recog 0.01
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- data/.gitignore +3 -0
- data/.rspec +2 -0
- data/Gemfile +9 -0
- data/Gemfile.lock +42 -0
- data/LICENSE +23 -0
- data/README.md +63 -0
- data/bin/recog_export.rb +81 -0
- data/bin/recog_match.rb +51 -0
- data/bin/recog_verify.rb +45 -0
- data/features/match.feature +16 -0
- data/features/support/env.rb +5 -0
- data/features/verify.feature +31 -0
- data/features/xml/banners.xml +2 -0
- data/features/xml/failing_banners_fingerprints.xml +20 -0
- data/features/xml/matching_banners_fingerprints.xml +22 -0
- data/features/xml/no_tests.xml +53 -0
- data/features/xml/successful_tests.xml +33 -0
- data/features/xml/tests_with_failures.xml +10 -0
- data/features/xml/tests_with_warnings.xml +10 -0
- data/lib/recog.rb +3 -0
- data/lib/recog/db.rb +38 -0
- data/lib/recog/db_manager.rb +27 -0
- data/lib/recog/fingerprint.rb +60 -0
- data/lib/recog/formatter.rb +51 -0
- data/lib/recog/match_reporter.rb +77 -0
- data/lib/recog/matcher.rb +60 -0
- data/lib/recog/matcher_factory.rb +14 -0
- data/lib/recog/nizer.rb +263 -0
- data/lib/recog/verifier.rb +46 -0
- data/lib/recog/verifier_factory.rb +13 -0
- data/lib/recog/verify_reporter.rb +85 -0
- data/lib/recog/version.rb +3 -0
- data/recog.gemspec +34 -0
- data/spec/data/best_os_match_1.yml +17 -0
- data/spec/data/best_os_match_2.yml +17 -0
- data/spec/data/best_service_match_1.yml +17 -0
- data/spec/data/smb_native_os.txt +31 -0
- data/spec/data/test_fingerprints.xml +24 -0
- data/spec/lib/db_spec.rb +89 -0
- data/spec/lib/formatter_spec.rb +69 -0
- data/spec/lib/match_reporter_spec.rb +90 -0
- data/spec/lib/nizer_spec.rb +124 -0
- data/spec/lib/verify_reporter_spec.rb +112 -0
- data/xml/apache_os.xml +295 -0
- data/xml/architecture.xml +45 -0
- data/xml/ftp_banners.xml +808 -0
- data/xml/h323_callresp.xml +701 -0
- data/xml/hp_pjl_id.xml +435 -0
- data/xml/http_cookies.xml +379 -0
- data/xml/http_servers.xml +3326 -0
- data/xml/http_wwwauth.xml +412 -0
- data/xml/imap_banners.xml +267 -0
- data/xml/nntp_banners.xml +51 -0
- data/xml/ntp_banners.xml +538 -0
- data/xml/pop_banners.xml +452 -0
- data/xml/rsh_resp.xml +90 -0
- data/xml/sip_banners.xml +14 -0
- data/xml/smb_native_os.xml +385 -0
- data/xml/smtp_banners.xml +1738 -0
- data/xml/smtp_debug.xml +45 -0
- data/xml/smtp_ehlo.xml +53 -0
- data/xml/smtp_expn.xml +95 -0
- data/xml/smtp_help.xml +212 -0
- data/xml/smtp_mailfrom.xml +24 -0
- data/xml/smtp_noop.xml +45 -0
- data/xml/smtp_quit.xml +31 -0
- data/xml/smtp_rcptto.xml +33 -0
- data/xml/smtp_rset.xml +23 -0
- data/xml/smtp_turn.xml +23 -0
- data/xml/smtp_vrfy.xml +109 -0
- data/xml/snmp_sysdescr.xml +8008 -0
- data/xml/snmp_sysobjid.xml +284 -0
- data/xml/ssh_banners.xml +790 -0
- data/xml/upnp_banners.xml +590 -0
- metadata +190 -0
data/xml/pop_banners.xml
ADDED
@@ -0,0 +1,452 @@
|
|
1
|
+
<?xml version="1.0"?>
|
2
|
+
<!--
|
3
|
+
POP3 greeting messages (part of the banner after the status indicator +OK or -ERR) are
|
4
|
+
matched against these patterns to fingerprint POP3 servers.
|
5
|
+
-->
|
6
|
+
|
7
|
+
<fingerprints matches="pop3.banner">
|
8
|
+
|
9
|
+
<fingerprint pattern="^([^ ]+) +Cyrus POP3 v(\d+\.\d+.*)-OS X(?: Server)? ([\d\.]+).* server ready">
|
10
|
+
<description>OSX Cyrus POP</description>
|
11
|
+
<example>8.8.8.8 Cyrus POP3 v2.3.8-OS X Server 10.5: 9A562 server ready <1999107648.1324502155@8.8.8.8></example>
|
12
|
+
<param pos="0" name="service.family" value="Cyrus"/>
|
13
|
+
<param pos="0" name="service.product" value="Cyrus POP"/>
|
14
|
+
<param pos="0" name="service.vendor" value="CMU"/>
|
15
|
+
<param pos="2" name="service.version"/>
|
16
|
+
<param pos="0" name="os.vendor" value="Apple"/>
|
17
|
+
<param pos="0" name="os.family" value="Mac OS X"/>
|
18
|
+
<param pos="0" name="os.product" value="Mac OS X"/>
|
19
|
+
<param pos="0" name="os.device" value="General"/>
|
20
|
+
<param pos="3" name="os.version"/>
|
21
|
+
</fingerprint>
|
22
|
+
|
23
|
+
<fingerprint pattern="^([^ ]+) +Cyrus POP3 v([\d\.]+)[^OS\s+X].*$">
|
24
|
+
<description>CMU Cyrus POP</description>
|
25
|
+
<example>foo Cyrus POP3 v2.3</example>
|
26
|
+
<example>foo Cyrus POP3 v2.3.14 server ready <13087751828270990591.1301068892@foo></example>
|
27
|
+
<param pos="0" name="service.vendor" value="CMU"/>
|
28
|
+
<param pos="0" name="service.family" value="Cyrus"/>
|
29
|
+
<param pos="0" name="service.product" value="Cyrus POP"/>
|
30
|
+
<param pos="1" name="service.version"/>
|
31
|
+
<param pos="2" name="host.domain"/>
|
32
|
+
</fingerprint>
|
33
|
+
|
34
|
+
<fingerprint pattern="^Lotus Notes POP3 server version X[^ ]+ ready on .*$">
|
35
|
+
<example>Lotus Notes POP3 server version X2.0 ready on foo/bar.</example>
|
36
|
+
<description>IBM Lotus Notes/Domino</description>
|
37
|
+
<param pos="0" name="service.vendor" value="IBM"/>
|
38
|
+
<param pos="0" name="service.family" value="Lotus Domino"/>
|
39
|
+
<param pos="0" name="service.product" value="Lotus Domino"/>
|
40
|
+
</fingerprint>
|
41
|
+
|
42
|
+
<fingerprint pattern="^Lotus Notes POP3 server version Release ([^ ]+) ready on .*$">
|
43
|
+
<example>Lotus Notes POP3 server version Release 8.5.1FP5 ready on foo/US.</example>
|
44
|
+
<description>IBM Lotus Notes/Domino</description>
|
45
|
+
<param pos="0" name="service.vendor" value="IBM"/>
|
46
|
+
<param pos="0" name="service.family" value="Lotus Domino"/>
|
47
|
+
<param pos="0" name="service.product" value="Lotus Domino"/>
|
48
|
+
<param pos="1" name="service.version"/>
|
49
|
+
</fingerprint>
|
50
|
+
|
51
|
+
<fingerprint pattern="^Qpopper \(version (\d+\.\d+\.\d+), modified by Sphera Technologies\) at (.+) starting\..*$">
|
52
|
+
<description>Qpopper with Sphera mods</description>
|
53
|
+
<example>Qpopper (version 4.0.3, modified by Sphera Technologies) at domain starting. <xxx@domain></example>
|
54
|
+
<param pos="0" name="service.vendor" value="Sphera"/>
|
55
|
+
<param pos="0" name="service.family" value="Qpopper"/>
|
56
|
+
<param pos="0" name="service.product" value="Qpopper"/>
|
57
|
+
<param pos="1" name="service.version"/>
|
58
|
+
<param pos="2" name="host.domain"/>
|
59
|
+
</fingerprint>
|
60
|
+
|
61
|
+
<fingerprint pattern="^Qpopper \(version (\d+\.\d+\.\d+)-mysql-(.+)\) at (.+) starting\..*$">
|
62
|
+
<description>Qpopper with MySQL auth module</description>
|
63
|
+
<example>Qpopper (version 4.0.3-mysql-0.13) at domain starting. <xxx@domain></example>
|
64
|
+
<param pos="0" name="service.vendor" value="Qualcomm"/>
|
65
|
+
<param pos="0" name="service.family" value="Qpopper"/>
|
66
|
+
<param pos="0" name="service.product" value="Qpopper"/>
|
67
|
+
<param pos="1" name="service.version"/>
|
68
|
+
<param pos="0" name="service.component.family" value="qpopper-mysql"/>
|
69
|
+
<param pos="0" name="service.component.product" value="qpopper-mysql"/>
|
70
|
+
<param pos="2" name="service.component.version"/>
|
71
|
+
<param pos="3" name="host.domain"/>
|
72
|
+
</fingerprint>
|
73
|
+
|
74
|
+
<fingerprint pattern="^Qpop(?:per)? \(version ([\d\.]+)\) at (.+)(?: starting\.)?.*$" flags="REG_ICASE">
|
75
|
+
<description>Qpopper missing version info</description>
|
76
|
+
<example>Qpopper (version 4.0.16) at foo.example.com</example>
|
77
|
+
<example>QPOP (version 2.53) at domain starting. <xxx@domain></example>
|
78
|
+
<example>Qpopper (version 4.0.3) at domain starting. <xxx@domain></example>
|
79
|
+
<param pos="0" name="service.vendor" value="Qualcomm"/>
|
80
|
+
<param pos="0" name="service.family" value="Qpopper"/>
|
81
|
+
<param pos="0" name="service.product" value="Qpopper"/>
|
82
|
+
<param pos="1" name="service.version"/>
|
83
|
+
<param pos="2" name="host.domain"/>
|
84
|
+
</fingerprint>
|
85
|
+
|
86
|
+
<fingerprint pattern="^QPOP \(version (.*)\) at (.+) starting\..*$">
|
87
|
+
<description>Qpopper with missing version info</description>
|
88
|
+
<example>QPOP (version ?) at domain starting. <xxx@domain></example>
|
89
|
+
<param pos="0" name="service.vendor" value="Qualcomm"/>
|
90
|
+
<param pos="0" name="service.family" value="Qpopper"/>
|
91
|
+
<param pos="0" name="service.product" value="Qpopper"/>
|
92
|
+
<param pos="1" name="qpopper.version"/>
|
93
|
+
<param pos="2" name="host.domain"/>
|
94
|
+
</fingerprint>
|
95
|
+
|
96
|
+
<fingerprint pattern="^Microsoft Exchange Server 2003 POP3 server version (\d+\.\d+\.\d+\.\d+) (.+) ready.$">
|
97
|
+
<description>Microsoft Exchange Server 2003</description>
|
98
|
+
<example>Microsoft Exchange Server 2003 POP3 server version 6.5.6944.0 (host) ready.</example>
|
99
|
+
<param pos="0" name="service.vendor" value="Microsoft"/>
|
100
|
+
<param pos="0" name="service.family" value="Exchange Server"/>
|
101
|
+
<param pos="0" name="service.product" value="Exchange 2003 Server"/>
|
102
|
+
<param pos="1" name="service.version"/>
|
103
|
+
<param pos="2" name="host.name"/>
|
104
|
+
<param pos="0" name="os.vendor" value="Microsoft"/>
|
105
|
+
<param pos="0" name="os.device" value="General"/>
|
106
|
+
<param pos="0" name="os.family" value="Windows"/>
|
107
|
+
<param pos="0" name="os.product" value="Windows"/>
|
108
|
+
</fingerprint>
|
109
|
+
|
110
|
+
<fingerprint pattern="^Microsoft Exchange 2000 POP3 server version (\d+\.\d+\.\d+\.\d+) (.+) ready.$">
|
111
|
+
<description>Microsoft Exchange Server 2000</description>
|
112
|
+
<example>Microsoft Exchange 2000 POP3 server version 6.0.6603.0 (host) ready.</example>
|
113
|
+
<param pos="0" name="service.vendor" value="Microsoft"/>
|
114
|
+
<param pos="0" name="service.family" value="Exchange Server"/>
|
115
|
+
<param pos="0" name="service.product" value="Exchange 2000 Server"/>
|
116
|
+
<param pos="1" name="service.version"/>
|
117
|
+
<param pos="2" name="host.name"/>
|
118
|
+
<param pos="0" name="os.vendor" value="Microsoft"/>
|
119
|
+
<param pos="0" name="os.device" value="General"/>
|
120
|
+
<param pos="0" name="os.family" value="Windows"/>
|
121
|
+
<param pos="0" name="os.product" value="Windows"/>
|
122
|
+
</fingerprint>
|
123
|
+
|
124
|
+
<fingerprint pattern="^Microsoft Exchange POP3 server version (\d+\.\d+\.\d+\.\d+) ready$">
|
125
|
+
<description>Microsoft Exchange Server</description>
|
126
|
+
<example>Microsoft Exchange POP3 server version 5.5.2654.50 ready</example>
|
127
|
+
<param pos="0" name="service.vendor" value="Microsoft"/>
|
128
|
+
<param pos="0" name="service.family" value="Exchange Server"/>
|
129
|
+
<param pos="0" name="service.product" value="Exchange Server"/>
|
130
|
+
<param pos="1" name="service.version"/>
|
131
|
+
<param pos="0" name="os.vendor" value="Microsoft"/>
|
132
|
+
<param pos="0" name="os.device" value="General"/>
|
133
|
+
<param pos="0" name="os.family" value="Windows"/>
|
134
|
+
<param pos="0" name="os.product" value="Windows"/>
|
135
|
+
</fingerprint>
|
136
|
+
|
137
|
+
<fingerprint pattern="^Microsoft Windows POP3 Service Version 1.0 <.+@(.+)> ready.$">
|
138
|
+
<description>Microsoft POP3 Services on Windows 2003</description>
|
139
|
+
<example>Microsoft Windows POP3 Service Version 1.0 <xxx@host> ready.</example>
|
140
|
+
<param pos="0" name="service.vendor" value="Microsoft"/>
|
141
|
+
<param pos="0" name="service.family" value="E-mail Services"/>
|
142
|
+
<param pos="0" name="service.product" value="E-mail Services"/>
|
143
|
+
<param pos="1" name="host.name"/>
|
144
|
+
<param pos="0" name="os.vendor" value="Microsoft"/>
|
145
|
+
<param pos="0" name="os.device" value="General"/>
|
146
|
+
<param pos="0" name="os.family" value="Windows"/>
|
147
|
+
<param pos="0" name="os.product" value="Windows Server 2003"/>
|
148
|
+
</fingerprint>
|
149
|
+
|
150
|
+
<fingerprint pattern="^Microsoft Exchange Server 2007 POP3 service ready\.?$">
|
151
|
+
<description>Microsoft Exchange Server 2007</description>
|
152
|
+
<example>Microsoft Exchange Server 2007 POP3 service ready</example>
|
153
|
+
<param pos="0" name="service.vendor" value="Microsoft"/>
|
154
|
+
<param pos="0" name="service.family" value="Exchange Server"/>
|
155
|
+
<param pos="0" name="service.product" value="Exchange 2007 Server"/>
|
156
|
+
<param pos="0" name="os.vendor" value="Microsoft"/>
|
157
|
+
<param pos="0" name="os.device" value="General"/>
|
158
|
+
<param pos="0" name="os.family" value="Windows"/>
|
159
|
+
<param pos="0" name="os.product" value="Windows"/>
|
160
|
+
</fingerprint>
|
161
|
+
|
162
|
+
<fingerprint pattern="^The? Microsoft Exchange POP3 service is ready\.?$">
|
163
|
+
<description>Microsoft Exchange Server, generic</description>
|
164
|
+
<example>The Microsoft Exchange POP3 service is ready.</example>
|
165
|
+
<param pos="0" name="service.vendor" value="Microsoft"/>
|
166
|
+
<param pos="0" name="service.family" value="Exchange Server"/>
|
167
|
+
<param pos="0" name="service.product" value="Exchange Server"/>
|
168
|
+
<param pos="0" name="os.vendor" value="Microsoft"/>
|
169
|
+
<param pos="0" name="os.device" value="General"/>
|
170
|
+
<param pos="0" name="os.family" value="Windows"/>
|
171
|
+
<param pos="0" name="os.product" value="Windows"/>
|
172
|
+
</fingerprint>
|
173
|
+
|
174
|
+
<fingerprint pattern="^[dD]ovecot (?:DA )?ready\.(?: <.+@(.+)>)?$">
|
175
|
+
<!-- Dovecot DA ready.
|
176
|
+
dovecot ready.
|
177
|
+
Dovecot ready.
|
178
|
+
Dovecot ready. <xxx@host>
|
179
|
+
-->
|
180
|
+
<description>Dovecot Secure POP Server</description>
|
181
|
+
<param pos="0" name="service.family" value="Dovecot"/>
|
182
|
+
<param pos="0" name="service.product" value="Dovecot"/>
|
183
|
+
<param pos="1" name="host.name"/>
|
184
|
+
</fingerprint>
|
185
|
+
|
186
|
+
<fingerprint pattern="^(\S+) Zimbra POP3 server ready\.?$">
|
187
|
+
<example>catfood.example.com Zimbra POP3 server ready</example>
|
188
|
+
<example>dogfood.example.com Zimbra POP3 server ready</example>
|
189
|
+
<description>VMware Zimbra POP</description>
|
190
|
+
<param pos="0" name="service.vendor" value="VMware"/>
|
191
|
+
<param pos="0" name="service.product" value="Zimbra"/>
|
192
|
+
<param pos="1" name="host.name"/>
|
193
|
+
</fingerprint>
|
194
|
+
|
195
|
+
<fingerprint pattern="^(\S+) Zimbra (\S+) POP3 server ready\.?$">
|
196
|
+
<example>example.com Zimbra 7.0.0_GA_3079 POP3 server ready</example>
|
197
|
+
<description>VMware Zimbra POP</description>
|
198
|
+
<param pos="0" name="service.vendor" value="VMware"/>
|
199
|
+
<param pos="0" name="service.product" value="Zimbra"/>
|
200
|
+
<param pos="2" name="service.version"/>
|
201
|
+
<param pos="1" name="host.name"/>
|
202
|
+
</fingerprint>
|
203
|
+
|
204
|
+
<fingerprint pattern="^(?:S?POP3? server ready |Hello there.? )?<.*@([^>]+)>$">
|
205
|
+
<example>POP3 server ready <58c29ae4-7316-429e-8109-060444ab1a28@foo.example.com></example>
|
206
|
+
<example><84427.1298535083@foo.example.com></example>
|
207
|
+
<description>Generic masked POP3 server</description>
|
208
|
+
<param pos="1" name="host.name"/>
|
209
|
+
</fingerprint>
|
210
|
+
|
211
|
+
<fingerprint pattern="^ApplePasswordServer ([\d\.]+) password">
|
212
|
+
<description>Apple Open Directory</description>
|
213
|
+
<example>ApplePasswordServer 10.6.0.0 password server at 10.2.90.228 ready.</example>
|
214
|
+
<example>ApplePasswordServer 10.5.0.1 password serv</example>
|
215
|
+
<param pos="0" name="service.vendor" value="Apple"/>
|
216
|
+
<param pos="0" name="service.product" value="Open Directory"/>
|
217
|
+
<param pos="0" name="os.vendor" value="Apple"/>
|
218
|
+
<param pos="0" name="os.family" value="Mac OS X"/>
|
219
|
+
<param pos="0" name="os.product" value="Mac OS X"/>
|
220
|
+
<param pos="1" name="os.version"/>
|
221
|
+
<!-- the version coming from this service is usually accurate for the major version
|
222
|
+
but horribly wrong for the minor and patch levels, therefore drop the certainty
|
223
|
+
in lieu of a "quality" attribute for fingerprints -->
|
224
|
+
<param pos="0" name="os.certainty" value="0.5"/>
|
225
|
+
</fingerprint>
|
226
|
+
|
227
|
+
<!--
|
228
|
+
|
229
|
+
; Mandrake 8.1 - uses UW IMAP
|
230
|
+
; +OK POP3 mandrake81-f540k v2000.70mdk server ready
|
231
|
+
// wu-imap?
|
232
|
+
// +OK POP3 pytha434.rsjp.net 2004.89w server ready
|
233
|
+
// +OK POP3 cctlaser.com 2004.89s server ready
|
234
|
+
// +OK POP3 [158.122.12.70] v2003.83mdk server ready
|
235
|
+
// +OK POP3 [161.58.53.189] 2006b.94 server ready
|
236
|
+
// +OK POP3 [192.168.0.250] v2000.70rh server ready
|
237
|
+
|
238
|
+
; Lotus Domino - NOTE: POP versions do not map to Domino version
|
239
|
+
// +OK Lotus Notes POP3 server version X2.0 ready <0015521D.86257321.0000081C.00000008@Atlas/AgileTek> on Atlas/AgileTek.
|
240
|
+
( call ?j_popPatterns add
|
241
|
+
"^\\+OK Lotus Notes POP3 server version ([^ ]*) ready on ([^\\.]*)\\.$" )
|
242
|
+
( call ?j_popNames add "Lotus-Domino" )
|
243
|
+
|
244
|
+
// +OK alquilerpc.com.mx POP3 Server (Version 1.020h) ready.
|
245
|
+
|
246
|
+
// Ipswitch IMail
|
247
|
+
// +OK X1 NT-POP3 Server geneseenet06 (IMail 8.22 45450-1)
|
248
|
+
|
249
|
+
// +OK X1 POP3 Mail Server
|
250
|
+
|
251
|
+
// +OK server POP3 server (DeskNow POP3 Server 1.0) ready
|
252
|
+
|
253
|
+
// +OK <1185161310.3352@goto15028.com> [XMail 1.24 POP3 Server] service ready; Mon, 23 Jul 2007 11:28:30 +0800
|
254
|
+
|
255
|
+
// +OK IdeaPop3Server v0.50 ready.
|
256
|
+
|
257
|
+
// +OK qxztmail POP3 server (STD Ymailserver v1.8 POP3) ready
|
258
|
+
|
259
|
+
// +OK blue.forest-green.lan POP3 server (JAMES POP3 Server 2.2.0) ready
|
260
|
+
|
261
|
+
// +OK xxx CMailServer 5.2 POP3 Service Ready
|
262
|
+
|
263
|
+
// +OK iac3 Solstice (tm) Internet Mail Server (tm) POP3 2.0 at Mon, 23 Jul 2007 20:08:02 -0500 (CDT)
|
264
|
+
|
265
|
+
// +OK Gordano Messaging Suite POP3 server ready
|
266
|
+
// +OK Gordano Messaging Suite POP3 server ready <13501095613509@hollandcanadaline.com>
|
267
|
+
|
268
|
+
// +OK unitechna.lt Merak 8.9.1 POP3 Sun, 22 Jul 2007 23:16:25 +0300 <20070722231625@unitechna.lt>
|
269
|
+
|
270
|
+
|
271
|
+
// +OK Cubic Circle's v1.31 1998/05/13 POP3 ready <0c9300004104a246@www.dvdld.co.za>
|
272
|
+
|
273
|
+
// +OK Welcome to MailEnable POP3 Server
|
274
|
+
|
275
|
+
// +OK GroupWise POP3 server ready
|
276
|
+
|
277
|
+
// +OK POP3 AnalogX Proxy 4.14 (Release) ready.
|
278
|
+
|
279
|
+
// +OK lojack.com.ar POP MDaemon 9.6.0 ready <MDAEMON-F200707232110.AA1001241MD4604@lojack.com.ar>
|
280
|
+
|
281
|
+
// +OK DBMAIL pop3 server ready to rock <4393e6301f984e87ad7cdc766595c78f@mx>
|
282
|
+
|
283
|
+
// +OK POP3 Welcome to vm-pop3d 1.1.6 <83532.1185400462@romeo.hostlab.nl>
|
284
|
+
|
285
|
+
// +OK Solid POP3 server ready
|
286
|
+
|
287
|
+
// +OK ArGoSoft Mail Server Pro for WinNT/2000/XP, Version 1.8 (1.8.8.9)
|
288
|
+
|
289
|
+
// +OK POP3 titan [cppop 20.0] at [207.150.171.34]
|
290
|
+
|
291
|
+
// +OK ModusMail POP3 Server-NOTF 4.2.425.4 Ready <42760712.1185328354.283@gbso.net>
|
292
|
+
|
293
|
+
// +OK DPOP Version number supressed.
|
294
|
+
|
295
|
+
// +OK XPOP3 0.0.1 server ready
|
296
|
+
|
297
|
+
-ERR (Proxy) connect error:socket error:No route to host
|
298
|
+
-ERR No permission
|
299
|
+
-ERR sorry, POP server too busy right now. Try again later.
|
300
|
+
-ERR This IP is not configured for POP3 service. Please contact Allstream at 1-888-655-7670.
|
301
|
+
+OK
|
302
|
+
+OK
|
303
|
+
+OK <0bdec6022085d6c34a0e48bb77bf8cf3@juno.thinkburst.com>
|
304
|
+
+OK <869521546.23059@mail.tecedge.net>, POP3 server ready.
|
305
|
+
+OK host CMailServer 5.2 POP3 Service Ready
|
306
|
+
+OK 2net.com POP MDaemon 7.2.0 ready <MDAEMON-F200707241631.AA3131578MD3019@2net.com>
|
307
|
+
+OK alakhan.kz POP MDaemon 6.8.4 ready <MDAEMON-F200707231617.AA1715437MD3489@alakhan.kz>
|
308
|
+
+OK alquilerpc.com.mx POP3 Server (Version 1.020h) ready.
|
309
|
+
+OK ArGoSoft Mail Server Pro for WinNT/2000/XP, Version 1.8 (1.8.8.9)
|
310
|
+
+OK blue.forest-green.lan POP3 server (JAMES POP3 Server 2.2.0) ready
|
311
|
+
+OK canoeregatta.org POP3 Server (Version 1.020h) ready.
|
312
|
+
+OK codebase.com.au POP MDaemon 9.6.1 ready <MDAEMON-F200707220122.AA2235837MD8039@codebase.com.au>
|
313
|
+
+OK Cubic Circle's v1.31 1998/05/13 POP3 ready <0c9300004104a246@www.dvdld.co.za>
|
314
|
+
+OK DBMAIL pop3 server ready to rock <4393e6301f984e87ad7cdc766595c78f@mx>
|
315
|
+
+OK ddc.lv POP MDaemon 9.0.4 ready <MDAEMON-F200707221319.AA1908942MD2984@ddc.lv>
|
316
|
+
+OK DPOP Version number supressed.
|
317
|
+
+OK Gordano Messaging Suite POP3 server ready
|
318
|
+
+OK Gordano Messaging Suite POP3 server ready <13501095613509@hollandcanadaline.com>
|
319
|
+
+OK Gordano Messaging Suite POP3 server ready <17142725297473@nefonline.de>
|
320
|
+
+OK GroupWise POP3 server ready
|
321
|
+
+OK Hello there.
|
322
|
+
+OK Hello there. <4405.1185250906@localhost.localdomain>
|
323
|
+
+OK iac3 Solstice (tm) Internet Mail Server (tm) POP3 2.0 at Mon, 23 Jul 2007 20:08:02 -0500 (CDT)
|
324
|
+
+OK IdeaPop3Server v0.50 ready.
|
325
|
+
+OK justkidsmagazine.com POP3 Server (Version 1.020h) ready.
|
326
|
+
+OK lojack.com.ar POP MDaemon 9.6.0 ready <MDAEMON-F200707232110.AA1001241MD4604@lojack.com.ar>
|
327
|
+
+OK Lotus Notes POP3 server version X2.0 ready <0015521D.86257321.0000081C.00000008@Atlas/AgileTek> on Atlas/AgileTek.
|
328
|
+
+OK mail.inter-ecom.com MERAK 3.00.120 POP3 Fri, 20 Jul 2007 23:01:52 -0700 <20070720230152@mail.inter-ecom.com>
|
329
|
+
+OK ModusMail POP3 Server-NOTF 4.2.425.4 Ready <42760712.1185328354.283@gbso.net>
|
330
|
+
+OK myflock.christianwebhost.com POP3 Server (Version 1.020h) ready.
|
331
|
+
+OK pchomehouston.com POP3 Server (Version 1.020h) ready.
|
332
|
+
+OK POP server version 2.53 ready from w2k1332
|
333
|
+
+OK POP3 [158.122.12.70] v2003.83mdk server ready
|
334
|
+
+OK POP3 [161.58.53.189] 2006b.94 server ready
|
335
|
+
+OK POP3 [192.168.0.250] v2000.70rh server ready
|
336
|
+
+OK POP3 [193.203.43.90] 2004.89 server ready
|
337
|
+
+OK POP3 [199.236.35.240] v2000.70 server ready
|
338
|
+
+OK POP3 [199.236.46.233] v2000.70 server ready
|
339
|
+
+OK POP3 [216.17.96.200] 2004.89 server ready
|
340
|
+
+OK POP3 [220.111.0.198] v2000.70 server ready
|
341
|
+
+OK POP3 [60.43.204.115] v2000.70 server ready
|
342
|
+
+OK POP3 [61.126.32.231] v2000.70 server ready
|
343
|
+
+OK POP3 [66.49.140.201] v2003.83rh server ready
|
344
|
+
+OK POP3 [89.110.105.178] 2004.89 server ready
|
345
|
+
+OK POP3 [89.110.111.108] 2004.89 server ready
|
346
|
+
+OK POP3 [89.110.120.59] 2004.89 server ready
|
347
|
+
+OK POP3 [89.110.123.169] 2004.89 server ready
|
348
|
+
+OK POP3 [89.110.88.248] 2004.89 server ready
|
349
|
+
+OK POP3 220-130-130-112.HINET-IP.hinet.net v2000.70 server ready
|
350
|
+
+OK POP3 AnalogX Proxy 4.14 (Release) ready.
|
351
|
+
+OK POP3 artfulssoul.com v2001.78rh server ready
|
352
|
+
+OK POP3 bibliotake.nl v2001.78rh server ready
|
353
|
+
+OK POP3 blog.celebkings.com v2003.83rh server ready
|
354
|
+
+OK POP3 bureau25.ns.utoronto.ca 2006f.96 server ready
|
355
|
+
+OK POP3 cctlaser.com 2004.89s server ready
|
356
|
+
+OK POP3 creditsuisseplm.tempdomainname.com 2004.89s server ready
|
357
|
+
+OK POP3 energypress.com 2004.89 server ready
|
358
|
+
+OK POP3 ez3 [cppop 20.0] at [64.119.173.146]
|
359
|
+
+OK POP3 frankscenterinc.com 2004.89 server ready
|
360
|
+
+OK POP3 fred08.tempdomainname.com 2004.89s server ready
|
361
|
+
+OK POP3 giantkangaroo.com v2003.83rh server ready
|
362
|
+
+OK POP3 host [cppop 20.0] at [66.45.252.61]
|
363
|
+
+OK POP3 host62 [cppop 20.0] at [216.120.237.62]
|
364
|
+
+OK POP3 hypolite.com v2001.78rh server ready
|
365
|
+
+OK POP3 juma [cppop 20.0] at [140.99.39.68]
|
366
|
+
+OK POP3 ksblist.com v2003.83rh server ready
|
367
|
+
+OK POP3 lakegeorgedaycare.com 2004.89s server ready
|
368
|
+
+OK POP3 localhost server ready
|
369
|
+
+OK POP3 localhost 2004.89 server ready
|
370
|
+
+OK POP3 localhost v2000.69hw server ready
|
371
|
+
+OK POP3 localhost v2001.78rh server ready
|
372
|
+
+OK POP3 monki.net v2003.83rh server ready
|
373
|
+
+OK POP3 nativeamericanlinks.com v2001.78rh server ready
|
374
|
+
+OK POP3 ns.skymarkgroup.com v2001.78rh server ready
|
375
|
+
+OK POP3 oliveiradressage.com v2003.83rh server ready
|
376
|
+
+OK POP3 pegasus [cppop 20.0] at [64.235.240.105]
|
377
|
+
+OK POP3 pytha434.rsjp.net 2004.89w server ready
|
378
|
+
+OK POP3 qwiknet.com 2004.89 server ready
|
379
|
+
+OK POP3 rrm82.fastlinknet.com v2003.83rh server ready
|
380
|
+
+OK POP3 saruman [cppop 20.0] at [82.136.60.52]
|
381
|
+
+OK POP3 scitechlicensing.com v2003.83rh server ready
|
382
|
+
+OK POP3 server-p002 [cppop 19.0] at [217.26.51.207]
|
383
|
+
+OK POP3 server [cppop 20.0] at [72.249.45.83]
|
384
|
+
+OK POP3 server [cppop 21.0] at [216.227.223.68]
|
385
|
+
+OK POP3 server ready
|
386
|
+
+OK POP3 server ready QuickMail Pro Server for Mac 3.0.2 <9a937c2c@192.168.0.254>
|
387
|
+
+OK POP3 taiwanjohnson.com.tw v2001.78rh server ready
|
388
|
+
+OK POP3 telesto [cppop 20.0] at [209.123.140.118]
|
389
|
+
+OK POP3 titan [cppop 20.0] at [207.150.171.34]
|
390
|
+
+OK POP3 top [cppop 21.0] at [70.87.244.140]
|
391
|
+
+OK POP3 txsunset.com v2001.78rh server ready
|
392
|
+
+OK POP3 umb.bankersacademy.com 2004.89s server ready
|
393
|
+
+OK POP3 unrealfactory.com v2003.83rh server ready
|
394
|
+
+OK POP3 venus [cppop 20.0] at [216.54.232.223]
|
395
|
+
+OK POP3 vitalmoment.com v4.47 server ready
|
396
|
+
+OK POP3 vps [cppop 21.0] at [207.58.145.19]
|
397
|
+
+OK POP3 web1 [cppop 21.0] at [72.9.237.53]
|
398
|
+
+OK POP3 Welcome to vm-pop3d 1.1.6 <83532.1185400462@romeo.hostlab.nl>
|
399
|
+
+OK POP3 Welcome to vm-pop3d 1.1.7f-DA-2
|
400
|
+
+OK POP3 wirelessintro [cppop 20.0] at [72.18.130.64]
|
401
|
+
+OK POP3 www.boomingusedautoparts.com 2006b.94 server ready
|
402
|
+
+OK POP3 www.happytails2u.com 2004.89 server ready
|
403
|
+
+OK POP3 www.homebasedwizard.com 2004.89 server ready
|
404
|
+
+OK POP3 www.webmail.imperioe.com 2004.89 server ready
|
405
|
+
+OK qxztmail POP3 server (STD Ymailserver v1.8 POP3) ready
|
406
|
+
+OK Radish (Version 3.0.0-b021) ready
|
407
|
+
+OK ready
|
408
|
+
+OK ready <11514.1185210732@freedom.concept69.de>
|
409
|
+
+OK ready <14026.1184992338@s076-129.ub.firstserver.ne.jp>
|
410
|
+
+OK ready <16013.1185110479@p1.in11.squarestart.ne.jp>
|
411
|
+
+OK ready <1602.1185138403@p10084207.pureserver.de>
|
412
|
+
+OK ready <17391.1185103166@www.e-shci.org>
|
413
|
+
+OK ready <17638.1185005363@o6.s023v.squarestart.ne.jp>
|
414
|
+
+OK ready <21400.1185465572@q7.s036v.smilestart.ne.jp>
|
415
|
+
+OK ready <2964.1185086744@nissan-forksaitama.co.jp>
|
416
|
+
+OK ready <9704.1185097132@h9.s011v.squarestart.ne.jp>
|
417
|
+
+OK recvmail/he.net POP3 Server
|
418
|
+
+OK refinanceloanjones.com POP3 Server (Version 1.020h) ready.
|
419
|
+
+OK samare.it POP MDaemon 6.8.5 ready <MDAEMON-F200707220351.AA513460MD5338@samare.it>
|
420
|
+
+OK server POP3 server (DeskNow POP3 Server 1.0) ready
|
421
|
+
+OK silexaviacion.com POP3 Server (Version 1.020h) ready.
|
422
|
+
+OK simple-photography.com POP3 Server (Version 1.020h) ready.
|
423
|
+
+OK Solid POP3 server ready
|
424
|
+
+OK studiovisuals.com POP3 Server (Version 1.020h) ready.
|
425
|
+
+OK themeekermall.com POP3 Server (Version 1.020h) ready.
|
426
|
+
+OK unitechna.lt Merak 8.9.1 POP3 Sun, 22 Jul 2007 23:16:25 +0300 <20070722231625@unitechna.lt>
|
427
|
+
+OK Welcome to MailEnable POP3 Server
|
428
|
+
+OK X1 NT-POP3 Server 2436681011.monstercommercesites.com (IMail 7.15 560907-1)
|
429
|
+
+OK X1 NT-POP3 Server Calvin-Serv (IMail 8.22 1107-1)
|
430
|
+
+OK X1 NT-POP3 Server chealsea.com.cn (IMail 8.15 16990-1)
|
431
|
+
+OK X1 NT-POP3 Server dedicated (IMail 9.03 34585-1)
|
432
|
+
+OK X1 NT-POP3 Server exfast114 (IMail 8.10 1204-1)
|
433
|
+
+OK X1 NT-POP3 Server exfast114 (IMail 8.10 548-1)
|
434
|
+
+OK X1 NT-POP3 Server geneseenet06 (IMail 8.22 45450-1)
|
435
|
+
+OK X1 NT-POP3 Server karunrolling.com (IMail 9.10 33410-4)
|
436
|
+
+OK X1 NT-POP3 Server mail.domainebuilders.com (IMail 8.15 562966-2)
|
437
|
+
+OK X1 NT-POP3 Server mail.ectorumc.org (IMail 8.21 421362-1)
|
438
|
+
+OK X1 NT-POP3 Server mail.oecmail2.com (IMail 9.10 135441-3)
|
439
|
+
+OK X1 NT-POP3 Server mail.saturnofdc.com (IMail 7.13 214871-3)
|
440
|
+
+OK X1 NT-POP3 Server ph18.pennyhost.com (IMail 8.22 325883-2)
|
441
|
+
+OK X1 NT-POP3 Server wddx002.wddx.net (IMail 8.15 60353-2)
|
442
|
+
+OK X1 NT-POP3 Server webgistix.com (IMail 8.05 161161-1)
|
443
|
+
+OK X1 POP3 Mail Server
|
444
|
+
+OK XPOP3 0.0.1 server ready
|
445
|
+
220 axigen slmail mdaemon mailserver
|
446
|
+
// apparently this is a P3Scan Proxy bug
|
447
|
+
// http://lists.freebsd.org/pipermail/freebsd-ports/2004-May/012400.html
|
448
|
+
Oops, that would loop!
|
449
|
+
|
450
|
+
-->
|
451
|
+
|
452
|
+
</fingerprints>
|
data/xml/rsh_resp.xml
ADDED
@@ -0,0 +1,90 @@
|
|
1
|
+
<?xml version="1.0"?>
|
2
|
+
<!--
|
3
|
+
Rservices responses to requests are matched against these patterns to fingerprint the OSes of servers.
|
4
|
+
-->
|
5
|
+
|
6
|
+
<fingerprints>
|
7
|
+
<fingerprint pattern="^.Permission denied: Error 0$">
|
8
|
+
<example>xPermission denied: Error 0</example>
|
9
|
+
<description>Digital Unix rlogind</description>
|
10
|
+
<param pos="0" name="os.vendor" value="HP"/>
|
11
|
+
<param pos="0" name="os.device" value="General"/>
|
12
|
+
<param pos="0" name="os.family" value="Digital Unix"/>
|
13
|
+
<param pos="0" name="os.product" value="Unknown"/>
|
14
|
+
</fingerprint>
|
15
|
+
|
16
|
+
<fingerprint pattern="^.Winsock RSHD/NT: Protocol negotiation error\..+$|^.in\.rlogind: Permission denied\..+$" flags="REG_DOT_NEWLINE">
|
17
|
+
<example>xWinsock RSHD/NT: Protocol negotiation error.
|
18
|
+
0</example>
|
19
|
+
<example>xin.rlogind: Permission denied.
|
20
|
+
</example>
|
21
|
+
<description>Windows rlogind</description>
|
22
|
+
<param pos="0" name="os.vendor" value="Microsoft"/>
|
23
|
+
<param pos="0" name="os.device" value="General"/>
|
24
|
+
<param pos="0" name="os.family" value="Windows"/>
|
25
|
+
<param pos="0" name="os.product" value="Unknown"/>
|
26
|
+
</fingerprint>
|
27
|
+
|
28
|
+
<fingerprint pattern="^.permission denied\..+$" flags="REG_DOT_NEWLINE">
|
29
|
+
<example>xpermission denied.
|
30
|
+
</example>
|
31
|
+
<description>Solaris rlogind</description>
|
32
|
+
<param pos="0" name="os.vendor" value="Sun"/>
|
33
|
+
<param pos="0" name="os.device" value="General"/>
|
34
|
+
<param pos="0" name="os.family" value="Solaris"/>
|
35
|
+
<param pos="0" name="os.product" value="Solaris"/>
|
36
|
+
</fingerprint>
|
37
|
+
|
38
|
+
<fingerprint pattern="^.rlogind: Acc.s refus.\..+$" flags="REG_DOT_NEWLINE">
|
39
|
+
<example>xrlogind: Accxs refusx.
|
40
|
+
</example>
|
41
|
+
<description>AIX rlogind</description>
|
42
|
+
<param pos="0" name="os.vendor" value="IBM"/>
|
43
|
+
<param pos="0" name="os.device" value="General"/>
|
44
|
+
<param pos="0" name="os.family" value="AIX"/>
|
45
|
+
<param pos="0" name="os.product" value="AIX"/>
|
46
|
+
</fingerprint>
|
47
|
+
|
48
|
+
<fingerprint pattern="^.rlogind: Host name for your address \([\d.]+\) unknown\..*$" flags="REG_DOT_NEWLINE">
|
49
|
+
<example>xrlogind: Host name for your address (127.0.0.1) unknown.
|
50
|
+
</example>
|
51
|
+
<description>A/UX rlogind</description>
|
52
|
+
<param pos="0" name="os.vendor" value="Apple"/>
|
53
|
+
<param pos="0" name="os.device" value="General"/>
|
54
|
+
<param pos="0" name="os.family" value="A/UX"/>
|
55
|
+
<param pos="0" name="os.product" value="Unknown"/>
|
56
|
+
</fingerprint>
|
57
|
+
|
58
|
+
<fingerprint pattern="^.rexecd: Login incorrect\..*$" flags="REG_DOT_NEWLINE">
|
59
|
+
<example>xrexecd: Login incorrect.
|
60
|
+
</example>
|
61
|
+
<description>HP-UX rexecd</description>
|
62
|
+
<param pos="0" name="os.vendor" value="HP"/>
|
63
|
+
<param pos="0" name="os.device" value="General"/>
|
64
|
+
<param pos="0" name="os.family" value="HP-UX"/>
|
65
|
+
<param pos="0" name="os.product" value="HP-UX"/>
|
66
|
+
</fingerprint>
|
67
|
+
|
68
|
+
<fingerprint pattern="^.rexecd: [-\d]+.*$" flags="REG_DOT_NEWLINE">
|
69
|
+
<example>xrexecd: 0-1 The login is not correct.
|
70
|
+
</example>
|
71
|
+
<description>AIX rexecd</description>
|
72
|
+
<param pos="0" name="os.vendor" value="IBM"/>
|
73
|
+
<param pos="0" name="os.device" value="General"/>
|
74
|
+
<param pos="0" name="os.family" value="AIX"/>
|
75
|
+
<param pos="0" name="os.product" value="AIX"/>
|
76
|
+
</fingerprint>
|
77
|
+
|
78
|
+
<fingerprint pattern="^.remshd: (getservbyname.+|Kerberos Authentication not enabled\..+|Error! Kerberos authentication failed)$" flags="REG_DOT_NEWLINE">
|
79
|
+
<example>xremshd: getservbyname
|
80
|
+
</example>
|
81
|
+
<example>xremshd: Kerberos Authentication not enabled.
|
82
|
+
</example>
|
83
|
+
<example>xremshd: Error! Kerberos authentication failed</example>
|
84
|
+
<description>HP-UX rshd</description>
|
85
|
+
<param pos="0" name="os.vendor" value="HP"/>
|
86
|
+
<param pos="0" name="os.device" value="General"/>
|
87
|
+
<param pos="0" name="os.family" value="HP-UX"/>
|
88
|
+
<param pos="0" name="os.product" value="HP-UX"/>
|
89
|
+
</fingerprint>
|
90
|
+
</fingerprints>
|