mirror of
https://github.com/nmap/nmap.git
synced 2025-12-09 14:11:29 +00:00
ac5138b975
* Merge the "backdoor" category into "malware" * Add "auth" for authentication credential determination * Rename "vulnerability" to "vuln" * Place 12 scripts into their correct categories
36 lines
649 B
Lua
36 lines
649 B
Lua
id = "Unexpected SMTP"
|
|
|
|
description = "\
|
|
If smtp is running on a strange port\
|
|
there be a backdoor set up by crackers to send spam\
|
|
or even control your machine."
|
|
|
|
author = "Diman Todorov <diman.todorov@gmail.com>"
|
|
|
|
license = "Same as Nmap--See http://nmap.org/book/man-legal.html"
|
|
|
|
categories = {"malware"}
|
|
|
|
portrule = function(host, port)
|
|
if
|
|
( port.number ~= 25
|
|
and
|
|
port.number ~= 465
|
|
and
|
|
port.number ~= 587
|
|
and
|
|
port.service == "smtp" )
|
|
and port.protocol == "tcp"
|
|
and port.state == "open"
|
|
then
|
|
return true
|
|
else
|
|
return false
|
|
end
|
|
end
|
|
|
|
action = function()
|
|
return "Warning: smtp is running on a strange port"
|
|
end
|
|
|