recog-intrigue 2.3.7

data/xml/rsh_resp.xml

@@ -0,0 +1,76 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<fingerprints protocol="rsh" database_type="service">
+  <!--
+  Rservices responses to requests are matched against these patterns to fingerprint the OSes of servers.
+  -->
+  <fingerprint pattern="^.Permission denied: Error 0$">
+    <description>Digital Unix rlogind</description>
+    <example>xPermission denied: Error 0</example>
+    <param pos="0" name="os.vendor" value="HP"/>
+    <param pos="0" name="os.family" value="Digital Unix"/>
+  </fingerprint>
+  <fingerprint pattern="^.Winsock RSHD/NT: Protocol negotiation error\..+$|^.in\.rlogind: Permission denied\..+$" flags="REG_DOT_NEWLINE">
+    <description>Windows rlogind</description>
+    <example>xWinsock RSHD/NT: Protocol negotiation error.
+      0</example>
+    <example>xin.rlogind: Permission denied.
+      </example>
+    <param pos="0" name="os.vendor" value="Microsoft"/>
+    <param pos="0" name="os.family" value="Windows"/>
+  </fingerprint>
+  <fingerprint pattern="^.permission denied\..+$" flags="REG_DOT_NEWLINE">
+    <description>Solaris rlogind</description>
+    <example>xpermission denied.
+      </example>
+    <param pos="0" name="os.vendor" value="Sun"/>
+    <param pos="0" name="os.family" value="Solaris"/>
+    <param pos="0" name="os.product" value="Solaris"/>
+    <param pos="0" name="os.cpe23" value="cpe:/o:sun:solaris:-"/>
+  </fingerprint>
+  <fingerprint pattern="^.rlogind: Acc.s refus.\..+$" flags="REG_DOT_NEWLINE">
+    <description>AIX rlogind</description>
+    <example>xrlogind: Accxs refusx.
+      </example>
+    <param pos="0" name="os.vendor" value="IBM"/>
+    <param pos="0" name="os.family" value="AIX"/>
+    <param pos="0" name="os.product" value="AIX"/>
+    <param pos="0" name="os.cpe23" value="cpe:/o:ibm:aix:-"/>
+  </fingerprint>
+  <fingerprint pattern="^.rlogind: Host name for your address \([\d.]+\) unknown\..*$" flags="REG_DOT_NEWLINE">
+    <description>A/UX rlogind</description>
+    <example>xrlogind: Host name for your address (127.0.0.1) unknown.
+      </example>
+    <param pos="0" name="os.vendor" value="Apple"/>
+    <param pos="0" name="os.family" value="A/UX"/>
+  </fingerprint>
+  <fingerprint pattern="^.rexecd: Login incorrect\..*$" flags="REG_DOT_NEWLINE">
+    <description>HP-UX rexecd</description>
+    <example>xrexecd: Login incorrect.
+      </example>
+    <param pos="0" name="os.vendor" value="HP"/>
+    <param pos="0" name="os.family" value="HP-UX"/>
+    <param pos="0" name="os.product" value="HP-UX"/>
+    <param pos="0" name="os.cpe23" value="cpe:/o:hp:hp-ux:-"/>
+  </fingerprint>
+  <fingerprint pattern="^.rexecd: [-\d]+.*$" flags="REG_DOT_NEWLINE">
+    <description>AIX rexecd</description>
+    <example>xrexecd: 0-1 The login is not correct.
+      </example>
+    <param pos="0" name="os.vendor" value="IBM"/>
+    <param pos="0" name="os.family" value="AIX"/>
+    <param pos="0" name="os.product" value="AIX"/>
+    <param pos="0" name="os.cpe23" value="cpe:/o:ibm:aix:-"/>
+  </fingerprint>
+  <fingerprint pattern="^.remshd: (?:getservbyname.+|Kerberos Authentication not enabled\..+|Error! Kerberos authentication failed)$" flags="REG_DOT_NEWLINE">
+    <description>HP-UX rshd</description>
+    <example>xremshd: getservbyname
+      </example>
+    <example>xremshd: Kerberos Authentication not enabled.
+      </example>
+    <example>xremshd: Error! Kerberos authentication failed</example>
+    <param pos="0" name="os.vendor" value="HP"/>
+    <param pos="0" name="os.family" value="HP-UX"/>
+    <param pos="0" name="os.product" value="HP-UX"/>
+    <param pos="0" name="os.cpe23" value="cpe:/o:hp:hp-ux:-"/>
+  </fingerprint>
+</fingerprints>

data/xml/rtsp_servers.xml

@@ -0,0 +1,76 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<fingerprints matches="rtsp_header.server" protocol="rtsp" database_type="service" preference="0.85">
+  <fingerprint pattern="^Flussonic \(http:\/\/www.flussonic.com\/\) ([\d\.]+)$">
+    <description>Flussonic Media Server</description>
+    <example service.version="19.04">Flussonic (http://www.flussonic.com/) 19.04</example>
+    <example service.version="20.01">Flussonic (http://www.flussonic.com/) 20.01</example>
+    <param pos="0" name="service.vendor" value="Flussonic"/>
+    <param pos="0" name="service.product" value="Flussonic Media Server" />
+    <param pos="1" name="service.version" />
+  </fingerprint>
+  <fingerprint pattern="^Hipcam RealServer\/V([\d\.]+)$">
+    <description>Hipcam IP camera running the RealServer RTSP server.</description>
+    <example service.version="1.0">Hipcam RealServer/V1.0</example>
+    <param pos="0" name="service.vendor" value="RealNetworks"/>
+    <param pos="0" name="service.product" value="RealServer" />
+    <param pos="1" name="service.version" />
+    <param pos="0" name="hw.vendor" value="Hipcam" />
+    <param pos="0" name="hw.device" value="IP Camera" />
+  </fingerprint>
+  <fingerprint pattern="^Dahua Rtsp Server$">
+    <description>Dahua IP Camera</description>
+    <example>Dahua Rtsp Server</example>
+    <param pos="0" name="service.vendor" value="Dahua"/>
+    <param pos="0" name="hw.vendor" value="Dahua" />
+    <param pos="0" name="hw.device" value="IP Camera" />
+  </fingerprint>
+  <fingerprint pattern="^GStreamer RTSP server$">
+    <description>GStreamer RTSP Server (https://github.com/GStreamer/gst-rtsp-server)</description>
+    <example>GStreamer RTSP server</example>
+    <param pos="0" name="service.vendor" value="GStreamer"/>
+    <param pos="0" name="service.product" value="GStreamer RTSP Server" />
+  </fingerprint>
+  <fingerprint pattern="^WMServer\/([\d\.]+)$">
+    <description>Windows Media Server</description>
+    <example service.version="9.1.1.3862">WMServer/9.1.1.3862</example>
+    <example service.version="9.5.6001.22609">WMServer/9.5.6001.22609</example>
+    <param pos="0" name="service.vendor" value="Microsoft"/>
+    <param pos="0" name="service.product" value="Windows Media Server" />
+    <param pos="0" name="service.family" value="Windows Media Server"/>
+    <param pos="1" name="service.version" />
+    <param pos="0" name="os.vendor" value="Microsoft"/>
+    <param pos="0" name="os.family" value="Windows"/>
+  </fingerprint>
+  <fingerprint pattern="^Wowza (Streaming Engine|Media Server) ([\d\.]+) build(\d*)$">
+    <description>Wowza Media Systems Streaming Video Services</description>
+    <example service.version="4.7.7" service.version.version="20181108145350" service.product="Streaming Engine">Wowza Streaming Engine 4.7.7 build20181108145350</example>
+    <example service.version="3.6.4" service.version.version="9641" service.product="Media Server">Wowza Media Server 3.6.4 build9641</example>
+    <param pos="0" name="service.vendor" value="Wowza Media Systems"/>
+    <param pos="1" name="service.product" />
+    <param pos="2" name="service.version" />
+    <param pos="3" name="service.version.version" />
+  </fingerprint>
+  <fingerprint pattern="^HiIpcam\/V\d+R\d+ VodServer\/[\d\.]+$">
+    <description>Foscam IP Camera</description>
+    <example>HiIpcam/V100R003 VodServer/1.0.0</example>
+    <param pos="0" name="hw.vendor" value="Foscam" />
+    <param pos="0" name="hw.device" value="IP Camera" />
+  </fingerprint>
+  <fingerprint pattern="^Indigo\-Security\/[\d\.]+$">
+    <description>Indigo Security IP Camera</description>
+    <example>Indigo-Security/1.0</example>
+    <param pos="0" name="hw.vendor" value="Indigo Security" />
+    <param pos="0" name="hw.device" value="IP Camera" />
+  </fingerprint>
+  <fingerprint pattern="^Cisco MediaSense Media Server$">
+    <description>Cisco MediaSense Media Server (RTSP)</description>
+    <example>Cisco MediaSense Media Server</example>
+    <param pos="0" name="service.vendor" value="Cisco"/>
+    <param pos="0" name="service.product" value="MediaSense Media Server"/>
+    <param pos="0" name="service.cpe23" value="cpe:2.3:a:cisco:mediasense:-"/>
+    <param pos="0" name="os.vendor" value="Cisco"/>
+    <param pos="0" name="hw.vendor" value="Cisco"/>
+    <param pos="0" name="hw.device" value="SIP Gateway"/>
+    <param pos="0" name="hw.product" value="MediaSense Server"/>
+  </fingerprint>
+</fingerprints>

data/xml/sip_banners.xml

@@ -0,0 +1,359 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<fingerprints matches="sip_header.server" protocol="sip" database_type="service">
+  <!--
+  SIP Server header values are matched against these patterns to fingerprint SIP devices.
+  -->
+
+  <!-- Cisco/Tandberg Products -->
+
+  <fingerprint pattern="^Cisco-SIPGateway/IOS-(\S+)\.x$">
+    <description>Cisco IOS SIP Gateway w/ Vague Version</description>
+    <example os.version="12">Cisco-SIPGateway/IOS-12.x</example>
+    <param pos="0" name="service.vendor" value="Cisco"/>
+    <param pos="0" name="service.family" value="IOS"/>
+    <param pos="0" name="service.product" value="IOS"/>
+    <param pos="0" name="service.cpe23" value="cpe:/a:cisco:ios:{os.version}"/>
+    <param pos="0" name="os.vendor" value="Cisco"/>
+    <param pos="0" name="os.family" value="IOS"/>
+    <param pos="0" name="os.product" value="IOS"/>
+    <param pos="0" name="os.certainty" value="0.8"/>
+    <param pos="1" name="os.version"/>
+    <param pos="0" name="os.cpe23" value="cpe:/o:cisco:ios:{os.version}"/>
+    <param pos="0" name="hw.vendor" value="Cisco"/>
+    <param pos="0" name="hw.device" value="Router"/>
+  </fingerprint>
+
+  <fingerprint pattern="^Cisco-SIPGateway/IOS-(\S+)$">
+    <description>Cisco IOS SIP Gateway w/ Full Version</description>
+    <example os.version="15.2.4.M3">Cisco-SIPGateway/IOS-15.2.4.M3</example>
+    <example os.version="15.2.2.T1">Cisco-SIPGateway/IOS-15.2.2.T1</example>
+    <example os.version="15.2.3.T">Cisco-SIPGateway/IOS-15.2.3.T</example>
+    <example os.version="15.4.3.S5">Cisco-SIPGateway/IOS-15.4.3.S5</example>
+    <example os.version="15.6.3.M0a">Cisco-SIPGateway/IOS-15.6.3.M0a</example>
+    <example os.version="16.3.6">Cisco-SIPGateway/IOS-16.3.6</example>
+    <param pos="0" name="service.vendor" value="Cisco"/>
+    <param pos="0" name="service.family" value="IOS"/>
+    <param pos="0" name="service.product" value="IOS"/>
+    <param pos="0" name="service.cpe23" value="cpe:/a:cisco:ios:{os.version}"/>
+    <param pos="0" name="os.vendor" value="Cisco"/>
+    <param pos="0" name="os.family" value="IOS"/>
+    <param pos="0" name="os.product" value="IOS"/>
+    <param pos="0" name="os.certainty" value="1.0"/>
+    <param pos="1" name="os.version"/>
+    <param pos="0" name="os.cpe23" value="cpe:/o:cisco:ios:{os.version}"/>
+    <param pos="0" name="hw.vendor" value="Cisco"/>
+    <param pos="0" name="hw.device" value="Router"/>
+  </fingerprint>
+
+  <fingerprint pattern="^Cisco-CP-?(\d+G?)(?:-\S+)?/([\d\.]+)">
+    <description>Cisco CP VoIP Phone</description>
+    <example hw.model="7960G" hw.version="8.0">Cisco-CP7960G/8.0</example>
+    <example hw.model="7912" hw.version="8.0.1">Cisco-CP7912/8.0.1-060412A</example>
+    <example hw.model="7821" hw.version="11.0.0">Cisco-CP-7821-3PCC/11.0.0</example>
+    <example hw.model="6841" hw.version="11.1.1">Cisco-CP-6841-3PCC/11.1.1 (00727826a4e1) (sip68xx.11-1-1MPP-897.loads)</example>
+    <param pos="0" name="os.vendor" value="Cisco"/>
+    <param pos="0" name="os.device" value="VoIP"/>
+    <param pos="0" name="hw.vendor" value="Cisco"/>
+    <param pos="0" name="hw.product" value="CP"/>
+    <param pos="0" name="hw.device" value="VoIP"/>
+    <param pos="1" name="hw.model"/>
+    <param pos="2" name="hw.version"/>
+  </fingerprint>
+
+  <fingerprint pattern="(?:Cisco|Linksys)/(SPA\d+[DG]?\d?)-([\d\.a-zA-Z]+)">
+    <description>Cisco/Linksys SPA VoIP Phone</description>
+    <example hw.model="SPA112" hw.version="1.4.1SR1">Cisco/SPA112-1.4.1SR1(002)d-hisec</example>
+    <example hw.model="SPA122" hw.version="1.3.3">Cisco/SPA122-1.3.3(004)</example>
+    <example hw.model="SPA922" hw.version="6.1.5">PhoneSystems.net aabbccddeeff Linksys/SPA922-6.1.5(a)</example>
+    <example hw.model="SPA232D" hw.version="1.4.1">Cisco/SPA232D-1.4.1(002_282)</example>
+    <example hw.model="SPA504G" hw.version="7.5.2">Cisco/SPA504G-7.5.2</example>
+    <example hw.model="SPA525G2" hw.version="7.6.1">Cisco/SPA525G2-7.6.1</example>
+    <example hw.model="SPA922" hw.version="6.1.5">Linksys/SPA922-6.1.5</example>
+    <param pos="0" name="os.vendor" value="Cisco"/>
+    <param pos="0" name="os.device" value="VoIP"/>
+    <param pos="0" name="hw.vendor" value="Cisco"/>
+    <param pos="0" name="hw.product" value="SPA"/>
+    <param pos="0" name="hw.device" value="VoIP"/>
+    <param pos="1" name="hw.model"/>
+    <param pos="2" name="hw.version"/>
+  </fingerprint>
+
+  <fingerprint pattern="(?:Cisco|Linksys)(?: |/)(PAP2T?)(?:-|/)(\S+)$">
+    <description>Cisco/Linksys VoIP / Internet Phone adapter</description>
+    <example hw.version="3.1.22(LS)" hw.model="PAP2">PhoneSystems.net aabbccddeeff Linksys/PAP2-3.1.22(LS)</example>
+    <example hw.version="3.1.9(LSc)" hw.model="PAP2">aabbccddeeff Linksys/PAP2-3.1.9(LSc)</example>
+    <example hw.version="3.52.12X" hw.model="PAP2T">Linksys PAP2T/3.52.12X</example>
+    <example hw.version="2.0.10(LSb)" hw.model="PAP2">iLinksys/PAP2-2.0.10(LSb)</example>
+    <example hw.version="3.1.16(LS)" hw.model="PAP2T">Linksys/PAP2T-3.1.16(LS)</example>
+    <param pos="0" name="os.vendor" value="Cisco"/>
+    <param pos="0" name="os.device" value="VoIP"/>
+    <param pos="0" name="hw.vendor" value="Cisco"/>
+    <param pos="0" name="hw.product" value="Internet Phone Adapter"/>
+    <param pos="0" name="hw.device" value="VoIP"/>
+    <param pos="1" name="hw.model"/>
+    <param pos="2" name="hw.version"/>
+  </fingerprint>
+
+  <fingerprint pattern="^Cisco/(SRP\d+)-([\d\.]+)">
+    <description>Cisco Services Ready Platforms (SRP) Router</description>
+    <example hw.model="SRP541" hw.version="1.2.6">Cisco/SRP541-1.2.6(003)</example>
+    <example hw.model="SRP527" hw.version="1.02.03">Cisco/SRP527-1.02.03(002)</example>
+    <param pos="0" name="os.vendor" value="Cisco"/>
+    <param pos="0" name="os.device" value="Router"/>
+    <param pos="0" name="hw.vendor" value="Cisco"/>
+    <param pos="0" name="hw.product" value="SRP"/>
+    <param pos="0" name="hw.device" value="Router"/>
+    <param pos="1" name="hw.model"/>
+    <param pos="2" name="hw.version"/>
+  </fingerprint>
+
+  <fingerprint pattern="(?:Cisco|Linksys)/(WRP\d+)-(\S+)$">
+    <description>Cisco/Linksys WRP Wireless Router</description>
+    <example hw.version="2.00.26" hw.model="WRP400">aabbccddeeff_FinalStage_Linksys/WRP400-2.00.26</example>
+    <example hw.version="1.01.08" hw.model="WRP200">Linksys/WRP200-1.01.08</example>
+    <example hw.version="1.00.05B2" hw.model="WRP400">Linksys/WRP400-1.00.05B2</example>
+    <param pos="0" name="os.vendor" value="Cisco"/>
+    <param pos="0" name="os.device" value="Router"/>
+    <param pos="0" name="hw.vendor" value="Cisco"/>
+    <param pos="0" name="hw.product" value="Wireless Router"/>
+    <param pos="0" name="hw.device" value="Router"/>
+    <param pos="1" name="hw.model"/>
+    <param pos="2" name="hw.version"/>
+  </fingerprint>
+
+  <fingerprint pattern="^TANDBERG/(\d+) \((.*)\) Cisco-(\S+)$">
+    <description>Cisco/Tandberg TelePresence w/Cisco Model Name</description>
+    <example os.version="TC7.3.7.01c84fd" tandberg.model="528" hw.product="EX60">TANDBERG/528 (TC7.3.7.01c84fd) Cisco-EX60</example>
+    <example os.version="ce9.6.0.76c1685b70e" tandberg.model="529" hw.product="RoomKitMini">TANDBERG/529 (ce9.6.0.76c1685b70e) Cisco-RoomKitMini</example>
+    <param pos="0" name="os.vendor" value="Tandberg"/>
+    <param pos="0" name="os.family" value="Linux"/>
+    <param pos="0" name="os.product" value="Linux"/>
+    <param pos="1" name="tandberg.model"/>
+    <param pos="2" name="os.version"/>
+    <param pos="0" name="os.cpe23" value="cpe:/o:cisco:telepresence:{os.version}"/>
+    <param pos="0" name="hw.vendor" value="Cisco"/>
+    <param pos="0" name="hw.family" value="TelePresence"/>
+    <param pos="0" name="hw.device" value="Video Conferencing"/>
+    <param pos="3" name="hw.product"/>
+  </fingerprint>
+
+  <fingerprint pattern="^(TANDBERG/(\d+)) \((\S+).*\)$">
+    <description>Cisco/Tandberg TelePresence</description>
+    <example os.version="TC7.0.2.aecf2d9" tandberg.model="519" hw.product="TANDBERG/519">TANDBERG/519 (TC7.0.2.aecf2d9)</example>
+    <example os.version="X12.5.2" tandberg.model="4137" hw.product="TANDBERG/4137">TANDBERG/4137 (X12.5.2 (TEST SW))</example>
+    <example os.version="X8.2.1" hw.product="TANDBERG/4130">TANDBERG/4130 (X8.2.1)</example>
+    <example os.version="XC2.2.1-b2bua-1.0" hw.product="TANDBERG/4353" tandberg.model="4353">TANDBERG/4353 (XC2.2.1-b2bua-1.0)</example>
+    <example os.version="TC5.1.4.295090" hw.product="TANDBERG/516" tandberg.model="516">TANDBERG/516 (TC5.1.4.295090)</example>
+    <example os.version="TCNC5.1.4.295090" hw.product="TANDBERG/517" tandberg.model="517">TANDBERG/517 (TCNC5.1.4.295090)</example>
+    <param pos="0" name="os.vendor" value="Tandberg"/>
+    <param pos="0" name="os.family" value="Linux"/>
+    <param pos="0" name="os.product" value="Linux"/>
+    <param pos="2" name="tandberg.model"/>
+    <param pos="3" name="os.version"/>
+    <param pos="0" name="os.cpe23" value="cpe:/o:cisco:telepresence:{os.version}"/>
+    <param pos="0" name="hw.vendor" value="Cisco"/>
+    <param pos="0" name="hw.family" value="TelePresence"/>
+    <param pos="0" name="hw.device" value="Video Conferencing"/>
+    <param pos="1" name="hw.product"/>
+  </fingerprint>
+
+  <!-- Various -->
+
+  <fingerprint pattern="EnGenius_Router$">
+    <description>EnGenius DuraFon IP Phone</description>
+    <example>EnGenius_Router</example>
+    <param pos="0" name="hw.vendor" value="enGenius"/>
+    <param pos="0" name="hw.product" value="DuraFon"/>
+    <param pos="0" name="hw.device" value="VoIP"/>
+  </fingerprint>
+
+  <fingerprint pattern="(?i)^Huawei (SoftX\d+) (?:V\d.*)$">
+    <description>Huawei Softswitch</description>
+    <example hw.model="SoftX3000">Huawei SoftX3000 V300R006</example>
+    <param pos="0" name="hw.vendor" value="Huawei"/>
+    <param pos="0" name="hw.device" value="Telecom"/>
+    <param pos="0" name="hw.product" value="Softswitch"/>
+    <param pos="1" name="hw.model"/>
+  </fingerprint>
+
+  <fingerprint pattern="(?i)^SIP/1.0 \(Huawei\)$">
+    <description>Huawei generic</description>
+    <example>SIP/1.0 (Huawei)</example>
+    <param pos="0" name="hw.vendor" value="Huawei"/>
+  </fingerprint>
+
+  <fingerprint pattern="^M5T SIP(?: Stack|-UA SAFE)/v?([\d\.]+)">
+    <description>Media5 Corporation SIP Stack</description>
+    <example service.version="4.1.2.2">M5T SIP Stack/4.1.2.2</example>
+    <example service.version="3.6.4.8">M5T SIP-UA SAFE/v3.6.4.8</example>
+    <example service.version="4.1.2.2">M5T SIP Stack/4.1.2.2alliu</example>
+    <param pos="0" name="service.vendor" value="Media5 Corporation"/>
+    <param pos="0" name="service.product" value="SIP Stack"/>
+    <param pos="1" name="service.version"/>
+    <param pos="0" name="hw.device" value="VoIP"/>
+  </fingerprint>
+
+  <fingerprint pattern="^Tilgin Vood ([^_\s]+)">
+    <description>Tilgin Vood</description>
+    <example hw.model="HG238x">Tilgin Vood HG238x_ESx000-02_07_03_26</example>
+    <example hw.model="HG27xx">Tilgin Vood HG27xx</example>
+    <example hw.model="452W">Tilgin Vood 452W_S_3_4_2_RC_2</example>
+    <param pos="0" name="hw.vendor" value="Tilgin"/>
+    <param pos="0" name="hw.product" value="Vood"/>
+    <param pos="1" name="hw.model"/>
+  </fingerprint>
+
+  <fingerprint pattern="^(F\d{3})/VT?(\d(?:[\d\.A-Z]+))$">
+    <description>ZTE GPON Router</description>
+    <example hw.product="F620" hw.version="3.30.20P5T4S">F620/V3.30.20P5T4S</example>
+    <example hw.product="F660" hw.version="2.22.21P1T14S">F660/V2.22.21P1T14S</example>
+    <example hw.product="F668" hw.version="2.30.22P1T9">F668/VT2.30.22P1T9</example>
+    <param pos="0" name="hw.vendor" value="ZTE"/>
+    <param pos="0" name="hw.device" value="Router"/>
+    <param pos="1" name="hw.product"/>
+    <param pos="2" name="hw.version"/>
+  </fingerprint>
+
+  <fingerprint pattern="^ZXDSL (\S+)/V?(\d(?:[\d\.A-Z_]+))$">
+    <description>ZTE ZXDSL router</description>
+    <example hw.product="931VII" hw.version="2.0.00.OTET06">ZXDSL 931VII/V2.0.00.OTET06</example>
+    <param pos="0" name="hw.vendor" value="ZTE"/>
+    <param pos="0" name="hw.device" value="Router"/>
+    <param pos="0" name="hw.family" value="ZXDSL"/>
+    <param pos="1" name="hw.product"/>
+    <param pos="2" name="hw.version"/>
+  </fingerprint>
+
+  <fingerprint pattern="^(?:ZXHN )?(H\d{3}N)/V?(\d(?:[\d\.A-Z_]+))$">
+    <description>ZTE ZXHN router</description>
+    <example hw.product="H218N" hw.version="1.02.01_ERS">ZXHN H218N/V1.02.01_ERS</example>
+    <example hw.product="H367N" hw.version="1.0.4">ZXHN H367N/V1.0.4</example>
+    <example hw.product="H218N" hw.version="1.02.01">ZXHN H218N/V1.02.01</example>
+    <example hw.product="H208N" hw.version="1.0.2T02">ZXHN H208N/V1.0.2T02</example>
+    <example hw.product="H368N" hw.version="1.10.00T10">H368N/V1.10.00T10</example>
+    <param pos="0" name="hw.vendor" value="ZTE"/>
+    <param pos="0" name="hw.device" value="Router"/>
+    <param pos="0" name="hw.family" value="ZXHN"/>
+    <param pos="1" name="hw.product"/>
+    <param pos="2" name="hw.version"/>
+  </fingerprint>
+
+  <fingerprint pattern="^Aastra ([^/]+)/([a-zA-Z0-9\.\-]+)$">
+    <description>Aastra IP Phone</description>
+    <example hw.product="6865i" os.version="4.2.0.2023">Aastra 6865i/4.2.0.2023</example>
+    <param pos="0" name="os.vendor" value="Aastra"/>
+    <param pos="0" name="os.family" value="VoIP"/>
+    <param pos="0" name="os.product" value="VoIP"/>
+    <param pos="2" name="os.version"/>
+    <param pos="0" name="hw.vendor" value="Aastra"/>
+    <param pos="0" name="hw.family" value="VoIP"/>
+    <param pos="0" name="hw.device" value="VoIP"/>
+    <param pos="1" name="hw.product"/>
+  </fingerprint>
+
+  <fingerprint pattern="^(?:Audiocodes-Sip-Gateway-)?(\S+) FX[A-Z_]+/v.(\S+)$">
+    <description>Audiocodes-Sip-Gateway</description>
+    <example hw.product="MP-124" os.version="6.00A.034.003">Audiocodes-Sip-Gateway-MP-124 FXS/v.6.00A.034.003</example>
+    <example hw.product="MP-124" os.version="6.60A.342.003">MP-124 FXS/v.6.60A.342.003</example>
+    <example hw.product="MP-114" os.version="6.60A.241.010">MP-114 FXS_FXO/v.6.60A.241.010</example>
+    <param pos="0" name="os.vendor" value="Audiocodes"/>
+    <param pos="0" name="os.family" value="SIP Gateway"/>
+    <param pos="2" name="os.version"/>
+    <param pos="0" name="hw.vendor" value="Audiocodes"/>
+    <param pos="0" name="hw.family" value="SIP Gateway"/>
+    <param pos="0" name="hw.device" value="SIP Gateway"/>
+    <param pos="1" name="hw.product"/>
+  </fingerprint>
+
+  <fingerprint pattern="^Wildix GW-(\S+)$">
+    <description>Wildix SIP Gateway</description>
+    <example os.version="5.0.3.42145">Wildix GW-5.0.3.42145</example>
+    <param pos="0" name="os.vendor" value="Wildix"/>
+    <param pos="0" name="os.family" value="SIP Gateway"/>
+    <param pos="1" name="os.version"/>
+    <param pos="0" name="hw.vendor" value="Wildix"/>
+    <param pos="0" name="hw.family" value="SIP Gateway"/>
+    <param pos="0" name="hw.device" value="SIP Gateway"/>
+    <param pos="0" name="hw.product" value="SIP Gateway"/>
+  </fingerprint>
+
+  <fingerprint pattern="^Wildix GW$">
+    <description>Wildix SIP Gateway w/o Version</description>
+    <example>Wildix GW</example>
+    <param pos="0" name="os.vendor" value="Wildix"/>
+    <param pos="0" name="os.family" value="SIP Gateway"/>
+    <param pos="0" name="hw.vendor" value="Wildix"/>
+    <param pos="0" name="hw.family" value="SIP Gateway"/>
+    <param pos="0" name="hw.device" value="SIP Gateway"/>
+    <param pos="0" name="hw.product" value="SIP Gateway"/>
+  </fingerprint>
+
+  <fingerprint pattern="^Asterisk PBX (\S+)$">
+    <description>Asterisk PBX w/ Version</description>
+    <example service.version="13.18.0-6.7.1.1.rl.1538157944.1c65507">Asterisk PBX 13.18.0-6.7.1.1.rl.1538157944.1c65507</example>
+    <example service.version="16.2.1~dfsg-1">Asterisk PBX 16.2.1~dfsg-1</example>
+    <param pos="0" name="service.vendor" value="Asterisk"/>
+    <param pos="0" name="service.family" value="PBX"/>
+    <param pos="0" name="service.product" value="PBX"/>
+    <param pos="1" name="service.version"/>
+    <param pos="0" name="service.cpe23" value="cpe:/a:asterisk:asterisk:{service.version}"/>
+  </fingerprint>
+
+  <fingerprint pattern="^Asterisk PBX$">
+    <description>Asterisk PBX w/o Version</description>
+    <example>Asterisk PBX</example>
+    <param pos="0" name="service.vendor" value="Asterisk"/>
+    <param pos="0" name="service.family" value="PBX"/>
+    <param pos="0" name="service.product" value="PBX"/>
+    <param pos="0" name="service.cpe23" value="cpe:/a:asterisk:asterisk:-"/>
+  </fingerprint>
+
+  <fingerprint pattern="^FPBX-(\S+)$">
+    <description>FreePBX</description>
+    <example service.version="12.0.70(11.20.0)">FPBX-12.0.70(11.20.0)</example>
+    <example service.version="2.11.0(11.20.0)">FPBX-2.11.0(11.20.0)</example>
+    <param pos="0" name="service.vendor" value="FreePBX"/>
+    <param pos="0" name="service.family" value="PBX"/>
+    <param pos="0" name="service.product" value="PBX"/>
+    <param pos="1" name="service.version"/>
+    <param pos="0" name="service.cpe23" value="cpe:/a:freepbx:freepbx:{service.version}"/>
+  </fingerprint>
+
+  <fingerprint pattern="^kamailio \((\S+) \((.*)\)\)$">
+    <description>Kamailio SIP Server</description>
+    <example service.version="4.4.4" kamailio.platform="x86_64/linux">kamailio (4.4.4 (x86_64/linux))</example>
+    <param pos="0" name="service.vendor" value="Kamailio"/>
+    <param pos="0" name="service.family" value="SIP Server"/>
+    <param pos="0" name="service.product" value="SIP Server"/>
+    <param pos="1" name="service.version"/>
+    <param pos="2" name="kamailio.platform"/>
+    <param pos="0" name="service.cpe23" value="cpe:/a:kamailio:kamailio:{service.version}"/>
+  </fingerprint>
+
+  <!-- This match covers multiple product families and should be split up further -->
+  <fingerprint pattern="^Algo-([^/]+)/(.*)$">
+    <description>Algo SIP Device</description>
+    <example hw.product="8186" os.version="1.7">Algo-8186/1.7</example>
+    <param pos="0" name="os.vendor" value="Algo"/>
+    <param pos="0" name="os.family" value="SIP Device"/>
+    <param pos="2" name="os.version"/>
+    <param pos="0" name="hw.vendor" value="Algo"/>
+    <param pos="0" name="hw.family" value="SIP Device"/>
+    <param pos="0" name="hw.device" value="SIP Device"/>
+    <param pos="1" name="hw.product"/>
+  </fingerprint>
+
+  <fingerprint pattern="^(?:SIParator|Ingate-Firewall)/(\S+)$">
+    <description>Ingate SIParator Firewall</description>
+    <example os.version="5.0.10">Ingate-Firewall/5.0.10</example>
+    <example os.version="6.0.4">SIParator/6.0.4</example>
+    <param pos="0" name="os.vendor" value="Ingate"/>
+    <param pos="0" name="os.family" value="SIP Gateway"/>
+    <param pos="1" name="os.version"/>
+    <param pos="0" name="hw.vendor" value="Ingate"/>
+    <param pos="0" name="hw.family" value="SIP Gateway"/>
+    <param pos="0" name="hw.device" value="SIP Gateway"/>
+    <param pos="0" name="hw.product" value="SIParator Firewall"/>
+  </fingerprint>
+
+</fingerprints>