PenTest/nmap
1
0
Fork 0
mirror of https://github.com/nmap/nmap.git synced 2026-01-29 09:39:03 +00:00
Code Issues Projects Releases Wiki Activity

NSE re-categorization

Browse Source 
* Merge the "backdoor" category into "malware"
* Add "auth" for authentication credential determination
* Rename "vulnerability" to "vuln"
* Place 12 scripts into their correct categories
This commit is contained in:
kris
2008-06-21 06:34:03 +00:00
parent 30d60b97ed
commit ac5138b975
15 changed files with 120 additions and 93 deletions
Download Patch File Download Diff File Expand all files Collapse all files

20
docs/refguide.xml
View File

@@ -1893,18 +1893,26 @@ way.</para>
</para>
<para>
<emphasis>Malware-detection</emphasis> (categories
<literal>malware</literal> and <literal>backdoor</literal>)- Both attackers
<emphasis>Malware-detection</emphasis> (category <literal>malware</literal>)&mdash;Both attackers
and worms often leave backdoors&mdash;be it in form of SMTP-servers listening on
uncommon ports mostly used by spammers for mail relay, or in form of an
FTP-server giving crackers access to critical data. A few lines of Lua code
can help to identify those loopholes easily.
</para>
<para>
<emphasis>Vulnerability Detection</emphasis> (category
<literal>vulnerability</literal>)- NSE's capacity in detecting risks ranges
from checking for default passwords on Apache distributions to testing
whether a SMTP-server supports relaying mail from arbitrary domains.
<literal>vuln</literal>)&mdash;NSE's capacity in detecting risks ranges
from testing whether an SMTP server supports relaying mail from arbitrary
domains to testing whether an HTTP server is vulnerable to directory
traversal attacks.
</para>
<para>
<emphasis>Determination of Authentication Credentials</emphasis> (category
<literal>auth</literal>)&mdash;NSE can be used for determining authentication
credentials on the target's services, with a common method being brute-force
attack.
</para>
<para>
@@ -1918,7 +1926,7 @@ way.</para>
available NFS/SMB/RPC shares, the number of channels of an irc-network or
currently logged on users.
</para>
<para>
To reflect those different uses and to simplify the choice of which
scripts to run, each script contains a field associating it with one or more