blob: 7613d638038e4e3d358a845005699f5d057c9b76 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
|
description = [[
Checks if SMTP is running on a non-standard port.
This may indicate that crackers or script kiddies have set up a backdoor on the
system to send spam or control the machine.
]]
---
-- @output
-- 22/tcp open smtp
-- |_ smtp-strangeport: Mail server on unusual port: possible malware
author = "Diman Todorov"
license = "Same as Nmap--See https://nmap.org/book/man-legal.html"
categories = {"malware", "safe"}
portrule = function(host, port)
return port.service == "smtp" and
port.number ~= 25 and port.number ~= 465 and port.number ~= 587
and port.protocol == "tcp"
and port.state == "open"
end
action = function()
return "Mail server on unusual port: possible malware"
end
|
