mirror of
https://github.com/nmap/nmap.git
synced 2025-12-16 20:59:02 +00:00
Canonicalize capitalization of protocol names. Generally we use capitalized forms in probes. When quoting from Nmap output we use whatever Nmap uses and enclose it in <literal> or similar tags.
This commit is contained in:
david
@@ -631,7 +631,7 @@ you would expect.</para>
|
|||||||
services simply ignore the empty packet and fail to return
|
services simply ignore the empty packet and fail to return
|
||||||
any response. This is why the default probe port is 31338,
|
any response. This is why the default probe port is 31338,
|
||||||
which is highly unlikely to be in use. A few services, such
|
which is highly unlikely to be in use. A few services, such
|
||||||
as chargen, will respond to an empty UDP packet, and thus
|
as the Character Generator (chargen) protocol, will respond to an empty UDP packet, and thus
|
||||||
disclose to Nmap that the machine is available.</para>
|
disclose to Nmap that the machine is available.</para>
|
||||||
|
|
||||||
<para>The primary advantage of this scan type is that it
|
<para>The primary advantage of this scan type is that it
|
||||||
@@ -915,7 +915,7 @@ even if this option is not specified.
|
|||||||
<para>These states are not intrinsic
|
<para>These states are not intrinsic
|
||||||
properties of the port itself, but describe how Nmap sees them. For
|
properties of the port itself, but describe how Nmap sees them. For
|
||||||
example, an Nmap scan from the same network as the target may show
|
example, an Nmap scan from the same network as the target may show
|
||||||
port 135/tcp as open, while a scan at the same time with the same
|
port <literal>135/tcp</literal> as open, while a scan at the same time with the same
|
||||||
options from across the Internet might show that port as <literal>filtered</literal>.</para>
|
options from across the Internet might show that port as <literal>filtered</literal>.</para>
|
||||||
|
|
||||||
<variablelist><title>The six port states recognized by Nmap</title>
|
<variablelist><title>The six port states recognized by Nmap</title>
|
||||||
@@ -1575,7 +1575,7 @@ way.</para>
|
|||||||
Ports can also be specified by name according to what the
|
Ports can also be specified by name according to what the
|
||||||
port is referred to in the <filename>nmap-services</filename>. You
|
port is referred to in the <filename>nmap-services</filename>. You
|
||||||
can even use the wildcards * and ? with the names. For example, to scan
|
can even use the wildcards * and ? with the names. For example, to scan
|
||||||
FTP and all ports whose names begin with http, use <option>-p ftp,http*</option>.
|
FTP and all ports whose names begin with <quote>http</quote>, use <option>-p ftp,http*</option>.
|
||||||
Be careful about shell expansions and quote the argument to <option>-p</option> if unsure.</para>
|
Be careful about shell expansions and quote the argument to <option>-p</option> if unsure.</para>
|
||||||
|
|
||||||
<para>Ranges of ports can be surrounded by square brackets to indicate
|
<para>Ranges of ports can be surrounded by square brackets to indicate
|
||||||
@@ -1634,7 +1634,7 @@ way.</para>
|
|||||||
|
|
||||||
|
|
||||||
<para>Point Nmap at a remote machine and it might tell you
|
<para>Point Nmap at a remote machine and it might tell you
|
||||||
that ports 25/tcp, 80/tcp, and 53/udp are open. Using its
|
that ports <literal>25/tcp</literal>, <literal>80/tcp</literal>, and <literal>53/udp</literal> are open. Using its
|
||||||
<filename>nmap-services</filename><indexterm><primary><filename>nmap-services</filename></primary></indexterm>
|
<filename>nmap-services</filename><indexterm><primary><filename>nmap-services</filename></primary></indexterm>
|
||||||
database of about 2,200
|
database of about 2,200
|
||||||
well-known services,<indexterm><primary>well-known ports</primary></indexterm>
|
well-known services,<indexterm><primary>well-known ports</primary></indexterm>
|
||||||
@@ -1664,7 +1664,7 @@ way.</para>
|
|||||||
database contains probes
|
database contains probes
|
||||||
for querying various services and match expressions to recognize
|
for querying various services and match expressions to recognize
|
||||||
and parse responses. Nmap tries to determine the service protocol
|
and parse responses. Nmap tries to determine the service protocol
|
||||||
(e.g. FTP, SSH, telnet, HTTP), the application name (e.g. ISC
|
(e.g. FTP, SSH, Telnet, HTTP), the application name (e.g. ISC
|
||||||
BIND, Apache httpd, Solaris telnetd), the version number,
|
BIND, Apache httpd, Solaris telnetd), the version number,
|
||||||
hostname, device type (e.g. printer, router), the OS family
|
hostname, device type (e.g. printer, router), the OS family
|
||||||
(e.g. Windows, Linux) and sometimes miscellaneous details like
|
(e.g. Windows, Linux) and sometimes miscellaneous details like
|
||||||
|
|||||||
@@ -1223,7 +1223,7 @@ if(s) code_to_be_done_on_match end
|
|||||||
determined by Nmap's version scan or (if no version
|
determined by Nmap's version scan or (if no version
|
||||||
scan information is available) the service assigned
|
scan information is available) the service assigned
|
||||||
to the port in <filename>nmap-services</filename>
|
to the port in <filename>nmap-services</filename>
|
||||||
(e.g. "http" for TCP port 80).
|
(e.g. <literal>"http"</literal> for TCP port 80).
|
||||||
</para>
|
</para>
|
||||||
</listitem>
|
</listitem>
|
||||||
</varlistentry>
|
</varlistentry>
|
||||||
@@ -1654,7 +1654,7 @@ if(s) code_to_be_done_on_match end
|
|||||||
is used to provide the minimum number of bytes required for a read. <literal>lines</literal>
|
is used to provide the minimum number of bytes required for a read. <literal>lines</literal>
|
||||||
does the same, but for the minimum number of lines. If neither are provided, these
|
does the same, but for the minimum number of lines. If neither are provided, these
|
||||||
functions attempt to read as many bytes as are available. <literal>proto</literal>
|
functions attempt to read as many bytes as are available. <literal>proto</literal>
|
||||||
is used to set the protocol to communicate with, defaulting to "tcp" if not provided.
|
is used to set the protocol to communicate with, defaulting to <literal>"tcp"</literal> if not provided.
|
||||||
<literal>timeout</literal> is used to set the socket timeout (see the socket function
|
<literal>timeout</literal> is used to set the socket timeout (see the socket function
|
||||||
<literal>set_timeout()</literal> for details).
|
<literal>set_timeout()</literal> for details).
|
||||||
</para>
|
</para>
|
||||||
@@ -1809,7 +1809,7 @@ if(s) code_to_be_done_on_match end
|
|||||||
<literal>tcp{}</literal> and <literal>udp{}</literal>.
|
<literal>tcp{}</literal> and <literal>udp{}</literal>.
|
||||||
<literal>tcp{}</literal> contains services indexed by TCP port
|
<literal>tcp{}</literal> contains services indexed by TCP port
|
||||||
numbers. <literal>udp{}</literal> is the same, but for UDP.
|
numbers. <literal>udp{}</literal> is the same, but for UDP.
|
||||||
You can pass "tcp" or "udp" as an argument to
|
You can pass <literal>"tcp"</literal> or <literal>"udp"</literal> as an argument to
|
||||||
<literal>parse_services()</literal> to only get the corresponding
|
<literal>parse_services()</literal> to only get the corresponding
|
||||||
table. If <literal>bool</literal> is false, an error message is
|
table. If <literal>bool</literal> is false, an error message is
|
||||||
returned as the second value instead of the table.
|
returned as the second value instead of the table.
|
||||||
@@ -2099,7 +2099,7 @@ if(s) code_to_be_done_on_match end
|
|||||||
<listitem>
|
<listitem>
|
||||||
<para>
|
<para>
|
||||||
Defines the protocol of the port. Valid values are
|
Defines the protocol of the port. Valid values are
|
||||||
<literal>tcp</literal> and <literal>udp</literal>.
|
<literal>"tcp"</literal> and <literal>"udp"</literal>.
|
||||||
</para>
|
</para>
|
||||||
</listitem>
|
</listitem>
|
||||||
</varlistentry>
|
</varlistentry>
|
||||||
@@ -2161,7 +2161,7 @@ if(s) code_to_be_done_on_match end
|
|||||||
|
|
||||||
<row>
|
<row>
|
||||||
<entry><literal>service_tunnel</literal></entry>
|
<entry><literal>service_tunnel</literal></entry>
|
||||||
<entry>Contains the string <literal>none</literal> or <literal>ssl</literal> based on whether or not Nmap used SSL tunneling to detect the service.</entry>
|
<entry>Contains the string <literal>"none"</literal> or <literal>"ssl"</literal> based on whether or not Nmap used SSL tunneling to detect the service.</entry>
|
||||||
</row>
|
</row>
|
||||||
|
|
||||||
<row>
|
<row>
|
||||||
@@ -3627,7 +3627,7 @@ end
|
|||||||
simple pattern matching syntax. Some protocols require a more
|
simple pattern matching syntax. Some protocols require a more
|
||||||
complex approach, and a generalized scripting language is
|
complex approach, and a generalized scripting language is
|
||||||
perfect for this. Skype v2 is one such protocol. It pretends to
|
perfect for this. Skype v2 is one such protocol. It pretends to
|
||||||
be an http server, requiring multiple queries to determine its
|
be an HTTP server, requiring multiple queries to determine its
|
||||||
true nature. NSE has been integrated into Nmap's version
|
true nature. NSE has been integrated into Nmap's version
|
||||||
detection framework to handle these cases. The scripts which
|
detection framework to handle these cases. The scripts which
|
||||||
extend the version scanner belong to the reserved category
|
extend the version scanner belong to the reserved category
|
||||||
@@ -3637,10 +3637,10 @@ end
|
|||||||
version scan. The following listing shows a simple script which
|
version scan. The following listing shows a simple script which
|
||||||
demonstrates the use of the NSE version detection API. If either
|
demonstrates the use of the NSE version detection API. If either
|
||||||
the TCP port 80 is open or the service has been determined to be
|
the TCP port 80 is open or the service has been determined to be
|
||||||
http, the script is triggered. Although it could be extended to
|
HTTP, the script is triggered. Although it could be extended to
|
||||||
recognize different http servers, its only purpose is to show off
|
recognize different HTTP servers, its only purpose is to show off
|
||||||
the version detection API. It is not advisable to use NSE for
|
the version detection API. It is not advisable to use NSE for
|
||||||
version detection in the simple case of http servers. The
|
version detection in the simple case of HTTP servers. The
|
||||||
version detection variables have been filled with dummy entries
|
version detection variables have been filled with dummy entries
|
||||||
to illustrate their effect on the Nmap output.</para>
|
to illustrate their effect on the Nmap output.</para>
|
||||||
|
|
||||||
@@ -3786,7 +3786,7 @@ require "shortport"
|
|||||||
</programlisting>
|
</programlisting>
|
||||||
|
|
||||||
<para>We want to run the script against the finger service. So we
|
<para>We want to run the script against the finger service. So we
|
||||||
test whether it is using the well-known finger port (79/tcp), or
|
test whether it is using the well-known finger port (<literal>79/tcp</literal>), or
|
||||||
whether the service is named <quote>finger</quote> based on version
|
whether the service is named <quote>finger</quote> based on version
|
||||||
detection results or in the port number's listing
|
detection results or in the port number's listing
|
||||||
in <filename>nmap-services</filename>.</para>
|
in <filename>nmap-services</filename>.</para>
|
||||||
|
|||||||
Reference in New Issue
Block a user