Red Hat NETWORK 3.6 - Guía de usuario descargar pdf (Pagina 35)

hs_sport=143

name=IMAP Banner

description=An IMAP server is running on this port. Its banner is :<br> %L

risk=NONE

match=OK

match=IMAP

match=server ready

regex=^.*OK.*IMAP.*server ready

In this example, the following fields are used:

> id is a unique number assigned to this plugin

> nid is the Nessus ID of the corresponding Nessus NASL script

> hs_sport is the source port to key on if we have the high-speed mode enabled

> name is the name of the plugin

> description is a description of the problem or service

> match is the set of match patterns we must find in the payload of the packet before we

evaluate the regular expression

> regex is the regular expression to apply to the packet payload

Notice that the description contains the %L macro. If this plugin evaluates successfully then

the string pattern in the payload that matched the regular expression is stored in %L and is

printed out at report time.

More Complex Passive Vulnerability Scanner Example

id=1004

nid=10382

cve=CVE-2000-0318

bid=1144

hs_sport=143

name=Atrium Mercur Mailserver

description=The remote imap server is Mercur Mailserver 3.20. There is a

flaw in this server (present up to version 3.20.02) which allow any

authenticated user to read any file on the system. This includes

other users mailboxes, or any system file. Warning : this flaw has

not been actually checked but was deduced from the server banner

solution=There was no solution ready when this vulnerability was written;

Please contact the vendor for updates that address this

vulnerability.

risk=HIGH

match=>* OK

match=MERCUR

match=IMAP4-Server

regex=^\* OK.*MERCUR IMAP4-Server.*v3\.20\..*$

Notice that the first match pattern makes use of the “>” symbol. The “>” symbol indicates

that the subsequent string must be at the beginning of the packet payload. Use of the “>”

symbol is encouraged where possible as it is an inexpensive operation.

1 2 ... 30 31 32 33 34 35 36 37 38 39 40 ... 60 61

Comentarios a estos manuales

Sin comentarios

Red Hat NETWORK 3.6 - Guía de usuario Pagina 35

Comentarios a estos manuales

Relacionado con productos y manuales para Servidores Red Hat NETWORK 3.6 -