I first wrote fake_MTA et fake_ftpd to detect fake SMTP or FTP servers, e.g. backdoors installed by misc worms. They check that the remote server speaks the SMTP or FTP protocol correctly, and does not accept silly commands. It seems that they may be helpful to detect "broken" or misconfigured servers. *However*, I am afraid that they can trigger against real servers (especially "paranoid" ones like filtering proxies). So this might not be a good idea and if they are commited to the repository, I suggest that they stay "experimental" for a while. fake_MTA might be OK, fake_FTPD looks suspicious. Finally, I wrote fake_3digits which is much simpler and would be less dangerous, IMHO. Comments & tests appreciated.
_______________________________________________ Plugins-writers mailing list Plugins-writers@private http://mail.nessus.org/mailman/listinfo/plugins-writers
This archive was generated by hypermail 2.1.3 : Tue Jun 14 2005 - 12:28:45 PDT