recog-intrigue 2.3.7 → 2.3.14
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/.github/SECURITY.md +35 -0
- data/.gitignore +9 -0
- data/CONTRIBUTING.md +136 -37
- data/README.md +18 -16
- data/bin/recog_cleanup +16 -0
- data/bin/recog_standardize +30 -6
- data/cpe-remap.yaml +38 -1
- data/identifiers/README.md +9 -0
- data/identifiers/hw_device.txt +77 -0
- data/identifiers/hw_family.txt +96 -0
- data/identifiers/hw_product.txt +328 -0
- data/identifiers/os_architecture.txt +6 -6
- data/identifiers/os_device.txt +45 -3
- data/identifiers/os_family.txt +206 -41
- data/identifiers/os_product.txt +238 -17
- data/identifiers/service_family.txt +144 -57
- data/identifiers/service_product.txt +385 -83
- data/identifiers/vendor.txt +554 -68
- data/lib/recog/version.rb +1 -1
- data/requirements.txt +1 -1
- data/update_cpes.py +4 -1
- data/xml/apache_modules.xml +292 -5
- data/xml/apache_os.xml +41 -2
- data/xml/architecture.xml +11 -3
- data/xml/dns_versionbind.xml +200 -26
- data/xml/favicons.xml +1701 -0
- data/xml/ftp_banners.xml +256 -23
- data/xml/h323_callresp.xml +112 -12
- data/xml/hp_pjl_id.xml +47 -5
- data/xml/html_title.xml +1156 -70
- data/xml/http_cookies.xml +69 -11
- data/xml/http_servers.xml +1094 -107
- data/xml/http_wwwauth.xml +143 -27
- data/xml/imap_banners.xml +62 -13
- data/xml/ldap_searchresult.xml +81 -9
- data/xml/mdns_device-info_txt.xml +194 -17
- data/xml/mdns_workstation_txt.xml +4 -2
- data/xml/mysql_banners.xml +233 -40
- data/xml/mysql_error.xml +113 -6
- data/xml/nntp_banners.xml +10 -2
- data/xml/ntp_banners.xml +93 -9
- data/xml/operating_system.xml +90 -3
- data/xml/pop_banners.xml +87 -33
- data/xml/rsh_resp.xml +11 -2
- data/xml/rtsp_servers.xml +43 -23
- data/xml/sip_banners.xml +6 -11
- data/xml/sip_user_agents.xml +29 -2
- data/xml/smb_native_lm.xml +10 -2
- data/xml/smb_native_os.xml +80 -2
- data/xml/smtp_banners.xml +233 -13
- data/xml/smtp_debug.xml +6 -4
- data/xml/smtp_ehlo.xml +7 -5
- data/xml/smtp_expn.xml +13 -4
- data/xml/smtp_help.xml +23 -4
- data/xml/smtp_mailfrom.xml +5 -2
- data/xml/smtp_noop.xml +6 -5
- data/xml/smtp_quit.xml +5 -4
- data/xml/smtp_rcptto.xml +5 -2
- data/xml/smtp_rset.xml +4 -4
- data/xml/smtp_turn.xml +4 -4
- data/xml/smtp_vrfy.xml +14 -4
- data/xml/snmp_sysdescr.xml +741 -32
- data/xml/snmp_sysobjid.xml +47 -2
- data/xml/ssh_banners.xml +255 -81
- data/xml/telnet_banners.xml +503 -30
- data/xml/x11_banners.xml +26 -3
- data/xml/x509_issuers.xml +37 -13
- data/xml/x509_subjects.xml +214 -52
- metadata +12 -5
data/xml/nntp_banners.xml
CHANGED
|
@@ -1,9 +1,10 @@
|
|
|
1
|
-
<?xml version=
|
|
1
|
+
<?xml version='1.0' encoding='UTF-8'?>
|
|
2
2
|
<fingerprints matches="nntp.banner" protocol="nntp" database_type="service">
|
|
3
3
|
<!--
|
|
4
4
|
NNTP greeting messages (part of the banner after the response code) are matched
|
|
5
5
|
against these patterns to fingerprint NNTP servers.
|
|
6
6
|
-->
|
|
7
|
+
|
|
7
8
|
<fingerprint pattern="CCProxy NNTP Service$">
|
|
8
9
|
<description>Youngzsoft CCProxy NNTP with no version</description>
|
|
9
10
|
<example>CCProxy NNTP Service</example>
|
|
@@ -11,6 +12,7 @@
|
|
|
11
12
|
<param pos="0" name="service.family" value="CCProxy"/>
|
|
12
13
|
<param pos="0" name="service.product" value="CCProxy"/>
|
|
13
14
|
</fingerprint>
|
|
15
|
+
|
|
14
16
|
<fingerprint pattern="^(\S+) Lyris ListManager NNTP Service ready">
|
|
15
17
|
<description>Lyris Listmanager</description>
|
|
16
18
|
<example host.name="blah">blah Lyris ListManager NNTP Service ready (posting ok).</example>
|
|
@@ -19,6 +21,7 @@
|
|
|
19
21
|
<param pos="0" name="service.product" value="ListManager"/>
|
|
20
22
|
<param pos="1" name="host.name"/>
|
|
21
23
|
</fingerprint>
|
|
24
|
+
|
|
22
25
|
<fingerprint pattern="^NNTP Service (?:.*) Version: (5.0.2195.[0-9]+) .*$">
|
|
23
26
|
<description>Microsoft IIS NNTP Server on Windows 2000</description>
|
|
24
27
|
<example>NNTP Service 5.00.0984 Version: 5.0.2195.7034 Posting Allowed</example>
|
|
@@ -34,6 +37,7 @@
|
|
|
34
37
|
<param pos="0" name="os.cpe23" value="cpe:/o:microsoft:windows_2000:-"/>
|
|
35
38
|
<param pos="1" name="ms.nttp.version"/>
|
|
36
39
|
</fingerprint>
|
|
40
|
+
|
|
37
41
|
<fingerprint pattern="^NNTP Service (?:.*) Version: (6.0.3790.[0-9]+) .*$">
|
|
38
42
|
<description>Microsoft IIS NNTP Server on Windows Server 2003</description>
|
|
39
43
|
<example>NNTP Service 6.0.3790.3959 Version: 6.0.3790.3959 Posting Allowed</example>
|
|
@@ -49,6 +53,7 @@
|
|
|
49
53
|
<param pos="0" name="os.cpe23" value="cpe:/o:microsoft:windows_server_2003:-"/>
|
|
50
54
|
<param pos="1" name="ms.nttp.version"/>
|
|
51
55
|
</fingerprint>
|
|
56
|
+
|
|
52
57
|
<fingerprint pattern="^NNTP Service Microsoft. Internet Services (?:.*) Version: (?:[^ ]+) .*$">
|
|
53
58
|
<description>Older Microsoft IIS NNTP Servers</description>
|
|
54
59
|
<example>NNTP Service Microsoft. Internet Services 5.00 Version: 5.0.2068.0 Posting Allowed</example>
|
|
@@ -63,6 +68,7 @@
|
|
|
63
68
|
<param pos="0" name="os.product" value="Windows"/>
|
|
64
69
|
<param pos="0" name="os.cpe23" value="cpe:/o:microsoft:windows:-"/>
|
|
65
70
|
</fingerprint>
|
|
71
|
+
|
|
66
72
|
<fingerprint pattern="^Kerio (?:Connect|MailServer)\s+(\d\.[\d.]+)\s+(?:(?:patch|RC) (\d)\s+)?NNTP server ready$">
|
|
67
73
|
<description>Kerio Connect NNTP</description>
|
|
68
74
|
<example service.version="9.2.3">Kerio Connect 9.2.3 NNTP server ready</example>
|
|
@@ -74,9 +80,11 @@
|
|
|
74
80
|
<param pos="1" name="service.version"/>
|
|
75
81
|
<param pos="2" name="service.version.version"/>
|
|
76
82
|
</fingerprint>
|
|
83
|
+
|
|
77
84
|
<fingerprint pattern="^NNTP server ready(?: \(no posting\))?$">
|
|
78
85
|
<description>Non-specific NNTP</description>
|
|
79
86
|
<example>NNTP server ready (no posting)</example>
|
|
80
87
|
<example>NNTP server ready</example>
|
|
81
88
|
</fingerprint>
|
|
82
|
-
|
|
89
|
+
|
|
90
|
+
</fingerprints>
|
data/xml/ntp_banners.xml
CHANGED
|
@@ -1,8 +1,9 @@
|
|
|
1
|
-
<?xml version=
|
|
1
|
+
<?xml version='1.0' encoding='UTF-8'?>
|
|
2
2
|
<fingerprints matches="ntp.readvar" protocol="ntp" database_type="service" preference="0.80">
|
|
3
3
|
<!--
|
|
4
4
|
NTP "banners", taken from a readvar response
|
|
5
5
|
-->
|
|
6
|
+
|
|
6
7
|
<fingerprint pattern="^.*version=Domain Time II (\S+),hostname=([^,]+),.*system=Win2003.*,processor=(\S+)" flags="REG_DOT_NEWLINE,REG_ICASE">
|
|
7
8
|
<description>Greyware Automation Products, Inc. Domain Time II on Windows Server 2003</description>
|
|
8
9
|
<example service.version="5.1.b.20100331R" os.arch="x64" host.name="blah">
|
|
@@ -21,6 +22,7 @@
|
|
|
21
22
|
<param pos="3" name="os.arch"/>
|
|
22
23
|
<param pos="0" name="os.cpe23" value="cpe:/o:microsoft:windows_server_2003:-"/>
|
|
23
24
|
</fingerprint>
|
|
25
|
+
|
|
24
26
|
<fingerprint pattern="^.*version=Domain Time II (\S+),hostname=([^,]+),.*system=Win2008R2.*,processor=(\S+)" flags="REG_DOT_NEWLINE,REG_ICASE">
|
|
25
27
|
<description>Greyware Automation Products, Inc. Domain Time II on Windows Server 2008 R2</description>
|
|
26
28
|
<example service.version="5.2.b.20120215R" os.arch="x64" host.name="blah">
|
|
@@ -32,10 +34,11 @@
|
|
|
32
34
|
<param pos="2" name="host.name"/>
|
|
33
35
|
<param pos="0" name="os.vendor" value="Microsoft"/>
|
|
34
36
|
<param pos="0" name="os.family" value="Windows"/>
|
|
35
|
-
<param pos="0" name="os.product" value="Windows 2008 R2"/>
|
|
37
|
+
<param pos="0" name="os.product" value="Windows Server 2008 R2"/>
|
|
36
38
|
<param pos="3" name="os.arch"/>
|
|
37
39
|
<param pos="0" name="os.cpe23" value="cpe:/o:microsoft:windows_server_2008:-"/>
|
|
38
40
|
</fingerprint>
|
|
41
|
+
|
|
39
42
|
<fingerprint pattern="^.*version=Domain Time II (\S+),hostname=([^,]+),.*system=Win2008.*,processor=(\S+)" flags="REG_DOT_NEWLINE,REG_ICASE">
|
|
40
43
|
<description>Greyware Automation Products, Inc. Domain Time II on Windows 2008</description>
|
|
41
44
|
<example service.version="5.2.b.20140303R" os.arch="x86" host.name="blah">
|
|
@@ -54,6 +57,7 @@
|
|
|
54
57
|
<param pos="3" name="os.arch"/>
|
|
55
58
|
<param pos="0" name="os.cpe23" value="cpe:/o:microsoft:windows_server_2008:-"/>
|
|
56
59
|
</fingerprint>
|
|
60
|
+
|
|
57
61
|
<fingerprint pattern="^.*version=Domain Time II (\S+),hostname=([^,]+),.*system=Win2012.*,processor=(\S+)" flags="REG_DOT_NEWLINE,REG_ICASE">
|
|
58
62
|
<description>Greyware Automation Products, Inc. Domain Time II on Windows Server 2012</description>
|
|
59
63
|
<example service.version="5.2.b.20140101R" os.arch="x64" host.name="blah">
|
|
@@ -69,6 +73,7 @@
|
|
|
69
73
|
<param pos="3" name="os.arch"/>
|
|
70
74
|
<param pos="0" name="os.cpe23" value="cpe:/o:microsoft:windows_server_2012:-"/>
|
|
71
75
|
</fingerprint>
|
|
76
|
+
|
|
72
77
|
<fingerprint pattern="^.*version=Domain Time II (\S+),hostname=([^,]+),.*system=Win7.*,processor=(\S+)" flags="REG_DOT_NEWLINE,REG_ICASE">
|
|
73
78
|
<description>Greyware Automation Products, Inc. Domain Time II on Windows 7</description>
|
|
74
79
|
<example service.version="5.2.b.20130405R" os.arch="x64" host.name="blah">
|
|
@@ -84,6 +89,7 @@
|
|
|
84
89
|
<param pos="3" name="os.arch"/>
|
|
85
90
|
<param pos="0" name="os.cpe23" value="cpe:/o:microsoft:windows_7:-"/>
|
|
86
91
|
</fingerprint>
|
|
92
|
+
|
|
87
93
|
<fingerprint pattern="^.*version="ntpd (\S+)[^"]+",.*system="Equallogic \(R\) storage array"" flags="REG_DOT_NEWLINE,REG_ICASE">
|
|
88
94
|
<description>ntpd running on an EqualLogic Storage Array that includes the NTP version</description>
|
|
89
95
|
<example>
|
|
@@ -100,6 +106,7 @@
|
|
|
100
106
|
<param pos="0" name="os.vendor" value="EqualLogic"/>
|
|
101
107
|
<param pos="0" name="os.product" value="Storage Array"/>
|
|
102
108
|
</fingerprint>
|
|
109
|
+
|
|
103
110
|
<fingerprint pattern="^.*system="Equallogic \(R\) storage array"" flags="REG_DOT_NEWLINE,REG_ICASE">
|
|
104
111
|
<description>ntpd running on an EqualLogic Storage Array that does not include the NTP version</description>
|
|
105
112
|
<example>
|
|
@@ -112,6 +119,7 @@
|
|
|
112
119
|
<param pos="0" name="os.vendor" value="EqualLogic"/>
|
|
113
120
|
<param pos="0" name="os.product" value="Storage Array"/>
|
|
114
121
|
</fingerprint>
|
|
122
|
+
|
|
115
123
|
<fingerprint pattern="^.*version="ntpd ([^ ]+)[^"]+",.*processor="([^ ]+)",.*system="Linux/(?:[^ ]+\.ESX)"" flags="REG_DOT_NEWLINE,REG_ICASE">
|
|
116
124
|
<description>ntpd running on VMware ESX</description>
|
|
117
125
|
<example service.version="4.2.2p1@1.1570-o" os.arch="x86_64">
|
|
@@ -127,6 +135,7 @@
|
|
|
127
135
|
<param pos="2" name="os.arch"/>
|
|
128
136
|
<param pos="0" name="os.cpe23" value="cpe:/o:vmware:esx:-"/>
|
|
129
137
|
</fingerprint>
|
|
138
|
+
|
|
130
139
|
<fingerprint pattern="^.*version="ntpd ([^ ]+)[^"]+",.*processor="([^ ]+)",.*system="Linux/?([^ ]+)"" flags="REG_DOT_NEWLINE,REG_ICASE">
|
|
131
140
|
<description>ntpd running on Linux</description>
|
|
132
141
|
<example>
|
|
@@ -143,6 +152,7 @@
|
|
|
143
152
|
<param pos="3" name="os.version"/>
|
|
144
153
|
<param pos="0" name="os.cpe23" value="cpe:/o:linux:linux_kernel:{os.version}"/>
|
|
145
154
|
</fingerprint>
|
|
155
|
+
|
|
146
156
|
<fingerprint pattern="^.*version="ntpd ([^ ]+)[^"]+",.*processor="([^"]+)",.*system="Darwin/?6\.([^"]+)"" flags="REG_DOT_NEWLINE,REG_ICASE">
|
|
147
157
|
<description>ntpd running on Mac OSX 10.2/Jaguar</description>
|
|
148
158
|
<example service.version="4.1.1@1.786" os.version.version="8">
|
|
@@ -160,6 +170,7 @@
|
|
|
160
170
|
<param pos="0" name="os.certainty" value="0.9"/>
|
|
161
171
|
<param pos="0" name="os.cpe23" value="cpe:/o:apple:mac_os_x:10.2"/>
|
|
162
172
|
</fingerprint>
|
|
173
|
+
|
|
163
174
|
<fingerprint pattern="^.*version="ntpd ([^ ]+)[^"]+",.*processor="([^"]+)",.*system="Darwin/?7\.([^"]+)"" flags="REG_DOT_NEWLINE,REG_ICASE">
|
|
164
175
|
<description>ntpd running on Mac OSX 10.3/Panther</description>
|
|
165
176
|
<param pos="0" name="service.family" value="NTP"/>
|
|
@@ -174,6 +185,7 @@
|
|
|
174
185
|
<param pos="0" name="os.certainty" value="0.9"/>
|
|
175
186
|
<param pos="0" name="os.cpe23" value="cpe:/o:apple:mac_os_x:10.3"/>
|
|
176
187
|
</fingerprint>
|
|
188
|
+
|
|
177
189
|
<fingerprint pattern="^.*version="ntpd ([^ ]+)[^"]+",.*processor="([^"]+)",.*system="Darwin/?8\.([^"]+)"" flags="REG_DOT_NEWLINE,REG_ICASE">
|
|
178
190
|
<description>ntpd running on Mac OSX 10.4/Tiger</description>
|
|
179
191
|
<example>
|
|
@@ -192,6 +204,7 @@
|
|
|
192
204
|
<param pos="0" name="os.certainty" value="0.9"/>
|
|
193
205
|
<param pos="0" name="os.cpe23" value="cpe:/o:apple:mac_os_x:10.4"/>
|
|
194
206
|
</fingerprint>
|
|
207
|
+
|
|
195
208
|
<fingerprint pattern="^.*version="ntpd ([^ ]+)[^"]+",.*processor="([^"]+)",.*system="Darwin/?9\.([^"]+)"" flags="REG_DOT_NEWLINE,REG_ICASE">
|
|
196
209
|
<description>ntpd running on Mac OSX 10.5/Leopard</description>
|
|
197
210
|
<example>
|
|
@@ -210,6 +223,7 @@
|
|
|
210
223
|
<param pos="0" name="os.certainty" value="0.9"/>
|
|
211
224
|
<param pos="0" name="os.cpe23" value="cpe:/o:apple:mac_os_x:10.5"/>
|
|
212
225
|
</fingerprint>
|
|
226
|
+
|
|
213
227
|
<fingerprint pattern="^.*version="ntpd ([^ ]+)[^"]+",.*processor="([^"]+)",.*system="Darwin/?10\.([^"]+)"" flags="REG_DOT_NEWLINE,REG_ICASE">
|
|
214
228
|
<description>ntpd running on Mac OSX 10.6/Snow Leopard</description>
|
|
215
229
|
<example>
|
|
@@ -228,6 +242,7 @@
|
|
|
228
242
|
<param pos="0" name="os.certainty" value="0.9"/>
|
|
229
243
|
<param pos="0" name="os.cpe23" value="cpe:/o:apple:mac_os_x:10.6"/>
|
|
230
244
|
</fingerprint>
|
|
245
|
+
|
|
231
246
|
<fingerprint pattern="^.*processor="([^"]+)".*system="BSD/OS([\d.]+)"" flags="REG_DOT_NEWLINE,REG_ICASE">
|
|
232
247
|
<description>BSD/OS with a version and arch</description>
|
|
233
248
|
<example os.arch="i386" os.version="4.3.1">
|
|
@@ -238,6 +253,7 @@
|
|
|
238
253
|
<param pos="1" name="os.arch"/>
|
|
239
254
|
<param pos="2" name="os.version"/>
|
|
240
255
|
</fingerprint>
|
|
256
|
+
|
|
241
257
|
<fingerprint pattern="^.*system="BSD/OS"" flags="REG_DOT_NEWLINE,REG_ICASE">
|
|
242
258
|
<description>BSD/OS without a version or arch</description>
|
|
243
259
|
<example>
|
|
@@ -246,6 +262,7 @@
|
|
|
246
262
|
<param pos="0" name="os.vendor" value="Berkeley Software Design Inc."/>
|
|
247
263
|
<param pos="0" name="os.product" value="BSD/OS"/>
|
|
248
264
|
</fingerprint>
|
|
265
|
+
|
|
249
266
|
<fingerprint pattern="^.*version="ntpd ([^ ]+)[^"]+",.*processor="([^"]+)",.*system="Darwin/?11\.([^"]+)"" flags="REG_DOT_NEWLINE,REG_ICASE">
|
|
250
267
|
<description>ntpd running on Mac OSX 10.7/Lion</description>
|
|
251
268
|
<example>
|
|
@@ -264,6 +281,7 @@
|
|
|
264
281
|
<param pos="0" name="os.certainty" value="0.9"/>
|
|
265
282
|
<param pos="0" name="os.cpe23" value="cpe:/o:apple:mac_os_x:10.7"/>
|
|
266
283
|
</fingerprint>
|
|
284
|
+
|
|
267
285
|
<fingerprint pattern="^.*version="ntpd ([^ ]+)[^"]+",.*processor="([^"]+)",.*system="Darwin/?12\.([^"]+)"" flags="REG_DOT_NEWLINE,REG_ICASE">
|
|
268
286
|
<description>ntpd running on Mac OSX 10.8/Mountain Lion</description>
|
|
269
287
|
<example service.version="4.2.6@1.2089-o" os.arch="x86_64" os.version.version="1.0">
|
|
@@ -282,6 +300,7 @@
|
|
|
282
300
|
<param pos="0" name="os.certainty" value="0.9"/>
|
|
283
301
|
<param pos="0" name="os.cpe23" value="cpe:/o:apple:mac_os_x:10.8"/>
|
|
284
302
|
</fingerprint>
|
|
303
|
+
|
|
285
304
|
<fingerprint pattern="^.*version="ntpd ([^ ]+)[^"]+",.*processor="([^"]+)",.*system="Darwin/?13\.([^"]+)"" flags="REG_DOT_NEWLINE,REG_ICASE">
|
|
286
305
|
<description>ntpd running on Mac OSX 10.9/Mavericks</description>
|
|
287
306
|
<example service.version="4.2.6@1.2089-o" os.arch="x86_64" os.version.version="4.0">
|
|
@@ -300,6 +319,7 @@
|
|
|
300
319
|
<param pos="0" name="os.certainty" value="0.9"/>
|
|
301
320
|
<param pos="0" name="os.cpe23" value="cpe:/o:apple:mac_os_x:10.9"/>
|
|
302
321
|
</fingerprint>
|
|
322
|
+
|
|
303
323
|
<fingerprint pattern="^.*version="ntpd ([^ ]+)[^"]+",.*processor="([^"]+)",.*system="Darwin/?14\.([^"]+)"" flags="REG_DOT_NEWLINE,REG_ICASE">
|
|
304
324
|
<description>ntpd running on Mac OSX 10.10/Yosemite</description>
|
|
305
325
|
<example service.version="4.2.6@1.2089-o" os.arch="x86_64" os.version.version="3.0">
|
|
@@ -318,20 +338,30 @@
|
|
|
318
338
|
<param pos="0" name="os.certainty" value="0.9"/>
|
|
319
339
|
<param pos="0" name="os.cpe23" value="cpe:/o:apple:mac_os_x:10.10"/>
|
|
320
340
|
</fingerprint>
|
|
321
|
-
|
|
341
|
+
|
|
342
|
+
<fingerprint pattern="^.*version="ntpd ([^ p]+)(:?p[^ "]+)?[^"]+",.*processor="([^ ]+)",.*system="FreeBSD/?(?:[^ ]+-NETSCALER-([^ ]+))"" flags="REG_DOT_NEWLINE,REG_ICASE">
|
|
322
343
|
<description>ntpd running on Citrix Netscaler, which is based on FreeBSD</description>
|
|
323
|
-
<example>
|
|
344
|
+
<example service.version="4.2.6" service.version.version="p2@1.2194" os.arch="i386" os.version="9.3">
|
|
324
345
|
version="ntpd 4.2.6p2@1.2194 Wed Nov 24 15:54:11 UTC 2010 (1)",
|
|
325
346
|
processor="i386", system="FreeBSD/6.3-NETSCALER-9.3", leap=00, stratum=3,
|
|
326
347
|
</example>
|
|
327
|
-
<
|
|
328
|
-
|
|
348
|
+
<example service.version="4.2.6" service.version.version="p3-a" os.arch="amd64" os.version="10.5">
|
|
349
|
+
version="ntpd 4.2.6p3-a (1)", processor="amd64", system="FreeBSD/8.4-NETSCALER-10.5",
|
|
350
|
+
leap=3, stratum=16, precision=-21, rootdelay=0.000, rootdisp=1264777.230,
|
|
351
|
+
</example>
|
|
329
352
|
<param pos="1" name="service.version"/>
|
|
353
|
+
<param pos="2" name="service.version.version"/>
|
|
354
|
+
<param pos="0" name="service.vendor" value="NTP"/>
|
|
355
|
+
<param pos="0" name="service.product" value="NTP"/>
|
|
356
|
+
<param pos="0" name="service.cpe23" value="cpe:/a:ntp:ntp:{service.version}"/>
|
|
330
357
|
<param pos="0" name="os.vendor" value="Citrix"/>
|
|
358
|
+
<param pos="0" name="os.family" value="NetScaler"/>
|
|
359
|
+
<param pos="0" name="os.device" value="Network Management Device"/>
|
|
331
360
|
<param pos="0" name="os.product" value="NetScaler"/>
|
|
332
|
-
<param pos="
|
|
333
|
-
<param pos="
|
|
361
|
+
<param pos="3" name="os.arch"/>
|
|
362
|
+
<param pos="4" name="os.version"/>
|
|
334
363
|
</fingerprint>
|
|
364
|
+
|
|
335
365
|
<fingerprint pattern="^.*version="ntpd ([^ ]+)[^"]+",.*processor="([^ ]+)",.*system="FreeBSD/?([^ ]+)"" flags="REG_DOT_NEWLINE,REG_ICASE">
|
|
336
366
|
<description>ntpd running on FreeBSD</description>
|
|
337
367
|
<example>
|
|
@@ -348,6 +378,7 @@
|
|
|
348
378
|
<param pos="3" name="os.version"/>
|
|
349
379
|
<param pos="0" name="os.cpe23" value="cpe:/o:freebsd:freebsd:{os.version}"/>
|
|
350
380
|
</fingerprint>
|
|
381
|
+
|
|
351
382
|
<fingerprint pattern="^.*processor="([^ ]+)",.*system="FreeBSD/?([^ ]+)"" flags="REG_DOT_NEWLINE,REG_ICASE">
|
|
352
383
|
<description>ntp without a version on FreeBSD</description>
|
|
353
384
|
<example os.arch="i386" os.version="4.1-RELEASE">
|
|
@@ -363,6 +394,7 @@
|
|
|
363
394
|
<param pos="2" name="os.version"/>
|
|
364
395
|
<param pos="0" name="os.cpe23" value="cpe:/o:freebsd:freebsd:{os.version}"/>
|
|
365
396
|
</fingerprint>
|
|
397
|
+
|
|
366
398
|
<fingerprint pattern="^.*version="ntpd ([^ ]+)[^"]+",.*processor="([^ ]+)",.*system="NetBSD/?([^ ]+)"" flags="REG_DOT_NEWLINE,REG_ICASE">
|
|
367
399
|
<description>ntpd running on NetBSD</description>
|
|
368
400
|
<example>
|
|
@@ -379,6 +411,7 @@
|
|
|
379
411
|
<param pos="3" name="os.version"/>
|
|
380
412
|
<param pos="0" name="os.cpe23" value="cpe:/o:netbsd:netbsd:{os.version}"/>
|
|
381
413
|
</fingerprint>
|
|
414
|
+
|
|
382
415
|
<fingerprint pattern="^.*processor="([^ ]+)",.*system="NetBSD/?([^ ]+)"" flags="REG_DOT_NEWLINE,REG_ICASE">
|
|
383
416
|
<description>ntpd running on NetBSD - variant 2</description>
|
|
384
417
|
<example os.arch="i386" os.version="1.5.3">
|
|
@@ -421,6 +454,7 @@
|
|
|
421
454
|
<param pos="2" name="os.version"/>
|
|
422
455
|
<param pos="0" name="os.cpe23" value="cpe:/o:netbsd:netbsd:{os.version}"/>
|
|
423
456
|
</fingerprint>
|
|
457
|
+
|
|
424
458
|
<fingerprint pattern="^.*system="NetWare"" flags="REG_DOT_NEWLINE,REG_ICASE">
|
|
425
459
|
<description>NetWare</description>
|
|
426
460
|
<example>
|
|
@@ -431,6 +465,7 @@
|
|
|
431
465
|
<param pos="0" name="os.product" value="NetWare"/>
|
|
432
466
|
<param pos="0" name="os.cpe23" value="cpe:/o:novell:netware:-"/>
|
|
433
467
|
</fingerprint>
|
|
468
|
+
|
|
434
469
|
<fingerprint pattern="^.*version="ntpd ([^ ]+)[^"]+",.*processor="([^ ]+)",.*system="SunOS/?5.0"" flags="REG_DOT_NEWLINE,REG_ICASE">
|
|
435
470
|
<description>ntpd running on Solaris 2.0 (SunOS/5.0) </description>
|
|
436
471
|
<example service.version="4.2.0@1.1161-r" os.arch="sun4u">
|
|
@@ -451,6 +486,7 @@
|
|
|
451
486
|
<param pos="2" name="os.arch"/>
|
|
452
487
|
<param pos="0" name="os.cpe23" value="cpe:/o:sun:solaris:2.0"/>
|
|
453
488
|
</fingerprint>
|
|
489
|
+
|
|
454
490
|
<fingerprint pattern="^.*version="ntpd ([^ ]+)[^"]+",.*processor="([^ ]+)",.*system="SunOS/?5.1"" flags="REG_DOT_NEWLINE,REG_ICASE">
|
|
455
491
|
<description> ntpd running on Solaris 2.1 (SunOS/5.1) </description>
|
|
456
492
|
<example service.version="4.2.0@1.1161-r" os.arch="sun4u">
|
|
@@ -471,6 +507,7 @@
|
|
|
471
507
|
<param pos="2" name="os.arch"/>
|
|
472
508
|
<param pos="0" name="os.cpe23" value="cpe:/o:sun:solaris:2.1"/>
|
|
473
509
|
</fingerprint>
|
|
510
|
+
|
|
474
511
|
<fingerprint pattern="^.*version="ntpd ([^ ]+)[^"]+",.*processor="([^ ]+)",.*system="SunOS/?5.2"" flags="REG_DOT_NEWLINE,REG_ICASE">
|
|
475
512
|
<description> ntpd running on Solaris 2.2 (SunOS/5.2) </description>
|
|
476
513
|
<example service.version="4.2.0@1.1161-r" os.arch="sun4u">
|
|
@@ -491,6 +528,7 @@
|
|
|
491
528
|
<param pos="2" name="os.arch"/>
|
|
492
529
|
<param pos="0" name="os.cpe23" value="cpe:/o:sun:solaris:2.2"/>
|
|
493
530
|
</fingerprint>
|
|
531
|
+
|
|
494
532
|
<fingerprint pattern="^.*version="ntpd ([^ ]+)[^"]+",.*processor="([^ ]+)",.*system="SunOS/?5.3"" flags="REG_DOT_NEWLINE,REG_ICASE">
|
|
495
533
|
<description> ntpd running on Solaris 2.3 (SunOS/5.3) </description>
|
|
496
534
|
<example service.version="4.2.0@1.1161-r" os.arch="sun4u">
|
|
@@ -511,6 +549,7 @@
|
|
|
511
549
|
<param pos="2" name="os.arch"/>
|
|
512
550
|
<param pos="0" name="os.cpe23" value="cpe:/o:sun:solaris:2.3"/>
|
|
513
551
|
</fingerprint>
|
|
552
|
+
|
|
514
553
|
<fingerprint pattern="^.*version="ntpd ([^ ]+)[^"]+",.*processor="([^ ]+)",.*system="SunOS/?5.4"" flags="REG_DOT_NEWLINE,REG_ICASE">
|
|
515
554
|
<description>ntpd running on Solaris 2.4 (SunOS/5.4) </description>
|
|
516
555
|
<example service.version="4.2.0@1.1161-r" os.arch="sun4u">
|
|
@@ -531,6 +570,7 @@
|
|
|
531
570
|
<param pos="2" name="os.arch"/>
|
|
532
571
|
<param pos="0" name="os.cpe23" value="cpe:/o:sun:solaris:2.4"/>
|
|
533
572
|
</fingerprint>
|
|
573
|
+
|
|
534
574
|
<fingerprint pattern="^.*version="ntpd ([^ ]+)[^"]+",.*processor="([^ ]+)",.*system="SunOS/?5.5"" flags="REG_DOT_NEWLINE,REG_ICASE">
|
|
535
575
|
<description>ntpd running on Solaris 2.5 (SunOS/5.5) </description>
|
|
536
576
|
<example service.version="4.2.0@1.1161-r" os.arch="sun4u">
|
|
@@ -551,6 +591,7 @@
|
|
|
551
591
|
<param pos="2" name="os.arch"/>
|
|
552
592
|
<param pos="0" name="os.cpe23" value="cpe:/o:sun:solaris:2.5"/>
|
|
553
593
|
</fingerprint>
|
|
594
|
+
|
|
554
595
|
<fingerprint pattern="^.*version="ntpd ([^ ]+)[^"]+",.*processor="([^ ]+)",.*system="SunOS/?5.6"" flags="REG_DOT_NEWLINE,REG_ICASE">
|
|
555
596
|
<description>ntpd running on Solaris 2.6 (SunOS/5.6) </description>
|
|
556
597
|
<example service.version="4.2.0@1.1161-r" os.arch="sun4u">
|
|
@@ -571,6 +612,7 @@
|
|
|
571
612
|
<param pos="2" name="os.arch"/>
|
|
572
613
|
<param pos="0" name="os.cpe23" value="cpe:/o:sun:solaris:2.6"/>
|
|
573
614
|
</fingerprint>
|
|
615
|
+
|
|
574
616
|
<fingerprint pattern="^.*version="ntpd ([^ ]+)[^"]+",.*processor="([^ ]+)",.*system="SunOS/?5.(1[1-9])"" flags="REG_DOT_NEWLINE,REG_ICASE">
|
|
575
617
|
<description>ntpd running on Solaris 11 or above (SunOS/5.11 and above) </description>
|
|
576
618
|
<example service.version="4.2.0@1.1161-r" os.arch="sun4u" os.version="11">
|
|
@@ -591,6 +633,7 @@
|
|
|
591
633
|
<param pos="3" name="os.version"/>
|
|
592
634
|
<param pos="0" name="os.cpe23" value="cpe:/o:oracle:solaris:{os.version}"/>
|
|
593
635
|
</fingerprint>
|
|
636
|
+
|
|
594
637
|
<fingerprint pattern="^.*version="ntpd ([^ ]+)[^"]+",.*processor="([^ ]+)",.*system="SunOS/?5.([789]|10)"" flags="REG_DOT_NEWLINE,REG_ICASE">
|
|
595
638
|
<description>ntpd running on Solaris 7-Solaris 10 (SunOS/5.7 - SunOS/5.10) </description>
|
|
596
639
|
<example service.version="4.2.0@1.1161-r" os.arch="sun4u" os.version="7">
|
|
@@ -619,6 +662,7 @@
|
|
|
619
662
|
<param pos="3" name="os.version"/>
|
|
620
663
|
<param pos="0" name="os.cpe23" value="cpe:/o:sun:solaris:{os.version}"/>
|
|
621
664
|
</fingerprint>
|
|
665
|
+
|
|
622
666
|
<fingerprint pattern="^.*processor="([^ ]+)",.*system="SunOS/?5.0"" flags="REG_DOT_NEWLINE,REG_ICASE">
|
|
623
667
|
<description>Solaris 2.0 (SunOS/5.0) with no ntp version</description>
|
|
624
668
|
<example os.arch="sun4m">
|
|
@@ -634,6 +678,7 @@
|
|
|
634
678
|
<param pos="1" name="os.arch"/>
|
|
635
679
|
<param pos="0" name="os.cpe23" value="cpe:/o:sun:solaris:2.0"/>
|
|
636
680
|
</fingerprint>
|
|
681
|
+
|
|
637
682
|
<fingerprint pattern="^.*processor="([^ ]+)",.*system="SunOS/?5.1"" flags="REG_DOT_NEWLINE,REG_ICASE">
|
|
638
683
|
<description>Solaris 2.1 (SunOS/5.1) with no ntp version</description>
|
|
639
684
|
<example os.arch="sun4m">
|
|
@@ -649,6 +694,7 @@
|
|
|
649
694
|
<param pos="1" name="os.arch"/>
|
|
650
695
|
<param pos="0" name="os.cpe23" value="cpe:/o:sun:solaris:2.1"/>
|
|
651
696
|
</fingerprint>
|
|
697
|
+
|
|
652
698
|
<fingerprint pattern="^.*processor="([^ ]+)",.*system="SunOS/?5.2"" flags="REG_DOT_NEWLINE,REG_ICASE">
|
|
653
699
|
<description>Solaris 2.2 (SunOS/5.2) with no ntp version</description>
|
|
654
700
|
<example os.arch="sun4m">
|
|
@@ -664,6 +710,7 @@
|
|
|
664
710
|
<param pos="1" name="os.arch"/>
|
|
665
711
|
<param pos="0" name="os.cpe23" value="cpe:/o:sun:solaris:2.2"/>
|
|
666
712
|
</fingerprint>
|
|
713
|
+
|
|
667
714
|
<fingerprint pattern="^.*processor="([^ ]+)",.*system="SunOS/?5.3"" flags="REG_DOT_NEWLINE,REG_ICASE">
|
|
668
715
|
<description>Solaris 2.3 (SunOS/5.3) with no ntp version</description>
|
|
669
716
|
<example os.arch="sun4m">
|
|
@@ -679,6 +726,7 @@
|
|
|
679
726
|
<param pos="1" name="os.arch"/>
|
|
680
727
|
<param pos="0" name="os.cpe23" value="cpe:/o:sun:solaris:2.3"/>
|
|
681
728
|
</fingerprint>
|
|
729
|
+
|
|
682
730
|
<fingerprint pattern="^.*processor="([^ ]+)",.*system="SunOS/?5.4"" flags="REG_DOT_NEWLINE,REG_ICASE">
|
|
683
731
|
<description>Solaris 2.4 (SunOS/5.4) with no ntp version</description>
|
|
684
732
|
<example os.arch="sun4m">
|
|
@@ -694,6 +742,7 @@
|
|
|
694
742
|
<param pos="1" name="os.arch"/>
|
|
695
743
|
<param pos="0" name="os.cpe23" value="cpe:/o:sun:solaris:2.4"/>
|
|
696
744
|
</fingerprint>
|
|
745
|
+
|
|
697
746
|
<fingerprint pattern="^.*processor="([^ ]+)",.*system="SunOS/?5.5"" flags="REG_DOT_NEWLINE,REG_ICASE">
|
|
698
747
|
<description>Solaris 2.5 (SunOS/5.5) with no ntp version</description>
|
|
699
748
|
<example os.arch="sun4m">
|
|
@@ -709,6 +758,7 @@
|
|
|
709
758
|
<param pos="1" name="os.arch"/>
|
|
710
759
|
<param pos="0" name="os.cpe23" value="cpe:/o:sun:solaris:2.5"/>
|
|
711
760
|
</fingerprint>
|
|
761
|
+
|
|
712
762
|
<fingerprint pattern="^.*processor="([^ ]+)",.*system="SunOS/?5.6"" flags="REG_DOT_NEWLINE,REG_ICASE">
|
|
713
763
|
<description>Solaris 2.6 (SunOS/5.6) with no ntp version</description>
|
|
714
764
|
<example os.arch="sun4m">
|
|
@@ -724,6 +774,7 @@
|
|
|
724
774
|
<param pos="1" name="os.arch"/>
|
|
725
775
|
<param pos="0" name="os.cpe23" value="cpe:/o:sun:solaris:2.6"/>
|
|
726
776
|
</fingerprint>
|
|
777
|
+
|
|
727
778
|
<fingerprint pattern="^.*processor="([^ ]+)",.*system="SunOS/?5.([789]|10)"" flags="REG_DOT_NEWLINE,REG_ICASE">
|
|
728
779
|
<description>Solaris 7-10 (SunOS/5.7 - SunOS/5.10) with no ntp version</description>
|
|
729
780
|
<example os.arch="sun4m" os.version="7">
|
|
@@ -745,6 +796,7 @@
|
|
|
745
796
|
<param pos="2" name="os.version"/>
|
|
746
797
|
<param pos="0" name="os.cpe23" value="cpe:/o:sun:solaris:{os.version}"/>
|
|
747
798
|
</fingerprint>
|
|
799
|
+
|
|
748
800
|
<fingerprint pattern="^.*processor="([^ ]+)",.*system="SunOS/?5.(1[1-9])"" flags="REG_DOT_NEWLINE,REG_ICASE">
|
|
749
801
|
<description>Solaris 11 and up with no ntp version</description>
|
|
750
802
|
<example os.arch="sun4m" os.version="11">
|
|
@@ -760,6 +812,7 @@
|
|
|
760
812
|
<param pos="2" name="os.version"/>
|
|
761
813
|
<param pos="0" name="os.cpe23" value="cpe:/o:oracle:solaris:{os.version}"/>
|
|
762
814
|
</fingerprint>
|
|
815
|
+
|
|
763
816
|
<fingerprint pattern="^.*system="UNIX/SunOS ([^ ]+)"" flags="REG_DOT_NEWLINE,REG_ICASE">
|
|
764
817
|
<description>SunOS with no ntp version</description>
|
|
765
818
|
<example>
|
|
@@ -771,6 +824,7 @@
|
|
|
771
824
|
<param pos="1" name="os.version"/>
|
|
772
825
|
<param pos="0" name="os.cpe23" value="cpe:/o:sun:solaris:{os.version}"/>
|
|
773
826
|
</fingerprint>
|
|
827
|
+
|
|
774
828
|
<fingerprint pattern="^.*version="ntpd ([^ ]+)[^"]+",.*processor="([^ ]+)",.*system="JUNOS/?([^ ]+)"" flags="REG_DOT_NEWLINE,REG_ICASE">
|
|
775
829
|
<description>ntpd running on Juniper/Netscreen JunOS</description>
|
|
776
830
|
<example>
|
|
@@ -787,6 +841,7 @@
|
|
|
787
841
|
<param pos="3" name="os.version"/>
|
|
788
842
|
<param pos="0" name="os.cpe23" value="cpe:/o:juniper:junos:{os.version}"/>
|
|
789
843
|
</fingerprint>
|
|
844
|
+
|
|
790
845
|
<fingerprint pattern="processor="([^ ]+)",.*system="JUNOS/?([^ ]+)"" flags="REG_DOT_NEWLINE,REG_ICASE">
|
|
791
846
|
<description>Juniper/Netscreen JunOS NTP without a version</description>
|
|
792
847
|
<example os.arch="i386" os.version="7.0R2.7">processor="i386", system="JUNOS7.0R2.7", leap=0, stratum=3</example>
|
|
@@ -799,6 +854,7 @@
|
|
|
799
854
|
<param pos="2" name="os.version"/>
|
|
800
855
|
<param pos="0" name="os.cpe23" value="cpe:/o:juniper:junos:{os.version}"/>
|
|
801
856
|
</fingerprint>
|
|
857
|
+
|
|
802
858
|
<fingerprint pattern="^.*version="ntpd ([^ ]+)[^"]+",.*processor="([^ ]+)",.*system="Windows/?([^ ]+)?"" flags="REG_DOT_NEWLINE,REG_ICASE">
|
|
803
859
|
<description>ntpd running on Windows</description>
|
|
804
860
|
<example>
|
|
@@ -819,6 +875,7 @@
|
|
|
819
875
|
<param pos="3" name="os.version"/>
|
|
820
876
|
<param pos="0" name="os.cpe23" value="cpe:/o:microsoft:windows:{os.version}"/>
|
|
821
877
|
</fingerprint>
|
|
878
|
+
|
|
822
879
|
<fingerprint pattern="^.*version="ntpd ([^ ]+)[^"]+",.*processor="([^ ]+)",.*system="HP-UX/?([^ ]+)?"" flags="REG_DOT_NEWLINE,REG_ICASE">
|
|
823
880
|
<description>ntpd running on HP-UX</description>
|
|
824
881
|
<example>
|
|
@@ -835,6 +892,7 @@
|
|
|
835
892
|
<param pos="3" name="os.version"/>
|
|
836
893
|
<param pos="0" name="os.cpe23" value="cpe:/o:hp:hp-ux:{os.version}"/>
|
|
837
894
|
</fingerprint>
|
|
895
|
+
|
|
838
896
|
<fingerprint pattern="^.*version="ntpd ([^ ]+)[^"]+",.*processor=,.*system="HP-UX/"" flags="REG_DOT_NEWLINE,REG_ICASE">
|
|
839
897
|
<description>ntpd running on HP-UX with an empty processor</description>
|
|
840
898
|
<example service.version="4.2.6">
|
|
@@ -849,6 +907,7 @@
|
|
|
849
907
|
<param pos="0" name="os.product" value="HP-UX"/>
|
|
850
908
|
<param pos="0" name="os.cpe23" value="cpe:/o:hp:hp-ux:-"/>
|
|
851
909
|
</fingerprint>
|
|
910
|
+
|
|
852
911
|
<fingerprint pattern="^.*version="ntpd ([^ ]+)[^"]+",.*processor="[^ ]+",.*system="([^ ]+)-hp-hpux([^ ]+)"" flags="REG_DOT_NEWLINE,REG_ICASE">
|
|
853
912
|
<description>ntpd running on HP-UX, where the processor is in the 'system' variable</description>
|
|
854
913
|
<example>
|
|
@@ -865,6 +924,7 @@
|
|
|
865
924
|
<param pos="3" name="os.version"/>
|
|
866
925
|
<param pos="0" name="os.cpe23" value="cpe:/o:hp:hp-ux:{os.version}"/>
|
|
867
926
|
</fingerprint>
|
|
927
|
+
|
|
868
928
|
<fingerprint pattern="^.*version="ntpd ([^ ]+)[^"]+",.*processor="([^ ]+)",.*system="VMkernel/?([^ ]+)?"" flags="REG_DOT_NEWLINE,REG_ICASE">
|
|
869
929
|
<description>ntpd running on VMware ESXi</description>
|
|
870
930
|
<example>
|
|
@@ -881,6 +941,7 @@
|
|
|
881
941
|
<param pos="3" name="os.version"/>
|
|
882
942
|
<param pos="0" name="os.cpe23" value="cpe:/o:vmware:esxi:{os.version}"/>
|
|
883
943
|
</fingerprint>
|
|
944
|
+
|
|
884
945
|
<fingerprint pattern=".*processor="([^ ]+)",.*system="OSF1[/V]?([^ ]+)"" flags="REG_DOT_NEWLINE,REG_ICASE">
|
|
885
946
|
<description>ntpd running on OSF/1</description>
|
|
886
947
|
<example os.arch="alpha" os.version="4.0">
|
|
@@ -893,6 +954,7 @@
|
|
|
893
954
|
<param pos="2" name="os.version"/>
|
|
894
955
|
<param pos="1" name="os.arch"/>
|
|
895
956
|
</fingerprint>
|
|
957
|
+
|
|
896
958
|
<fingerprint pattern=".*system="UNIX/DECOSF1"" flags="REG_DOT_NEWLINE,REG_ICASE">
|
|
897
959
|
<description>DEC OSF/1</description>
|
|
898
960
|
<example>
|
|
@@ -901,6 +963,7 @@
|
|
|
901
963
|
<param pos="0" name="os.vendor" value="DEC"/>
|
|
902
964
|
<param pos="0" name="os.product" value="OSF/1"/>
|
|
903
965
|
</fingerprint>
|
|
966
|
+
|
|
904
967
|
<fingerprint pattern="^.*system="Linux"" flags="REG_DOT_NEWLINE,REG_ICASE">
|
|
905
968
|
<description>Linux with NTP enabled, no processor/version</description>
|
|
906
969
|
<example>
|
|
@@ -913,6 +976,7 @@
|
|
|
913
976
|
<param pos="0" name="service.family" value="NTP"/>
|
|
914
977
|
<param pos="0" name="service.product" value="NTP"/>
|
|
915
978
|
</fingerprint>
|
|
979
|
+
|
|
916
980
|
<fingerprint pattern="^.*system="UNIX/AIX"" flags="REG_DOT_NEWLINE,REG_ICASE">
|
|
917
981
|
<description>AIX with NTP enabled, no processor/version</description>
|
|
918
982
|
<example>
|
|
@@ -926,6 +990,7 @@
|
|
|
926
990
|
<param pos="0" name="service.product" value="NTP"/>
|
|
927
991
|
<param pos="0" name="service.vendor" value="IBM"/>
|
|
928
992
|
</fingerprint>
|
|
993
|
+
|
|
929
994
|
<fingerprint pattern="^.*system="SunOS"" flags="REG_DOT_NEWLINE,REG_ICASE">
|
|
930
995
|
<description>Solaris with NTP enabled, no processor/version</description>
|
|
931
996
|
<example>
|
|
@@ -939,6 +1004,7 @@
|
|
|
939
1004
|
<param pos="0" name="service.product" value="NTP"/>
|
|
940
1005
|
<param pos="0" name="service.vendor" value="Sun"/>
|
|
941
1006
|
</fingerprint>
|
|
1007
|
+
|
|
942
1008
|
<fingerprint pattern="^.*system="cisco"" flags="REG_DOT_NEWLINE,REG_ICASE">
|
|
943
1009
|
<description>Cisco IOS with NTP enabled</description>
|
|
944
1010
|
<example>
|
|
@@ -952,6 +1018,7 @@
|
|
|
952
1018
|
<param pos="0" name="service.product" value="NTP"/>
|
|
953
1019
|
<param pos="0" name="service.vendor" value="Cisco"/>
|
|
954
1020
|
</fingerprint>
|
|
1021
|
+
|
|
955
1022
|
<fingerprint pattern="^.*system="Data ONTAP/+(\S+)".*$" flags="REG_DOT_NEWLINE,REG_ICASE">
|
|
956
1023
|
<description>NetApp file servers</description>
|
|
957
1024
|
<example>
|
|
@@ -964,6 +1031,7 @@
|
|
|
964
1031
|
<param pos="1" name="os.version"/>
|
|
965
1032
|
<param pos="0" name="os.cpe23" value="cpe:/o:netapp:data_ontap:{os.version}"/>
|
|
966
1033
|
</fingerprint>
|
|
1034
|
+
|
|
967
1035
|
<fingerprint pattern="system="UNIX/HPUX"" flags="REG_ICASE">
|
|
968
1036
|
<description>Generic HPUX</description>
|
|
969
1037
|
<example>
|
|
@@ -977,6 +1045,7 @@
|
|
|
977
1045
|
<param pos="0" name="os.product" value="HP-UX"/>
|
|
978
1046
|
<param pos="0" name="os.cpe23" value="cpe:/o:hp:hp-ux:-"/>
|
|
979
1047
|
</fingerprint>
|
|
1048
|
+
|
|
980
1049
|
<fingerprint pattern="system="UNIX"" flags="REG_ICASE">
|
|
981
1050
|
<description>Generic UNIX</description>
|
|
982
1051
|
<example>
|
|
@@ -986,6 +1055,7 @@
|
|
|
986
1055
|
<param pos="0" name="os.product" value="UNIX"/>
|
|
987
1056
|
<param pos="0" name="os.certainty" value="0.5"/>
|
|
988
1057
|
</fingerprint>
|
|
1058
|
+
|
|
989
1059
|
<fingerprint pattern="system="VxWorks(?:/TORNADO)?"" flags="REG_ICASE">
|
|
990
1060
|
<description>Generic VxWorks</description>
|
|
991
1061
|
<example>
|
|
@@ -1001,6 +1071,7 @@
|
|
|
1001
1071
|
<param pos="0" name="os.product" value="VxWorks"/>
|
|
1002
1072
|
<param pos="0" name="os.cpe23" value="cpe:/o:windriver:vxworks:-"/>
|
|
1003
1073
|
</fingerprint>
|
|
1074
|
+
|
|
1004
1075
|
<fingerprint pattern="system="arm-wrs-vxworks"" flags="REG_ICASE">
|
|
1005
1076
|
<description>VxWorks ARM, cross-compiled on Linux</description>
|
|
1006
1077
|
<example>
|
|
@@ -1011,6 +1082,7 @@
|
|
|
1011
1082
|
<param pos="0" name="os.arch" value="ARM"/>
|
|
1012
1083
|
<param pos="0" name="os.cpe23" value="cpe:/o:windriver:vxworks:-"/>
|
|
1013
1084
|
</fingerprint>
|
|
1085
|
+
|
|
1014
1086
|
<fingerprint pattern="system="i386-wrs-vxworks"" flags="REG_ICASE">
|
|
1015
1087
|
<description>VxWorks x86, cross-compiled on Linux</description>
|
|
1016
1088
|
<example>
|
|
@@ -1021,6 +1093,7 @@
|
|
|
1021
1093
|
<param pos="0" name="os.arch" value="x86"/>
|
|
1022
1094
|
<param pos="0" name="os.cpe23" value="cpe:/o:windriver:vxworks:-"/>
|
|
1023
1095
|
</fingerprint>
|
|
1096
|
+
|
|
1024
1097
|
<fingerprint pattern="system="UNIX/Unixware([^ ]+)"" flags="REG_ICASE">
|
|
1025
1098
|
<description>SCO Unixware NTP</description>
|
|
1026
1099
|
<example>
|
|
@@ -1033,6 +1106,7 @@
|
|
|
1033
1106
|
<param pos="0" name="os.vendor" value="SCO"/>
|
|
1034
1107
|
<param pos="1" name="os.product"/>
|
|
1035
1108
|
</fingerprint>
|
|
1109
|
+
|
|
1036
1110
|
<fingerprint pattern="^.*processor="([^"]+)", system="SCO_SV([\d\.]+)"" flags="REG_DOT_NEWLINE,REG_ICASE">
|
|
1037
1111
|
<description>SCO Unixware NTP - SCO_SV variant</description>
|
|
1038
1112
|
<example os.version="3.2" os.arch="i386">
|
|
@@ -1043,6 +1117,7 @@
|
|
|
1043
1117
|
<param pos="1" name="os.arch"/>
|
|
1044
1118
|
<param pos="2" name="os.version"/>
|
|
1045
1119
|
</fingerprint>
|
|
1120
|
+
|
|
1046
1121
|
<fingerprint pattern="^.*version="ntpd ([^ ]+)[^"]+",.*\s*processor="([^ ]+)",.*system="SecureOS/([^ ]+)"" flags="REG_DOT_NEWLINE,REG_ICASE">
|
|
1047
1122
|
<description>McAfee Network Firewall Enterprise NTP (SecureOS)</description>
|
|
1048
1123
|
<example>
|
|
@@ -1069,6 +1144,7 @@
|
|
|
1069
1144
|
<param pos="2" name="os.arch"/>
|
|
1070
1145
|
<param pos="3" name="os.version"/>
|
|
1071
1146
|
</fingerprint>
|
|
1147
|
+
|
|
1072
1148
|
<fingerprint pattern="^.*processor="([^ ]+)".*system="Linux([^ ]+)"" flags="REG_DOT_NEWLINE,REG_ICASE">
|
|
1073
1149
|
<description>ntpd running on linux</description>
|
|
1074
1150
|
<example>
|
|
@@ -1095,6 +1171,7 @@
|
|
|
1095
1171
|
<param pos="2" name="os.version"/>
|
|
1096
1172
|
<param pos="0" name="os.cpe23" value="cpe:/o:linux:linux_kernel:{os.version}"/>
|
|
1097
1173
|
</fingerprint>
|
|
1174
|
+
|
|
1098
1175
|
<fingerprint pattern=".*version="ntpd (\S+)[^"]+",.*\s*processor="([^ ]+)".*system="Isilon OneFS/v([^ ]+)"" flags="REG_DOT_NEWLINE,REG_ICASE">
|
|
1099
1176
|
<description>Isilon OneFS NTP Server</description>
|
|
1100
1177
|
<example>
|
|
@@ -1113,6 +1190,7 @@
|
|
|
1113
1190
|
<param pos="2" name="os.arch"/>
|
|
1114
1191
|
<param pos="3" name="os.version"/>
|
|
1115
1192
|
</fingerprint>
|
|
1193
|
+
|
|
1116
1194
|
<fingerprint pattern="system="IPSO"" flags="REG_DOT_NEWLINE,REG_ICASE">
|
|
1117
1195
|
<description>Nokia IPSO NTP</description>
|
|
1118
1196
|
<example>
|
|
@@ -1133,6 +1211,7 @@
|
|
|
1133
1211
|
<param pos="0" name="os.device" value="Firewall"/>
|
|
1134
1212
|
<param pos="0" name="os.cpe23" value="cpe:/o:nokia:ipso:-"/>
|
|
1135
1213
|
</fingerprint>
|
|
1214
|
+
|
|
1136
1215
|
<fingerprint pattern="system="UNIX/Solaris\s[^ ]+"" flags="REG_DOT_NEWLINE,REG_ICASE">
|
|
1137
1216
|
<description>Sun Solaris NTP</description>
|
|
1138
1217
|
<example>
|
|
@@ -1155,6 +1234,7 @@
|
|
|
1155
1234
|
<param pos="0" name="service.product" value="NTP"/>
|
|
1156
1235
|
<param pos="0" name="service.vendor" value="Sun"/>
|
|
1157
1236
|
</fingerprint>
|
|
1237
|
+
|
|
1158
1238
|
<fingerprint pattern="version="ntpd version = ([^ ]+)",\s*processor="([A-Z0-9]+)",\s*system="OpenVMS/V([A-Z0-9.-]+)" flags="REG_DOT_NEWLINE,REG_ICASE">
|
|
1159
1239
|
<description>OpenVMS NTP Server</description>
|
|
1160
1240
|
<example service.version="4.2.0" os.arch="PHMNFP" os.version="8.3">
|
|
@@ -1181,6 +1261,7 @@
|
|
|
1181
1261
|
<param pos="3" name="os.version"/>
|
|
1182
1262
|
<param pos="0" name="os.cpe23" value="cpe:/o:hp:openvms:{os.version}"/>
|
|
1183
1263
|
</fingerprint>
|
|
1264
|
+
|
|
1184
1265
|
<fingerprint pattern="version="ntpd version = ([^ ]+)",\s*processor="unknown",\s*system="OpenVMS AXP"" flags="REG_DOT_NEWLINE,REG_ICASE">
|
|
1185
1266
|
<description>OpenVMS AXP (Alpha) NTP Server</description>
|
|
1186
1267
|
<example service.version="4.1.0" os.arch="Alpha">
|
|
@@ -1193,6 +1274,7 @@
|
|
|
1193
1274
|
<param pos="0" name="os.product" value="OpenVMS"/>
|
|
1194
1275
|
<param pos="0" name="os.arch" value="Alpha"/>
|
|
1195
1276
|
</fingerprint>
|
|
1277
|
+
|
|
1196
1278
|
<fingerprint pattern=".*version="ntpd ([^ ]+)[^"]+",\s*processor="([^ ]+)",\s*system="BIG-IPBIG-IP\s+([^"]+)"" flags="REG_DOT_NEWLINE,REG_ICASE">
|
|
1197
1279
|
<description>F5 Big-IP Load Balancers NTP</description>
|
|
1198
1280
|
<example service.version="4.1.1a@1.791" os.arch="i386" os.version="4.5PTF-0">
|
|
@@ -1211,6 +1293,7 @@
|
|
|
1211
1293
|
<param pos="2" name="os.arch"/>
|
|
1212
1294
|
<param pos="3" name="os.version"/>
|
|
1213
1295
|
</fingerprint>
|
|
1296
|
+
|
|
1214
1297
|
<fingerprint pattern=".*version="ntpd ([^ ]+)[^"]+",\s*processor,\s*system="/"" flags="REG_DOT_NEWLINE,REG_ICASE">
|
|
1215
1298
|
<description>NTP on an unknown system</description>
|
|
1216
1299
|
<example service.version="4.2.6p2-RC4@1.2180-o">
|
|
@@ -1220,4 +1303,5 @@
|
|
|
1220
1303
|
<param pos="0" name="service.product" value="NTP"/>
|
|
1221
1304
|
<param pos="1" name="service.version"/>
|
|
1222
1305
|
</fingerprint>
|
|
1223
|
-
|
|
1306
|
+
|
|
1307
|
+
</fingerprints>
|