ Nmap finished: 1 IP address (1 host up) scanned in 0.907 seconds
        <varlistentry>
          <term>
-            <indexterm><primary><literal>default</literal></primary> script category</indexterm>
+            <indexterm><primary><literal>default</literal> script category</primary></indexterm>
            <option>default</option>
          </term>
          <listitem>
@@ -410,7 +410,7 @@ will try to interpret the arguments at first as categories and afterwards
 as files or directories.  Absolute paths are used as is, relative paths are
 searched in the following places until found:
 <indexterm><primary>data files</primary><secondary>directory search order</secondary></indexterm>
-<indexterm><primary>scripts</primary><secondary>location of</secondary></indexterm>
+<indexterm><primary>scripts, location of</primary></indexterm>
 <filename>--datadir/</filename>; 
 <indexterm><primary><envar>NMAPDIR</envar> environment variable</primary></indexterm>
 <filename>$NMAPDIR/</filename>; 
@@ -528,6 +528,7 @@ categories.</para>
 	Simple script scan.
      </para>
      <para>
        <indexterm><primary><option>-sC</option></primary><secondary>example of</secondary></indexterm>
        <userinput> 
 	  $ nmap -sC hostname
      </userinput>
@@ -588,7 +589,7 @@ categories.</para>
    <sect2 id="nse-format-license">
      <title><literal>license</literal> Field </title>
      <indexterm><primary><varname>license</varname> script variable</primary></indexterm>
-      <indexterm><primary>license of scripts</primary></indexterm>
+      <indexterm><primary>copyright</primary><secondary>of scripts</secondary></indexterm>
      <para>Nmap is a community project and we welcome all sorts of
      code contributions, including NSE scripts.  So if you write a
@@ -1972,7 +1973,9 @@ if(s) code_to_be_done_on_match end
 	    <term><option>host.mac_addr</option>
 	      </term>
 	    <listitem>
-	      <para>MAC address of the destination host (6-byte long binary
+	      <para>MAC address
                  <indexterm><primary>MAC address</primary></indexterm>
                  of the destination host (6-byte long binary
 		  string) or <literal>nil</literal>, if the host is not directly connected. 
 		  </para>
 	    </listitem>
@@ -2769,7 +2772,7 @@ nmap.get_port_state({ip="127.0.0.1"}, {number="80", protocol="tcp"})
 	  raw packet network I/O. The greater flexibility comes, however, at
 	  the cost of a slightly more complex API. Receiving raw packets is
 	  accomplished via a wrapper around Libpcap
-          <indexterm><primary>Libpcap</primary></indexterm>
+          <indexterm><primary>libpcap</primary></indexterm>
          inside the Nsock library.
          <indexterm><primary>Nsock</primary></indexterm>
          In order to keep the
@@ -3320,7 +3323,7 @@ local localip, localport  = client_service:get_info()
      </para>
      <para>
-        <indexterm><primary><varname>action</varname> NSE variable</primary></indexterm>
+        <indexterm><primary><varname>action</varname> script variable</primary></indexterm>
 	<programlisting>
 action = function(host, port)
 local owner = ""
@@ -3474,7 +3477,6 @@ end
    </para>
    <para>
 	This is what the output of this script looks like:
        <indexterm><primary><option>-sV</option></primary><secondary>example of</secondary></indexterm>
      <screen>
 $ ./nmap -sV localhost -p 80