recog 0.01

data/xml/snmp_sysobjid.xml

@@ -0,0 +1,284 @@
+<?xml version="1.0"?>
+<!--
+  SNMP fingerprint definitions for SysObjectIDs. These are matched against the value of the
+  'sysObjectID' (OID 1.3.6.1.2.1.1.2) variable.
+-->
+<fingerprints matches="snmp.sys_object_id">
+   <!--======================================================================
+                              MICROSOFT
+   =======================================================================-->
+
+   <!--
+      These are baseline patterns that map to sysObjectID with their associated sysDescr.
+   -->
+   <fingerprint pattern="^1\.3\.6\.1\.4\.1\.311\.1\.1\.3\.1\.[23] Hardware: x86.*Software: Windows NT Version 4\.0.*$">
+      <description>Windows NT 4 on x86</description>
+      <example>1.3.6.1.4.1.311.1.1.3.1.2 Hardware: x86 Family 6 Model 8 Stepping 3 AT/AT COMPATIBLE  - Software: Windows NT Version 4.0  (Build Number: 1381 Uniprocessor Free )</example>
+      <example>1.3.6.1.4.1.311.1.1.3.1.3 Hardware: x86 Family 6 Model 8 Stepping 3 AT/AT COMPATIBLE  - Software: Windows NT Version 4.0  (Build Number: 1381 Uniprocessor Free )</example>
+      <param pos="0" name="os.vendor" value="Microsoft"/>
+      <param pos="0" name="os.family" value="Windows"/>
+      <param pos="0" name="os.product" value="Windows NT Server"/>
+      <param pos="0" name="os.version" value="4.0"/>
+      <param pos="0" name="os.device" value="General"/>
+      <param pos="0" name="os.arch" value="x86"/>
+   </fingerprint>
+
+   <fingerprint pattern="^1\.3\.6\.1\.4\.1\.311\.1\.1\.3\.1\.2 Hardware: x86.*Software: Windows 2000 Version 5\.0.*$">
+      <description>Windows 2000 on x86</description>
+      <example>1.3.6.1.4.1.311.1.1.3.1.2 Hardware: x86 Family 15 Model 4 Stepping 8 AT/AT COMPATIBLE - Software: Windows 2000 Version 5.0 (Build 2195 Uniprocessor Free)</example>
+      <param pos="0" name="os.vendor" value="Microsoft"/>
+      <param pos="0" name="os.family" value="Windows"/>
+      <param pos="0" name="os.product" value="Windows 2000 Server"/>
+      <param pos="0" name="os.device" value="General"/>
+      <param pos="0" name="os.arch" value="x86"/>
+   </fingerprint>
+
+   <fingerprint pattern="^1\.3\.6\.1\.4\.1\.311\.1\.1\.3\.1\.3 Hardware: x86.*Software: Windows 2000 Version 5\.0.*$">
+      <description>Windows 2000 on x86</description>
+      <example>1.3.6.1.4.1.311.1.1.3.1.3 Hardware: x86 Family 15 Model 4 Stepping 8 AT/AT COMPATIBLE - Software: Windows 2000 Version 5.0 (Build 2195 Uniprocessor Free)</example>
+      <param pos="0" name="os.vendor" value="Microsoft"/>
+      <param pos="0" name="os.family" value="Windows"/>
+      <param pos="0" name="os.product" value="Windows 2000 Datacenter Server"/>
+      <param pos="0" name="os.device" value="General"/>
+      <param pos="0" name="os.arch" value="x86"/>
+   </fingerprint>
+
+   <fingerprint pattern="^1\.3\.6\.1\.4\.1\.311\.1\.1\.3\.1\.2 Hardware: x86.*Software: Windows Version 5\.2.*$">
+      <description>Windows Server 2003 on x86</description>
+      <example>1.3.6.1.4.1.311.1.1.3.1.2 Hardware: x86 Family 15 Model 4 Stepping 3 AT/AT COMPATIBLE - Software: Windows Version 5.2 (Build 3790 Multiprocessor Free)</example>
+      <param pos="0" name="os.vendor" value="Microsoft"/>
+      <param pos="0" name="os.family" value="Windows"/>
+      <param pos="0" name="os.product" value="Windows Server 2003"/>
+      <param pos="0" name="os.device" value="General"/>
+      <param pos="0" name="os.arch" value="x86"/>
+   </fingerprint>
+
+   <fingerprint pattern="^1\.3\.6\.1\.4\.1\.311\.1\.1\.3\.1\.3 Hardware: x86.*Software: Windows Version 5\.2.*$">
+      <description>Windows Server 2003 on x86</description>
+      <example>1.3.6.1.4.1.311.1.1.3.1.3 Hardware: x86 Family 15 Model 4 Stepping 3 AT/AT COMPATIBLE - Software: Windows Version 5.2 (Build 3790 Multiprocessor Free)</example>
+      <param pos="0" name="os.vendor" value="Microsoft"/>
+      <param pos="0" name="os.family" value="Windows"/>
+      <param pos="0" name="os.product" value="Windows Server 2003, Datacenter Edition"/>
+      <param pos="0" name="os.device" value="General"/>
+      <param pos="0" name="os.arch" value="x86"/>
+   </fingerprint>
+
+   <fingerprint pattern="^1\.3\.6\.1\.4\.1\.311\.1\.1\.3\.1\.2 Hardware: \S+64.*Software: Windows Version 5\.2.*$">
+      <description>Windows Server 2003 on x86_64</description>
+      <example>1.3.6.1.4.1.311.1.1.3.1.2 Hardware: AMD64 Family 15 Model 4 Stepping 3 AT/AT COMPATIBLE - Software: Windows Version 5.2 (Build 3790 Multiprocessor Free)</example>
+      <example>1.3.6.1.4.1.311.1.1.3.1.2 Hardware: Intel64 Family 6 Model 15 Stepping 6 AT/AT COMPATIBLE - Software: Windows Version 5.2 (Build 3790 Multiprocessor Free)</example>
+      <param pos="0" name="os.vendor" value="Microsoft"/>
+      <param pos="0" name="os.family" value="Windows"/>
+      <param pos="0" name="os.product" value="Windows Server 2003"/>
+      <param pos="0" name="os.device" value="General"/>
+      <param pos="0" name="os.arch" value="x86_64"/>
+   </fingerprint>
+
+   <fingerprint pattern="^1\.3\.6\.1\.4\.1\.311\.1\.1\.3\.1\.3 Hardware: \S+64.*Software: Windows Version 5\.2.*$">
+      <description>Windows Server 2003 on x86_64</description>
+      <example>1.3.6.1.4.1.311.1.1.3.1.3 Hardware: AMD64 Family 15 Model 4 Stepping 3 AT/AT COMPATIBLE - Software: Windows Version 5.2 (Build 3790 Multiprocessor Free)</example>
+      <example>1.3.6.1.4.1.311.1.1.3.1.3 Hardware: Intel64 Family 6 Model 15 Stepping 6 AT/AT COMPATIBLE - Software: Windows Version 5.2 (Build 3790 Multiprocessor Free)</example>
+      <param pos="0" name="os.vendor" value="Microsoft"/>
+      <param pos="0" name="os.family" value="Windows"/>
+      <param pos="0" name="os.product" value="Windows Server 2003, Datacenter Edition"/>
+      <param pos="0" name="os.device" value="General"/>
+      <param pos="0" name="os.arch" value="x86_64"/>
+   </fingerprint>
+
+   <fingerprint pattern="^Microsoft Windows CE Version ([\d.]+).*$">
+      <description>Windows CE</description>
+      <example>Microsoft Windows CE Version 4.20 (Build 0)</example>
+      <example>Microsoft Windows CE Version 4.20 (Build 1088)</example>
+      <param pos="0" name="os.vendor" value="Microsoft"/>
+      <param pos="0" name="os.family" value="Windows"/>
+      <param pos="0" name="os.product" value="Windows CE"/>
+      <param pos="0" name="os.device" value="General"/>
+      <param pos="1" name="os.version"/>
+   </fingerprint>
+
+   <fingerprint pattern="^1\.3\.6\.1\.4\.1\.311\.1\.1\.3\.1\.2 Hardware: x86.*Software: Windows Version 6\.0 \(Build 6001.*$">
+      <description>Windows Server 2008 on x86</description>
+      <example>1.3.6.1.4.1.311.1.1.3.1.2 Hardware: x86 Family 15 Model 2 Stepping 5 AT/AT COMPATIBLE - Software: Windows Version 6.0 (Build 6001 Multiprocessor Free)</example>
+      <param pos="0" name="os.vendor" value="Microsoft"/>
+      <param pos="0" name="os.family" value="Windows"/>
+      <param pos="0" name="os.product" value="Windows Server 2008"/>
+      <param pos="0" name="os.device" value="General"/>
+      <param pos="0" name="os.arch" value="x86"/>
+   </fingerprint>
+
+   <fingerprint pattern="^1\.3\.6\.1\.4\.1\.311\.1\.1\.3\.1\.3 Hardware: x86.*Software: Windows Version 6\.0 \(Build 6001.*$">
+      <description>Windows Server 2008 Datacenter on x86</description>
+      <example>1.3.6.1.4.1.311.1.1.3.1.3 Hardware: x86 Family 15 Model 2 Stepping 5 AT/AT COMPATIBLE - Software: Windows Version 6.0 (Build 6001 Multiprocessor Free)</example>
+      <param pos="0" name="os.vendor" value="Microsoft"/>
+      <param pos="0" name="os.family" value="Windows"/>
+      <param pos="0" name="os.product" value="Windows Server 2008 Datacenter Edition"/>
+      <param pos="0" name="os.device" value="General"/>
+      <param pos="0" name="os.arch" value="x86"/>
+   </fingerprint>
+
+   <fingerprint pattern="^1\.3\.6\.1\.4\.1\.311\.1\.1\.3\.1\.2 Hardware: (\S+64).*Software: Windows Version 6\.0 \(Build 6001.*$">
+      <description>Windows Server 2008 on x86_64</description>
+      <example>1.3.6.1.4.1.311.1.1.3.1.2 Hardware: AMD64 Family 16 Model 2 Stepping 3 AT/AT COMPATIBLE - Software: Windows Version 6.0 (Build 6001 Multiprocessor Free)</example>
+      <example>1.3.6.1.4.1.311.1.1.3.1.2 Hardware: Intel64 Family 15 Model 2 Stepping 5 AT/AT COMPATIBLE - Software: Windows Version 6.0 (Build 6001 Multiprocessor Free)</example>
+      <param pos="0" name="os.vendor" value="Microsoft"/>
+      <param pos="0" name="os.family" value="Windows"/>
+      <param pos="0" name="os.product" value="Windows Server 2008"/>
+      <param pos="0" name="os.device" value="General"/>
+      <param pos="0" name="os.arch" value="x86_64"/>
+   </fingerprint>
+
+   <fingerprint pattern="^1\.3\.6\.1\.4\.1\.311\.1\.1\.3\.1\.3 Hardware: (\S+64).*Software: Windows Version 6\.0 \(Build 6001.*$">
+      <description>Windows Server 2008 Datacenter on x86_64</description>
+      <example>1.3.6.1.4.1.311.1.1.3.1.3 Hardware: AMD64 Family 16 Model 2 Stepping 3 AT/AT COMPATIBLE - Software: Windows Version 6.0 (Build 6001 Multiprocessor Free)</example>
+      <example>1.3.6.1.4.1.311.1.1.3.1.3 Hardware: Intel64 Family 15 Model 2 Stepping 5 AT/AT COMPATIBLE - Software: Windows Version 6.0 (Build 6001 Multiprocessor Free)</example>
+      <param pos="0" name="os.vendor" value="Microsoft"/>
+      <param pos="0" name="os.family" value="Windows"/>
+      <param pos="0" name="os.product" value="Windows Server 2008 Datacenter Edition"/>
+      <param pos="0" name="os.device" value="General"/>
+      <param pos="0" name="os.arch" value="x86_64"/>
+   </fingerprint>
+
+   <fingerprint pattern="^1\.3\.6\.1\.4\.1\.311\.1\.1\.3\.1\.2 Hardware: x86.*Software: Windows Version 6\.0 \(Build 6002.*$">
+      <description>Windows Server 2008 SP2 on x86</description>
+      <example>1.3.6.1.4.1.311.1.1.3.1.2 Hardware: x86 Family 16 Model 2 Stepping 3 AT/AT COMPATIBLE - Software: Windows Version 6.0 (Build 6002 Multiprocessor Free)</example>
+      <param pos="0" name="os.vendor" value="Microsoft"/>
+      <param pos="0" name="os.family" value="Windows"/>
+      <param pos="0" name="os.product" value="Windows Server 2008"/>
+      <param pos="0" name="os.device" value="General"/>
+      <param pos="0" name="os.version" value="SP2"/>
+      <param pos="0" name="os.arch" value="x86"/>
+   </fingerprint>
+
+   <fingerprint pattern="^1\.3\.6\.1\.4\.1\.311\.1\.1\.3\.1\.3 Hardware: x86.*Software: Windows Version 6\.0 \(Build 6002.*$">
+      <description>Windows Server 2008 Datacenter SP2 on x86</description>
+      <example>1.3.6.1.4.1.311.1.1.3.1.3 Hardware: x86 Family 16 Model 2 Stepping 3 AT/AT COMPATIBLE - Software: Windows Version 6.0 (Build 6002 Multiprocessor Free)</example>
+      <param pos="0" name="os.vendor" value="Microsoft"/>
+      <param pos="0" name="os.family" value="Windows"/>
+      <param pos="0" name="os.product" value="Windows Server 2008 Datacenter Edition"/>
+      <param pos="0" name="os.device" value="General"/>
+      <param pos="0" name="os.version" value="SP2"/>
+      <param pos="0" name="os.arch" value="x86"/>
+   </fingerprint>
+
+   <fingerprint pattern="^1\.3\.6\.1\.4\.1\.311\.1\.1\.3\.1\.2 Hardware: (\S+64).*Software: Windows Version 6\.0 \(Build 6002.*$">
+      <description>Windows Server 2008 SP2 on x86_64</description>
+      <example>1.3.6.1.4.1.311.1.1.3.1.2 Hardware: AMD64 Family 16 Model 2 Stepping 3 AT/AT COMPATIBLE - Software: Windows Version 6.0 (Build 6002 Multiprocessor Free)</example>
+      <example>1.3.6.1.4.1.311.1.1.3.1.2 Hardware: Intel64 Family 15 Model 2 Stepping 5 AT/AT COMPATIBLE - Software: Windows Version 6.0 (Build 6002 Multiprocessor Free)</example>
+      <param pos="0" name="os.vendor" value="Microsoft"/>
+      <param pos="0" name="os.family" value="Windows"/>
+      <param pos="0" name="os.product" value="Windows Server 2008 R2"/>
+      <param pos="0" name="os.device" value="General"/>
+      <param pos="0" name="os.version" value="SP2"/>
+      <param pos="0" name="os.arch" value="x86_64"/>
+   </fingerprint>   
+
+   <fingerprint pattern="^1\.3\.6\.1\.4\.1\.311\.1\.1\.3\.1\.3 Hardware: (\S+64).*Software: Windows Version 6\.0 \(Build 6002.*$">
+      <description>Windows Server 2008 Datacenter SP2 on x86_64</description>
+      <example>1.3.6.1.4.1.311.1.1.3.1.3 Hardware: AMD64 Family 16 Model 2 Stepping 3 AT/AT COMPATIBLE - Software: Windows Version 6.0 (Build 6002 Multiprocessor Free)</example>
+      <example>1.3.6.1.4.1.311.1.1.3.1.3 Hardware: Intel64 Family 15 Model 2 Stepping 5 AT/AT COMPATIBLE - Software: Windows Version 6.0 (Build 6002 Multiprocessor Free)</example>
+      <param pos="0" name="os.vendor" value="Microsoft"/>
+      <param pos="0" name="os.family" value="Windows"/>
+      <param pos="0" name="os.product" value="Windows Server 2008 R2"/>
+      <param pos="0" name="os.device" value="General"/>
+      <param pos="0" name="os.version" value="SP2"/>
+      <param pos="0" name="os.arch" value="x86_64"/>
+   </fingerprint>   
+
+   <fingerprint pattern="^1\.3\.6\.1\.4\.1\.311\.1\.1\.3\.1\.2 Hardware: x86.*Software: Windows Version 6\.1 \(Build 7600.*$">
+      <description>Windows Server 2008 R2 on x86</description>
+      <example>1.3.6.1.4.1.311.1.1.3.1.2 Hardware: x86 Family 15 Model 2 Stepping 5 AT/AT COMPATIBLE - Software: Windows Version 6.1 (Build 7600 Multiprocessor Free)</example>
+      <param pos="0" name="os.vendor" value="Microsoft"/>
+      <param pos="0" name="os.family" value="Windows"/>
+      <param pos="0" name="os.product" value="Windows Server 2008 R2"/>
+      <param pos="0" name="os.device" value="General"/>
+      <param pos="0" name="os.arch" value="x86"/>
+   </fingerprint>
+
+   <fingerprint pattern="^1\.3\.6\.1\.4\.1\.311\.1\.1\.3\.1\.3 Hardware: x86.*Software: Windows Version 6\.1 \(Build 7600.*$">
+      <description>Windows Server 2008 Datacenter R2 on x86</description>
+      <example>1.3.6.1.4.1.311.1.1.3.1.3 Hardware: x86 Family 15 Model 2 Stepping 5 AT/AT COMPATIBLE - Software: Windows Version 6.1 (Build 7600 Multiprocessor Free)</example>
+      <param pos="0" name="os.vendor" value="Microsoft"/>
+      <param pos="0" name="os.family" value="Windows"/>
+      <param pos="0" name="os.product" value="Windows Server 2008 R2, Datacenter Edition"/>
+      <param pos="0" name="os.device" value="General"/>
+      <param pos="0" name="os.arch" value="x86"/>
+   </fingerprint>
+
+   <fingerprint pattern="^1\.3\.6\.1\.4\.1\.311\.1\.1\.3\.1\.2 Hardware: (\S+64).*Software: Windows Version 6\.1 \(Build 7600.*$">
+      <description>Windows Server 2008 R2 on x86_64</description>
+      <example>1.3.6.1.4.1.311.1.1.3.1.2 Hardware: AMD64 Family 16 Model 2 Stepping 3 AT/AT COMPATIBLE - Software: Windows Version 6.1 (Build 7600 Multiprocessor Free)</example>
+      <example>1.3.6.1.4.1.311.1.1.3.1.2 Hardware: Intel64 Family 15 Model 2 Stepping 5 AT/AT COMPATIBLE - Software: Windows Version 6.1 (Build 7600 Multiprocessor Free)</example>
+      <param pos="0" name="os.vendor" value="Microsoft"/>
+      <param pos="0" name="os.family" value="Windows"/>
+      <param pos="0" name="os.product" value="Windows Server 2008 R2"/>
+      <param pos="0" name="os.device" value="General"/>
+      <param pos="0" name="os.arch" value="x86_64"/>
+   </fingerprint>
+
+   <fingerprint pattern="^1\.3\.6\.1\.4\.1\.311\.1\.1\.3\.1\.3 Hardware: (\S+64).*Software: Windows Version 6\.1 \(Build 7600.*$">
+      <description>Windows Server 2008 Datacenter R2 on x86_64</description>
+      <example>1.3.6.1.4.1.311.1.1.3.1.3 Hardware: AMD64 Family 16 Model 2 Stepping 3 AT/AT COMPATIBLE - Software: Windows Version 6.1 (Build 7600 Multiprocessor Free)</example>
+      <example>1.3.6.1.4.1.311.1.1.3.1.3 Hardware: Intel64 Family 15 Model 2 Stepping 5 AT/AT COMPATIBLE - Software: Windows Version 6.1 (Build 7600 Multiprocessor Free)</example>
+      <param pos="0" name="os.vendor" value="Microsoft"/>
+      <param pos="0" name="os.family" value="Windows"/>
+      <param pos="0" name="os.product" value="Windows Server 2008 R2, Datacenter Edition"/>
+      <param pos="0" name="os.device" value="General"/>
+      <param pos="0" name="os.arch" value="x86_64"/>
+   </fingerprint>
+
+   <fingerprint pattern="^1\.3\.6\.1\.4\.1\.311\.1\.1\.3\.1\.2 Hardware: x86.*Software: Windows Version 6\.1 \(Build 7601.*$">
+      <description>Windows Server 2008 R2 SP1 on x86</description>
+      <example>1.3.6.1.4.1.311.1.1.3.1.2 Hardware: x86 Family 15 Model 2 Stepping 5 AT/AT COMPATIBLE - Software: Windows Version 6.1 (Build 7601 Multiprocessor Free)</example>
+      <param pos="0" name="os.vendor" value="Microsoft"/>
+      <param pos="0" name="os.family" value="Windows"/>
+      <param pos="0" name="os.product" value="Windows Server 2008 R2"/>
+      <param pos="0" name="os.device" value="General"/>
+      <param pos="0" name="os.version" value="SP1"/>
+      <param pos="0" name="os.arch" value="x86"/>
+   </fingerprint>
+
+   <fingerprint pattern="^1\.3\.6\.1\.4\.1\.311\.1\.1\.3\.1\.3 Hardware: x86.*Software: Windows Version 6\.1 \(Build 7601.*$">
+      <description>Windows Server 2008 Datacenter R2 SP1 on x86</description>
+      <example>1.3.6.1.4.1.311.1.1.3.1.3 Hardware: x86 Family 15 Model 2 Stepping 5 AT/AT COMPATIBLE - Software: Windows Version 6.1 (Build 7601 Multiprocessor Free)</example>
+      <param pos="0" name="os.vendor" value="Microsoft"/>
+      <param pos="0" name="os.family" value="Windows"/>
+      <param pos="0" name="os.product" value="Windows Server 2008 R2, Datacenter Edition"/>
+      <param pos="0" name="os.device" value="General"/>
+      <param pos="0" name="os.version" value="SP1"/>
+      <param pos="0" name="os.arch" value="x86"/>
+   </fingerprint>
+
+   <fingerprint pattern="^1\.3\.6\.1\.4\.1\.311\.1\.1\.3\.1\.2 Hardware: (\S+64).*Software: Windows Version 6\.1 \(Build 7601.*$">
+      <description>Windows Server 2008 R2 SP1 on x86_64</description>
+      <example>1.3.6.1.4.1.311.1.1.3.1.2 Hardware: AMD64 Family 16 Model 2 Stepping 3 AT/AT COMPATIBLE - Software: Windows Version 6.1 (Build 7601 Multiprocessor Free)</example>
+      <example>1.3.6.1.4.1.311.1.1.3.1.2 Hardware: Intel64 Family 15 Model 2 Stepping 5 AT/AT COMPATIBLE - Software: Windows Version 6.1 (Build 7601 Multiprocessor Free)</example>
+      <param pos="0" name="os.vendor" value="Microsoft"/>
+      <param pos="0" name="os.family" value="Windows"/>
+      <param pos="0" name="os.product" value="Windows Server 2008 R2"/>
+      <param pos="0" name="os.device" value="General"/>
+      <param pos="0" name="os.version" value="SP1"/>
+      <param pos="0" name="os.arch" value="x86_64"/>
+   </fingerprint>
+
+   <fingerprint pattern="^1\.3\.6\.1\.4\.1\.311\.1\.1\.3\.1\.3 Hardware: (\S+64).*Software: Windows Version 6\.1 \(Build 7601.*$">
+      <description>Windows Server 2008 Datacenter R2 SP1 on x86_64</description>
+      <example>1.3.6.1.4.1.311.1.1.3.1.3 Hardware: AMD64 Family 16 Model 2 Stepping 3 AT/AT COMPATIBLE - Software: Windows Version 6.1 (Build 7601 Multiprocessor Free)</example>
+      <example>1.3.6.1.4.1.311.1.1.3.1.3 Hardware: Intel64 Family 15 Model 2 Stepping 5 AT/AT COMPATIBLE - Software: Windows Version 6.1 (Build 7601 Multiprocessor Free)</example>
+      <param pos="0" name="os.vendor" value="Microsoft"/>
+      <param pos="0" name="os.family" value="Windows"/>
+      <param pos="0" name="os.product" value="Windows Server 2008 R2, Datacenter Edition"/>
+      <param pos="0" name="os.device" value="General"/>
+      <param pos="0" name="os.version" value="SP1"/>
+      <param pos="0" name="os.arch" value="x86_64"/>
+   </fingerprint>
+
+   <fingerprint pattern="^1\.3\.6\.1\.4\.1\.311\.1\.1\.3\.1\.2 Hardware: (\S+64).*Software: Windows Version 6\.2 \(Build 9200.*$">
+      <description>Windows Server 2012 on x86_64</description>
+      <example>1.3.6.1.4.1.311.1.1.3.1.2 Hardware: Intel64 Family 6 Model 2 Stepping 3 AT/AT COMPATIBLE - Software: Windows Version 6.2 (Build 9200 Multiprocessor Free)</example>
+      <param pos="0" name="os.vendor" value="Microsoft"/>
+      <param pos="0" name="os.family" value="Windows"/>
+      <param pos="0" name="os.product" value="Windows Server 2012"/>
+      <param pos="0" name="os.device" value="General"/>
+      <param pos="0" name="os.arch" value="x86_64"/>
+   </fingerprint>
+</fingerprints>

data/xml/ssh_banners.xml

@@ -0,0 +1,790 @@
+<?xml version="1.0"?>
+<!--
+SSH "software revision and comment" strings (official RFC nomenclature for the part of
+the identification string after "SSH-x.x-") are matched against these patterns to
+fingerprint SSH servers.
+-->
+
+<fingerprints matches="ssh.banner">
+
+
+   <!-- Honeypot SSH server banners are useless for fingerprinting -->
+   <fingerprint pattern="honeypot" flags="REG_ICASE">
+      <description>Honeypot SSH</description>
+      <!-- assert nothing -->
+   </fingerprint>
+
+    <fingerprint pattern="^RomSShell_([\d\.]+)$">
+      <description>Allegro RomSShell SSH</description>
+      <example>RomSShell_4.62</example>
+      <param pos="0" name="service.vendor" value="Allegro"/>
+      <param pos="0" name="service.product" value="RomSShell"/>
+      <param pos="1" name="service.version"/>
+    </fingerprint>
+
+    <fingerprint pattern="^mpSSH_([\d\.]+)$">
+      <description>HP Integrated Lights Out Manager (ILOM) usually bundled with HP servers</description>
+      <example>mpSSH_0.0.1</example>
+      <param pos="0" name="service.vendor" value="HP"/>
+      <param pos="0" name="service.product" value="Integrated Lights Out Manager"/>
+      <param pos="0" name="hw.vendor" value="HP"/>
+      <param pos="0" name="os.device" value="Lights Out Management"/>
+      <param pos="1" name="service.version"/>
+    </fingerprint>
+
+    <fingerprint pattern="^Serv-U_([\d\.]+)$">
+      <description>Serv-U SSH</description>
+      <example>Serv-U_7.4.0.1</example>
+      <param pos="0" name="service.vendor" value="Rhino Software"/>
+      <param pos="0" name="service.product" value="Serv-U"/>
+      <param pos="1" name="service.version"/>
+   </fingerprint>
+
+   <fingerprint pattern="WS_FTP-SSH_([\d\.]+)$">
+     <description>WS_FTP Server with SSH</description>
+      <example>WS_FTP-SSH_6.1.1</example>
+      <example>WS_FTP-SSH_7.0</example>
+      <param pos="0" name="service.vendor" value="Ipswitch"/>
+      <param pos="0" name="service.product" value="WS_FTP"/>
+      <param pos="1" name="service.version"/>
+    </fingerprint>
+
+   <fingerprint pattern="^OpenSSH_([^\s]+)\s+(FreeBSD[ -].*)$">
+      <description>OpenSSH running on FreeBSD</description>
+      <param pos="1" name="service.version"/>
+      <param pos="2" name="openssh.comment"/>
+      <param pos="0" name="service.vendor" value="OpenBSD"/>
+      <param pos="0" name="service.family" value="OpenSSH"/>
+      <param pos="0" name="service.product" value="OpenSSH"/>
+      <param pos="0" name="os.vendor" value="FreeBSD"/>
+      <param pos="0" name="os.device" value="General"/>
+      <param pos="0" name="os.family" value="FreeBSD"/>
+      <param pos="0" name="os.product" value="FreeBSD"/>
+   </fingerprint>
+
+   <fingerprint pattern="^OpenSSH_([^\s]+)\s+(NetBSD[ -].*)$">
+      <description>OpenSSH running on NetBSD</description>
+      <param pos="1" name="service.version"/>
+      <param pos="2" name="openssh.comment"/>
+      <param pos="0" name="service.vendor" value="OpenBSD"/>
+      <param pos="0" name="service.family" value="OpenSSH"/>
+      <param pos="0" name="service.product" value="OpenSSH"/>
+      <param pos="0" name="os.vendor" value="NetBSD"/>
+      <param pos="0" name="os.device" value="General"/>
+      <param pos="0" name="os.family" value="NetBSD"/>
+      <param pos="0" name="os.product" value="NetBSD"/>
+   </fingerprint>
+
+   <fingerprint pattern="^OpenSSH_(4\.1p1) (Debian-7ubuntu4)$">
+      <description>OpenSSH running on Ubuntu 5.10</description>
+      <example>OpenSSH_4.1p1 Debian-7ubuntu4</example>
+      <param pos="1" name="service.version"/>
+      <param pos="2" name="openssh.comment"/>
+      <param pos="0" name="service.vendor" value="OpenBSD"/>
+      <param pos="0" name="service.family" value="OpenSSH"/>
+      <param pos="0" name="service.product" value="OpenSSH"/>
+      <param pos="0" name="os.vendor" value="Ubuntu"/>
+      <param pos="0" name="os.device" value="General"/>
+      <param pos="0" name="os.family" value="Linux"/>
+      <param pos="0" name="os.product" value="Linux"/>
+      <param pos="0" name="os.version" value="5.10"/>
+   </fingerprint>
+
+   <fingerprint pattern="^OpenSSH_(4\.2p1) (Debian-7ubuntu3.*)$">
+      <description>OpenSSH running on Ubuntu 6.04</description>
+      <example>OpenSSH_4.2p1 Debian-7ubuntu3.1</example>
+      <example>OpenSSH_4.2p1 Debian-7ubuntu3.2</example>
+      <param pos="1" name="service.version"/>
+      <param pos="2" name="openssh.comment"/>
+      <param pos="0" name="service.vendor" value="OpenBSD"/>
+      <param pos="0" name="service.family" value="OpenSSH"/>
+      <param pos="0" name="service.product" value="OpenSSH"/>
+      <param pos="0" name="os.vendor" value="Ubuntu"/>
+      <param pos="0" name="os.device" value="General"/>
+      <param pos="0" name="os.family" value="Linux"/>
+      <param pos="0" name="os.product" value="Linux"/>
+      <param pos="0" name="os.version" value="6.04"/>
+   </fingerprint>
+
+   <fingerprint pattern="^OpenSSH_(4\.3p2) (Debian-8ubuntu1.*)$">
+      <description>OpenSSH running on Ubuntu 7.04</description>
+      <example>OpenSSH_4.3p2 Debian-8ubuntu1.4</example>
+      <param pos="1" name="service.version"/>
+      <param pos="2" name="openssh.comment"/>
+      <param pos="0" name="service.vendor" value="OpenBSD"/>
+      <param pos="0" name="service.family" value="OpenSSH"/>
+      <param pos="0" name="service.product" value="OpenSSH"/>
+      <param pos="0" name="os.vendor" value="Ubuntu"/>
+      <param pos="0" name="os.device" value="General"/>
+      <param pos="0" name="os.family" value="Linux"/>
+      <param pos="0" name="os.product" value="Linux"/>
+      <param pos="0" name="os.version" value="7.04"/>
+   </fingerprint>
+
+   <fingerprint pattern="^OpenSSH_(4\.6p1) (Debian-5ubuntu0.*)$">
+      <description>OpenSSH running on Ubuntu 7.10</description>
+      <example>OpenSSH_4.6p1 Debian-5ubuntu0.2</example>
+      <example>OpenSSH_4.6p1 Debian-5ubuntu0.5</example>
+      <example>OpenSSH_4.6p1 Debian-5ubuntu0.6</example>
+      <param pos="1" name="service.version"/>
+      <param pos="2" name="openssh.comment"/>
+      <param pos="0" name="service.vendor" value="OpenBSD"/>
+      <param pos="0" name="service.family" value="OpenSSH"/>
+      <param pos="0" name="service.product" value="OpenSSH"/>
+      <param pos="0" name="os.vendor" value="Ubuntu"/>
+      <param pos="0" name="os.device" value="General"/>
+      <param pos="0" name="os.family" value="Linux"/>
+      <param pos="0" name="os.product" value="Linux"/>
+      <param pos="0" name="os.version" value="7.10"/>
+   </fingerprint>
+
+   <fingerprint pattern="^OpenSSH_(4\.7p1) (Debian-8ubuntu1.*)$">
+      <description>OpenSSH running on Ubuntu 8.04</description>
+      <example>OpenSSH_4.7p1 Debian-8ubuntu1.2</example>
+      <param pos="1" name="service.version"/>
+      <param pos="2" name="openssh.comment"/>
+      <param pos="0" name="service.vendor" value="OpenBSD"/>
+      <param pos="0" name="service.family" value="OpenSSH"/>
+      <param pos="0" name="service.product" value="OpenSSH"/>
+      <param pos="0" name="os.vendor" value="Ubuntu"/>
+      <param pos="0" name="os.device" value="General"/>
+      <param pos="0" name="os.family" value="Linux"/>
+      <param pos="0" name="os.product" value="Linux"/>
+      <param pos="0" name="os.version" value="8.04"/>
+   </fingerprint>
+
+   <fingerprint pattern="^OpenSSH_(5\.1p1) (Debian-3ubuntu1)$">
+      <description>OpenSSH running on Ubuntu 8.10</description>
+      <example>OpenSSH_5.1p1 Debian-3ubuntu1</example>
+      <param pos="1" name="service.version"/>
+      <param pos="2" name="openssh.comment"/>
+      <param pos="0" name="service.vendor" value="OpenBSD"/>
+      <param pos="0" name="service.family" value="OpenSSH"/>
+      <param pos="0" name="service.product" value="OpenSSH"/>
+      <param pos="0" name="os.vendor" value="Ubuntu"/>
+      <param pos="0" name="os.device" value="General"/>
+      <param pos="0" name="os.family" value="Linux"/>
+      <param pos="0" name="os.product" value="Linux"/>
+      <param pos="0" name="os.version" value="8.10"/>
+   </fingerprint>
+
+   <fingerprint pattern="^OpenSSH_(5\.1p1) (Debian-5ubuntu1)$">
+      <description>OpenSSH running on Ubuntu 9.04</description>
+      <example>OpenSSH_5.1p1 Debian-5ubuntu1</example>
+      <param pos="1" name="service.version"/>
+      <param pos="2" name="openssh.comment"/>
+      <param pos="0" name="service.vendor" value="OpenBSD"/>
+      <param pos="0" name="service.family" value="OpenSSH"/>
+      <param pos="0" name="service.product" value="OpenSSH"/>
+      <param pos="0" name="os.vendor" value="Ubuntu"/>
+      <param pos="0" name="os.device" value="General"/>
+      <param pos="0" name="os.family" value="Linux"/>
+      <param pos="0" name="os.product" value="Linux"/>
+      <param pos="0" name="os.version" value="9.04"/>
+   </fingerprint>
+
+   <fingerprint pattern="^OpenSSH_(5\.1p1) (Debian-6ubuntu2)$">
+      <description>OpenSSH running on Ubuntu 9.10</description>
+      <example>OpenSSH_5.1p1 Debian-6ubuntu2</example>
+      <param pos="1" name="service.version"/>
+      <param pos="2" name="openssh.comment"/>
+      <param pos="0" name="service.vendor" value="OpenBSD"/>
+      <param pos="0" name="service.family" value="OpenSSH"/>
+      <param pos="0" name="service.product" value="OpenSSH"/>
+      <param pos="0" name="os.vendor" value="Ubuntu"/>
+      <param pos="0" name="os.device" value="General"/>
+      <param pos="0" name="os.family" value="Linux"/>
+      <param pos="0" name="os.product" value="Linux"/>
+      <param pos="0" name="os.version" value="9.10"/>
+   </fingerprint>
+
+   <fingerprint pattern="^OpenSSH_(5\.3p1) (Debian-3ubuntu3)$">
+      <description>OpenSSH running on Ubuntu 10.04 (lucid)</description>
+      <example>OpenSSH_5.3p1 Debian-3ubuntu3</example>
+      <param pos="1" name="service.version"/>
+      <param pos="2" name="openssh.comment"/>
+      <param pos="0" name="service.vendor" value="OpenBSD"/>
+      <param pos="0" name="service.family" value="OpenSSH"/>
+      <param pos="0" name="service.product" value="OpenSSH"/>
+      <param pos="0" name="os.vendor" value="Ubuntu"/>
+      <param pos="0" name="os.device" value="General"/>
+      <param pos="0" name="os.family" value="Linux"/>
+      <param pos="0" name="os.product" value="Linux"/>
+      <param pos="0" name="os.version" value="10.04"/>
+   </fingerprint>
+
+   <fingerprint pattern="^OpenSSH_(5\.3p1) (Debian-3ubuntu4)$">
+      <description>OpenSSH running on Ubuntu 10.04 (lucid) update 1</description>
+      <example>OpenSSH_5.3p1 Debian-3ubuntu4</example>
+      <param pos="1" name="service.version"/>
+      <param pos="2" name="openssh.comment"/>
+      <param pos="0" name="service.vendor" value="OpenBSD"/>
+      <param pos="0" name="service.family" value="OpenSSH"/>
+      <param pos="0" name="service.product" value="OpenSSH"/>
+      <param pos="0" name="os.vendor" value="Ubuntu"/>
+      <param pos="0" name="os.device" value="General"/>
+      <param pos="0" name="os.family" value="Linux"/>
+      <param pos="0" name="os.product" value="Linux"/>
+      <param pos="0" name="os.version" value="10.04"/>
+   </fingerprint>
+
+   <fingerprint pattern="^OpenSSH_(5\.3p1) (Debian-3ubuntu[56])$">
+      <description>OpenSSH running on Ubuntu 10.04 (lucid) update 2</description>
+      <example>OpenSSH_5.3p1 Debian-3ubuntu5</example>
+      <example>OpenSSH_5.3p1 Debian-3ubuntu6</example>
+      <param pos="1" name="service.version"/>
+      <param pos="2" name="openssh.comment"/>
+      <param pos="0" name="service.vendor" value="OpenBSD"/>
+      <param pos="0" name="service.family" value="OpenSSH"/>
+      <param pos="0" name="service.product" value="OpenSSH"/>
+      <param pos="0" name="os.vendor" value="Ubuntu"/>
+      <param pos="0" name="os.device" value="General"/>
+      <param pos="0" name="os.family" value="Linux"/>
+      <param pos="0" name="os.product" value="Linux"/>
+      <param pos="0" name="os.version" value="10.04"/>
+   </fingerprint>
+
+   <fingerprint pattern="^OpenSSH_(5\.3p1) (Debian-3ubuntu7)$">
+      <description>OpenSSH running on Ubuntu 10.04 (lucid) update 3 or update 4</description>
+      <example>OpenSSH_5.3p1 Debian-3ubuntu7</example>
+      <param pos="1" name="service.version"/>
+      <param pos="2" name="openssh.comment"/>
+      <param pos="0" name="service.vendor" value="OpenBSD"/>
+      <param pos="0" name="service.family" value="OpenSSH"/>
+      <param pos="0" name="service.product" value="OpenSSH"/>
+      <param pos="0" name="os.vendor" value="Ubuntu"/>
+      <param pos="0" name="os.device" value="General"/>
+      <param pos="0" name="os.family" value="Linux"/>
+      <param pos="0" name="os.product" value="Linux"/>
+      <param pos="0" name="os.version" value="10.04"/>
+   </fingerprint>
+
+   <fingerprint pattern="^OpenSSH_(5\.5p1) (Debian-4ubuntu[45])$">
+      <description>OpenSSH running on Ubuntu 10.10</description>
+      <example>OpenSSH_5.5p1 Debian-4ubuntu4</example>
+      <example>OpenSSH_5.5p1 Debian-4ubuntu5</example>
+      <param pos="1" name="service.version"/>
+      <param pos="2" name="openssh.comment"/>
+      <param pos="0" name="service.vendor" value="OpenBSD"/>
+      <param pos="0" name="service.family" value="OpenSSH"/>
+      <param pos="0" name="service.product" value="OpenSSH"/>
+      <param pos="0" name="os.vendor" value="Ubuntu"/>
+      <param pos="0" name="os.device" value="General"/>
+      <param pos="0" name="os.family" value="Linux"/>
+      <param pos="0" name="os.product" value="Linux"/>
+      <param pos="0" name="os.version" value="10.10"/>
+   </fingerprint>
+
+   <fingerprint pattern="^OpenSSH_(5\.8p1) (Debian-1ubuntu3)$">
+      <description>OpenSSH running on Ubuntu 11.04</description>
+      <example>OpenSSH_5.8p1 Debian-1ubuntu3</example>
+      <param pos="1" name="service.version"/>
+      <param pos="2" name="openssh.comment"/>
+      <param pos="0" name="service.vendor" value="OpenBSD"/>
+      <param pos="0" name="service.family" value="OpenSSH"/>
+      <param pos="0" name="service.product" value="OpenSSH"/>
+      <param pos="0" name="os.vendor" value="Ubuntu"/>
+      <param pos="0" name="os.device" value="General"/>
+      <param pos="0" name="os.family" value="Linux"/>
+      <param pos="0" name="os.product" value="Linux"/>
+      <param pos="0" name="os.version" value="11.04"/>
+   </fingerprint>
+
+   <fingerprint pattern="^OpenSSH_(5\.8p1) (Debian-7ubuntu1)$">
+      <description>OpenSSH running on Ubuntu 11.10</description>
+      <example>OpenSSH_5.8p1 Debian-7ubuntu1</example>
+      <param pos="1" name="service.version"/>
+      <param pos="2" name="openssh.comment"/>
+      <param pos="0" name="service.vendor" value="OpenBSD"/>
+      <param pos="0" name="service.family" value="OpenSSH"/>
+      <param pos="0" name="service.product" value="OpenSSH"/>
+      <param pos="0" name="os.vendor" value="Ubuntu"/>
+      <param pos="0" name="os.device" value="General"/>
+      <param pos="0" name="os.family" value="Linux"/>
+      <param pos="0" name="os.product" value="Linux"/>
+      <param pos="0" name="os.version" value="11.10"/>
+   </fingerprint>
+
+   <fingerprint pattern="^OpenSSH_(5\.9p1) (Debian-5ubuntu1(?:\.3|))$">
+      <description>OpenSSH running on Ubuntu 12.04</description>
+      <example>OpenSSH_5.9p1 Debian-5ubuntu1</example>
+      <param pos="1" name="service.version"/>
+      <param pos="2" name="openssh.comment"/>
+      <param pos="0" name="service.vendor" value="OpenBSD"/>
+      <param pos="0" name="service.family" value="OpenSSH"/>
+      <param pos="0" name="service.product" value="OpenSSH"/>
+      <param pos="0" name="os.vendor" value="Ubuntu"/>
+      <param pos="0" name="os.device" value="General"/>
+      <param pos="0" name="os.family" value="Linux"/>
+      <param pos="0" name="os.product" value="Linux"/>
+      <param pos="0" name="os.version" value="12.04"/>
+   </fingerprint>
+
+   <fingerprint pattern="^OpenSSH_(6\.0p1) (Debian-3ubuntu1)$">
+      <description>OpenSSH running on Ubuntu 12.10</description>
+      <example>OpenSSH_6.0p1 Debian-3ubuntu1</example>
+      <param pos="1" name="service.version"/>
+      <param pos="2" name="openssh.comment"/>
+      <param pos="0" name="service.vendor" value="OpenBSD"/>
+      <param pos="0" name="service.family" value="OpenSSH"/>
+      <param pos="0" name="service.product" value="OpenSSH"/>
+      <param pos="0" name="os.vendor" value="Ubuntu"/>
+      <param pos="0" name="os.device" value="General"/>
+      <param pos="0" name="os.family" value="Linux"/>
+      <param pos="0" name="os.product" value="Linux"/>
+      <param pos="0" name="os.version" value="12.10"/>
+   </fingerprint>
+
+   <fingerprint pattern="^OpenSSH_(6\.1p1) (Debian-4)$">
+      <description>OpenSSH running on Ubuntu 13.04</description>
+      <example>OpenSSH_6.1p1 Debian-4</example>
+      <param pos="1" name="service.version"/>
+      <param pos="2" name="openssh.comment"/>
+      <param pos="0" name="service.vendor" value="OpenBSD"/>
+      <param pos="0" name="service.family" value="OpenSSH"/>
+      <param pos="0" name="service.product" value="OpenSSH"/>
+      <param pos="0" name="os.vendor" value="Ubuntu"/>
+      <param pos="0" name="os.device" value="General"/>
+      <param pos="0" name="os.family" value="Linux"/>
+      <param pos="0" name="os.product" value="Linux"/>
+      <param pos="0" name="os.version" value="13.04"/>
+   </fingerprint>
+
+   <fingerprint pattern="^OpenSSH_(6\.6p1) (Ubuntu-2ubuntu1)$">
+      <description>OpenSSH running on Ubuntu 14.04</description>
+      <example>OpenSSH_6.6p1 Ubuntu-2ubuntu1</example>
+      <param pos="1" name="service.version"/>
+      <param pos="2" name="openssh.comment"/>
+      <param pos="0" name="service.vendor" value="OpenBSD"/>
+      <param pos="0" name="service.family" value="OpenSSH"/>
+      <param pos="0" name="service.product" value="OpenSSH"/>
+      <param pos="0" name="os.vendor" value="Ubuntu"/>
+      <param pos="0" name="os.device" value="General"/>
+      <param pos="0" name="os.family" value="Linux"/>
+      <param pos="0" name="os.product" value="Linux"/>
+      <param pos="0" name="os.version" value="14.04"/>
+   </fingerprint>
+
+   <fingerprint pattern="^OpenSSH_([^\s]+)\s+((?:Debian|Ubuntu).+ubuntu.*)$">
+      <description>OpenSSH running on Ubuntu</description>
+      <param pos="1" name="service.version"/>
+      <param pos="2" name="openssh.comment"/>
+      <param pos="0" name="service.vendor" value="OpenBSD"/>
+      <param pos="0" name="service.family" value="OpenSSH"/>
+      <param pos="0" name="service.product" value="OpenSSH"/>
+      <param pos="0" name="os.vendor" value="Ubuntu"/>
+      <param pos="0" name="os.device" value="General"/>
+      <param pos="0" name="os.family" value="Linux"/>
+      <param pos="0" name="os.product" value="Linux"/>
+   </fingerprint>
+
+   <fingerprint pattern="^OpenSSH_([^\s]+)\s+(Debian.+etch.*)$">
+      <description>OpenSSH running on Debian 4.0 (etch)</description>
+      <param pos="1" name="service.version"/>
+      <param pos="2" name="openssh.comment"/>
+      <param pos="0" name="service.vendor" value="OpenBSD"/>
+      <param pos="0" name="service.family" value="OpenSSH"/>
+      <param pos="0" name="service.product" value="OpenSSH"/>
+      <param pos="0" name="os.vendor" value="Debian"/>
+      <param pos="0" name="os.device" value="General"/>
+      <param pos="0" name="os.family" value="Linux"/>
+      <param pos="0" name="os.product" value="Linux"/>
+      <param pos="0" name="os.version" value="4.0"/>
+   </fingerprint>
+
+   <fingerprint pattern="^OpenSSH_([^\s]+)\s+(Debian.+sarge.*)$">
+      <description>OpenSSH running on Debian 3.1 (sarge)</description>
+      <param pos="1" name="service.version"/>
+      <param pos="2" name="openssh.comment"/>
+      <param pos="0" name="service.vendor" value="OpenBSD"/>
+      <param pos="0" name="service.family" value="OpenSSH"/>
+      <param pos="0" name="service.product" value="OpenSSH"/>
+      <param pos="0" name="os.vendor" value="Debian"/>
+      <param pos="0" name="os.device" value="General"/>
+      <param pos="0" name="os.family" value="Linux"/>
+      <param pos="0" name="os.product" value="Linux"/>
+      <param pos="0" name="os.version" value="3.1"/>
+   </fingerprint>
+
+   <fingerprint pattern="^OpenSSH_([^\s]+)\s+(Debian.+woody.*)$">
+      <description>OpenSSH running on Debian 3.0 (woody)</description>
+      <param pos="1" name="service.version"/>
+      <param pos="2" name="openssh.comment"/>
+      <param pos="0" name="service.vendor" value="OpenBSD"/>
+      <param pos="0" name="service.family" value="OpenSSH"/>
+      <param pos="0" name="service.product" value="OpenSSH"/>
+      <param pos="0" name="os.vendor" value="Debian"/>
+      <param pos="0" name="os.device" value="General"/>
+      <param pos="0" name="os.family" value="Linux"/>
+      <param pos="0" name="os.product" value="Linux"/>
+      <param pos="0" name="os.version" value="3.0"/>
+   </fingerprint>
+
+   <fingerprint pattern="^OpenSSH_([^\s]+)\s+(Debian.*)$">
+      <description>OpenSSH running on Debian (unknown version)</description>
+      <param pos="1" name="service.version"/>
+      <param pos="2" name="openssh.comment"/>
+      <param pos="0" name="service.vendor" value="OpenBSD"/>
+      <param pos="0" name="service.family" value="OpenSSH"/>
+      <param pos="0" name="service.product" value="OpenSSH"/>
+      <param pos="0" name="os.vendor" value="Debian"/>
+      <param pos="0" name="os.device" value="General"/>
+      <param pos="0" name="os.family" value="Linux"/>
+      <param pos="0" name="os.product" value="Linux"/>
+   </fingerprint>
+
+   <fingerprint pattern="^OpenSSH_(.*)\+(CAN-[0-9]{4}-[0-9]{4})$">
+      <description>OpenSSH with CVE patch, as seen in Mac OS X</description>
+      <param pos="1" name="service.version"/>
+      <param pos="2" name="openssh.cvepatch"/>
+      <param pos="0" name="service.vendor" value="OpenBSD"/>
+      <param pos="0" name="service.family" value="OpenSSH"/>
+      <param pos="0" name="service.product" value="OpenSSH"/>
+      <param pos="0" name="os.vendor" value="Apple"/>
+      <param pos="0" name="os.device" value="General"/>
+      <param pos="0" name="os.family" value="Mac OS X"/>
+      <param pos="0" name="os.product" value="Mac OS X"/>
+   </fingerprint>
+
+   <fingerprint pattern="^OpenSSH_(.*)_Mikrotik_v(.*)$">
+      <description>Huawei Versatile Routing Platform (VRP)</description>
+      <param pos="1" name="service.version"/>
+      <param pos="2" name="os.version"/>
+      <param pos="0" name="service.vendor" value="OpenBSD"/>
+      <param pos="0" name="service.family" value="OpenSSH"/>
+      <param pos="0" name="service.product" value="OpenSSH"/>
+      <param pos="0" name="os.vendor" value="MikroTik"/>
+      <param pos="0" name="os.device" value="Router"/>
+      <param pos="0" name="os.family" value="RouterOS"/>
+      <param pos="0" name="os.product" value="RouterOS"/>
+   </fingerprint>
+
+   <fingerprint pattern="^OpenSSH_(.*) in DesktopAuthority (.*)$">
+      <!-- OpenSSH_3.8 in DesktopAuthority 5.55.030 -->
+      <description>DesktopAuthority SSH</description>
+      <param pos="1" name="service.version"/>
+      <param pos="0" name="service.vendor" value="OpenBSD"/>
+      <param pos="0" name="service.family" value="OpenSSH"/>
+      <param pos="0" name="service.product" value="OpenSSH"/>
+      <param pos="0" name="os.vendor" value="Microsoft"/>
+      <param pos="0" name="os.family" value="Windows"/>
+      <param pos="0" name="os.product" value="Windows"/>
+   </fingerprint>
+
+   <!-- SSH-1.99-OpenSSH_4.3p2-4.cern-hpn-CERN-4.3p2-4.cern -->
+
+   <fingerprint pattern="^OpenSSH_?([^\s]*)\s*(.*)$">
+      <description>Catch all for OpenSSH based SSH servers
+      ******************** NOTE ********************
+      Be sure to put any specific OpenSSH derivative
+      checks above this block.
+      ******************** NOTE ********************
+      </description>
+      <param pos="1" name="service.version"/>
+      <param pos="2" name="openssh.comment"/>
+      <param pos="0" name="service.vendor" value="OpenBSD"/>
+      <param pos="0" name="service.family" value="OpenSSH"/>
+      <param pos="0" name="service.product" value="OpenSSH"/>
+   </fingerprint>
+
+   <!-- TODO: Handle "vpn3" banners for Cisco 3000 VPN Concentrators (need example banners first) -->
+
+   <fingerprint pattern="^Cisco-(.*)$">
+      <description>Cisco SSH banner (could be IOS or PIX).
+         The version always seems to be 1.25</description>
+      <param pos="1" name="service.version"/>
+      <param pos="0" name="service.vendor" value="Cisco"/>
+      <param pos="0" name="service.product" value="SSH"/>
+      <param pos="0" name="os.vendor" value="Cisco"/>
+      <!-- temporary workaround for NEX-2123: assume it is IOS -->
+      <param pos="0" name="os.product" value="IOS"/>
+      <param pos="0" name="os.certainty" value="0.8"/>
+    </fingerprint>
+
+    <fingerprint pattern="^CISCO_WLC$">
+      <description>SSH banner from a Cisco Wireless LAN Controller (WLC)</description>
+      <example>CISCO_WLC</example>
+      <param pos="0" name="service.vendor" value="Cisco"/>
+      <param pos="0" name="service.product" value="SSH"/>
+      <param pos="0" name="os.vendor" value="Cisco"/>
+      <param pos="0" name="os.product" value="Wireless LAN Controller"/>
+   </fingerprint>
+
+   <fingerprint pattern="^Sun_SSH_(.*)$">
+      <description>Sun SSH banner</description>
+      <param pos="1" name="service.version"/>
+      <param pos="0" name="service.vendor" value="Sun"/>
+      <param pos="0" name="service.product" value="SSH"/>
+      <param pos="0" name="os.vendor" value="Sun"/>
+      <param pos="0" name="os.family" value="Solaris"/>
+      <param pos="0" name="os.product" value="Solaris"/>
+   </fingerprint>
+
+   <fingerprint pattern="^SSH Protocol Compatible Server SCS (.*)$">
+      <description>Netscreen</description>
+      <param pos="1" name="service.version"/>
+      <param pos="0" name="service.vendor" value="Juniper"/>
+      <param pos="0" name="service.family" value="NetScreen"/>
+      <param pos="0" name="service.product" value="NetScreen"/>
+      <param pos="0" name="os.vendor" value="Juniper"/>
+      <param pos="0" name="os.device" value="Firewall"/>
+      <param pos="0" name="os.family" value="ScreenOS"/>
+      <param pos="0" name="os.product" value="ScreenOS"/>
+   </fingerprint>
+
+   <fingerprint pattern="^NetScreen$">
+      <description>Netscreen</description>
+      <param pos="0" name="service.vendor" value="Juniper"/>
+      <param pos="0" name="service.family" value="NetScreen"/>
+      <param pos="0" name="service.product" value="NetScreen"/>
+      <param pos="0" name="os.vendor" value="Juniper"/>
+      <param pos="0" name="os.device" value="Firewall"/>
+      <param pos="0" name="os.family" value="ScreenOS"/>
+      <param pos="0" name="os.product" value="ScreenOS"/>
+   </fingerprint>
+
+   <fingerprint pattern="^(HUAWEI-VRP-?|VRP-)(.*)$">
+      <description>Huawei Versatile Routing Platform (VRP)</description>
+      <param pos="2" name="service.version"/>
+      <param pos="2" name="os.version"/>
+      <param pos="0" name="service.vendor" value="Huawei"/>
+      <param pos="0" name="service.family" value="VRP"/>
+      <param pos="0" name="service.product" value="VRP"/>
+      <param pos="0" name="os.vendor" value="Huawei"/>
+      <param pos="0" name="os.device" value="Router"/>
+      <param pos="0" name="os.family" value="VRP"/>
+      <param pos="0" name="os.product" value="VRP"/>
+   </fingerprint>
+
+   <fingerprint pattern="^([^\s]+) sshlib: GlobalScape$">
+      <description>GlobalScape SSH (which uses Bitvise sshlib)</description>
+      <param pos="1" name="service.component.version"/>
+      <param pos="0" name="service.component.vendor" value="Bitvise"/>
+      <param pos="0" name="service.component.family" value="sshlib"/>
+      <param pos="0" name="service.component.product" value="sshlib"/>
+      <param pos="0" name="service.vendor" value="GlobalScape"/>
+      <param pos="0" name="service.family" value="Secure FTP Server"/>
+      <param pos="0" name="service.product" value="Secure FTP Server"/>
+      <param pos="0" name="os.vendor" value="Microsoft"/>
+      <param pos="0" name="os.family" value="Windows"/>
+      <param pos="0" name="os.product" value="Windows"/>
+   </fingerprint>
+
+   <fingerprint pattern="^([^\s]+) sshlib: WinSSHD (.*)$">
+      <description>Bitvise WinSSHD (which uses Bitvise sshlib)</description>
+      <param pos="1" name="service.component.version"/>
+      <param pos="2" name="service.version"/>
+      <param pos="0" name="service.component.vendor" value="Bitvise"/>
+      <param pos="0" name="service.component.family" value="sshlib"/>
+      <param pos="0" name="service.component.product" value="sshlib"/>
+      <param pos="0" name="service.vendor" value="Bitvise"/>
+      <param pos="0" name="service.family" value="WinSSHD"/>
+      <param pos="0" name="service.product" value="WinSSHD"/>
+      <param pos="0" name="os.vendor" value="Microsoft"/>
+      <param pos="0" name="os.family" value="Windows"/>
+      <param pos="0" name="os.product" value="Windows"/>
+    </fingerprint>
+
+   <fingerprint pattern="^([^\s]+) FlowSsh: WinSSHD ([^ ]+):?.*$">
+     <description>Bitvise WinSSHD (which uses Bitvise flowssh)</description>
+      <example>1.03 FlowSsh: WinSSHD 5.09</example>
+      <example>1.07 FlowSsh: WinSSHD 5.20: free only for personal non-commercial use</example>
+      <param pos="1" name="service.component.version"/>
+      <param pos="2" name="service.version"/>
+      <param pos="0" name="service.component.vendor" value="Bitvise"/>
+      <param pos="0" name="service.component.family" value="flowssh"/>
+      <param pos="0" name="service.component.product" value="flowssh"/>
+      <param pos="0" name="service.vendor" value="Bitvise"/>
+      <param pos="0" name="service.family" value="WinSSHD"/>
+      <param pos="0" name="service.product" value="WinSSHD"/>
+      <param pos="0" name="os.vendor" value="Microsoft"/>
+      <param pos="0" name="os.family" value="Windows"/>
+      <param pos="0" name="os.product" value="Windows"/>
+   </fingerprint>
+
+   <fingerprint pattern="^([^\s]+) sshlib: MOVEit DMZ SSH (.*)$">
+      <description>MOVEit DMZ (which uses Bitvise sshlib)</description>
+      <param pos="1" name="service.component.version"/>
+      <param pos="2" name="service.version"/>
+      <param pos="0" name="service.component.vendor" value="Bitvise"/>
+      <param pos="0" name="service.component.family" value="sshlib"/>
+      <param pos="0" name="service.component.product" value="sshlib"/>
+      <param pos="0" name="service.vendor" value="Standard Networks"/>
+      <param pos="0" name="service.family" value="MOVEit DMZ"/>
+      <param pos="0" name="service.product" value="MOVEit DMZ"/>
+      <param pos="0" name="os.vendor" value="Microsoft"/>
+      <param pos="0" name="os.family" value="Windows"/>
+      <param pos="0" name="os.product" value="Windows"/>
+    </fingerprint>
+
+   <fingerprint pattern="^Pragma SecureShell\s*(.*)$">
+      <description>Pragma SecureShell</description>
+      <param pos="1" name="service.version"/>
+      <param pos="0" name="service.vendor" value="Pragma Systems"/>
+      <param pos="0" name="service.family" value="FortressSSH Server"/>
+      <param pos="0" name="service.product" value="FortressSSH Server"/>
+      <param pos="0" name="os.vendor" value="Microsoft"/>
+      <param pos="0" name="os.family" value="Windows"/>
+      <param pos="0" name="os.product" value="Windows"/>
+   </fingerprint>
+
+   <fingerprint pattern="^VShell_(\d+)_(\d+)_(\d+)_(\d+) VShell$">
+      <description>VanDyke VShell</description>
+      <example>VShell_3_6_2_446 VShell</example>
+      <param pos="1" name="service.version"/>
+      <param pos="2" name="service.version.version"/>
+      <param pos="3" name="service.version.version.version"/>
+      <param pos="4" name="service.version.version.version.version"/>
+      <param pos="0" name="service.vendor" value="VanDyke Software"/>
+      <param pos="0" name="service.family" value="VShell"/>
+      <param pos="0" name="service.product" value="VShell"/>
+    </fingerprint>
+
+   <fingerprint pattern="^([\s]*)\s*VShell$">
+      <description>VanDyke VShell</description>
+      <param pos="1" name="service.version"/>
+      <param pos="0" name="service.vendor" value="VanDyke Software"/>
+      <param pos="0" name="service.family" value="VShell"/>
+      <param pos="0" name="service.product" value="VShell"/>
+   </fingerprint>
+
+   <fingerprint pattern="^WRQReflectionForSecureIT_(.*)$">
+      <description>Attachmate Reflection (formerly WRQ Reflection for Secure IT)
+      </description>
+      <!-- versions are of the form: 6.0 Build 23 -->
+      <param pos="1" name="service.version"/>
+      <param pos="0" name="service.vendor" value="Attachmate"/>
+      <param pos="0" name="service.family" value="Reflection"/>
+      <param pos="0" name="service.product" value="Reflection"/>
+   </fingerprint>
+
+   <fingerprint pattern="^([^\s]*)\s*F-Secure SSH\s*(.*)$">
+      <!-- 3.2.3 F-Secure SSH Windows NT Server -->
+      <description>Attachmate Reflection (formerly F-Secure SSH)
+      </description>
+      <param pos="1" name="service.version"/>
+      <param pos="0" name="service.vendor" value="Attachmate"/>
+      <param pos="0" name="service.family" value="Reflection"/>
+      <param pos="0" name="service.product" value="Reflection"/>
+   </fingerprint>
+
+   <fingerprint pattern="^([^\s]*)\s*SSH Tectia Server$">
+      <!-- 5.0.1.79 SSH Tectia Server -->
+      <description>SSH Communications Security Tectia Server</description>
+      <param pos="1" name="service.version"/>
+      <param pos="0" name="service.vendor" value="SSH Communications Security"/>
+      <param pos="0" name="service.family" value="SSH Tectia Server"/>
+      <param pos="0" name="service.product" value="SSH Tectia Server"/>
+   </fingerprint>
+
+   <fingerprint pattern="^([0-9\.]+) SSH Secure Shell(?: \(non-commercial\))?$">
+      <example>3.2.9.1 SSH Secure Shell (non-commercial)</example>
+      <example>4.0.3 SSH Secure Shell</example>
+      <example>4.4.2.3 SSH Secure Shell</example>
+      <description>SSH Communications Security Tectia Server</description>
+      <param pos="1" name="service.version"/>
+      <param pos="0" name="service.vendor" value="SSH Communications Security"/>
+      <param pos="0" name="service.family" value="SSH Tectia Server"/>
+      <param pos="0" name="service.product" value="SSH Tectia Server"/>
+    </fingerprint>
+
+   <fingerprint pattern="^([0-9\.]+) SSH Secure Shell Windows NT Server$">
+      <description>Unknown Windows SSH server</description>
+      <example>4.0.3 SSH Secure Shell Windows NT Server</example>
+      <param pos="0" name="os.vendor" value="Microsoft"/>
+      <param pos="0" name="os.family" value="Windows"/>
+      <param pos="0" name="os.product" value="Windows"/>
+      <param pos="1" name="service.version"/>
+      <param pos="0" name="service.vendor" value="SSH Communications Security"/>
+      <param pos="0" name="service.family" value="SSH Tectia Server"/>
+      <param pos="0" name="service.product" value="SSH Tectia Server"/>
+   </fingerprint>
+
+   <fingerprint pattern="^ARRIS_(.*)$">
+      <description>ARRIS device (though not clear which) - www.arrisi.com</description>
+      <param pos="1" name="service.version"/>
+      <param pos="0" name="service.vendor" value="ARRIS"/>
+      <param pos="0" name="service.product" value="ARRIS"/>
+      <param pos="0" name="os.vendor" value="ARRIS"/>
+      <param pos="0" name="os.product" value="Unknown"/>
+   </fingerprint>
+
+   <fingerprint pattern="^Mocana SSH.*$">
+      <description>Mocana Embedded SSH (note, there seem to be spaces at the
+      end of the returned banner, thus the .*</description>
+      <param pos="0" name="service.vendor" value="Mocana"/>
+      <param pos="0" name="service.family" value="Embedded SSH Server"/>
+      <param pos="0" name="service.product" value="Embedded SSH Server"/>
+   </fingerprint>
+
+   <fingerprint pattern="^FreSSH\.(.*)$">
+      <description>FreSSH</description>
+      <param pos="1" name="service.version"/>
+      <param pos="0" name="service.family" value="FreSSH"/>
+      <param pos="0" name="service.product" value="FreSSH"/>
+   </fingerprint>
+
+   <fingerprint pattern="^RomCliSecure_(.*)$">
+      <description>RomCliSecure appears to be the Adtran NetVanta products</description>
+      <param pos="1" name="service.version"/>
+      <param pos="0" name="service.vendor" value="Adtran"/>
+      <param pos="0" name="service.family" value="NetVanta"/>
+      <param pos="0" name="service.product" value="NetVanta"/>
+      <param pos="0" name="os.vendor" value="Adtran"/>
+      <param pos="0" name="os.family" value="NetVanta"/>
+      <param pos="0" name="os.product" value="NetVanta"/>
+   </fingerprint>
+
+   <fingerprint pattern="^.*MultiNet.*$">
+      <description>Process Software MultiNet is a suite of network apps for OpenVMS</description>
+      <param pos="0" name="service.vendor" value="Process Software"/>
+      <param pos="0" name="service.family" value="MultiNet"/>
+      <param pos="0" name="service.product" value="MultiNet"/>
+      <param pos="0" name="os.vendor" value="HP"/>
+      <param pos="0" name="os.family" value="OpenVMS"/>
+      <param pos="0" name="os.product" value="OpenVMS"/>
+   </fingerprint>
+
+   <fingerprint pattern="^dropbear_(.*)$">
+      <!-- dropbear_0.36 -->
+      <!-- dropbear_0.44test4 -->
+      <description>Dropbear - http://matt.ucc.asn.au/dropbear/dropbear.html</description>
+      <param pos="1" name="service.version"/>
+      <param pos="0" name="service.family" value="Dropbear"/>
+      <param pos="0" name="service.product" value="Dropbear"/>
+   </fingerprint>
+
+   <fingerprint pattern="^lancom$">
+      <description>LANCOM Systems - http://www.lancom-systems.de/</description>
+      <param pos="0" name="service.vendor" value="LANCOM Systems"/>
+      <param pos="0" name="service.family" value="SSH"/>
+      <param pos="0" name="service.product" value="SSH"/>
+      <param pos="0" name="os.vendor" value="LANCOM Systems"/>
+      <param pos="0" name="os.product" value="Unknown"/>
+   </fingerprint>
+
+   <fingerprint pattern="^0$">
+      <description>MOVEit DMZ</description>
+      <param pos="0" name="service.vendor" value="Standard Networks"/>
+      <param pos="0" name="service.family" value="MOVEit DMZ"/>
+      <param pos="0" name="service.product" value="MOVEit DMZ"/>
+      <param pos="0" name="os.vendor" value="Microsoft"/>
+      <param pos="0" name="os.family" value="Windows"/>
+      <param pos="0" name="os.product" value="Windows"/>
+   </fingerprint>
+
+<!--
+1.2.22j4rad
+2.40
+2.0.12
+Server-VII
+9.9.1
+IPSSH-1.10.0
+-->
+
+<!--
+Possibly Nortel Passport
+SSH_2.1.1
+-->
+
+</fingerprints>