RubyGems - recog - Versions diffs - 2.0.13 → 2.0.14 - Mend

recog 2.0.13 → 2.0.14

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (52) hide show

checksums.yaml +4 -4
data/CONTRIBUTING.md +19 -6
data/features/{xml → data}/failing_banners_fingerprints.xml +0 -0
data/features/{xml → data}/matching_banners_fingerprints.xml +0 -0
data/features/{xml → data}/no_tests.xml +0 -0
data/features/{xml/banners.xml → data/sample_banner.txt} +0 -0
data/features/{xml → data}/successful_tests.xml +0 -0
data/features/{xml → data}/tests_with_failures.xml +0 -0
data/features/{xml → data}/tests_with_warnings.xml +0 -0
data/features/match.feature +2 -2
data/features/support/env.rb +1 -1
data/lib/recog/version.rb +1 -1
data/misc/order.xsl +17 -0
data/spec/lib/fingerprint_self_test_spec.rb +8 -0
data/xml/apache_os.xml +270 -334
data/xml/architecture.xml +28 -41
data/xml/fingerprints.xsd +37 -0
data/xml/ftp_banners.xml +52 -58
data/xml/h323_callresp.xml +597 -695
data/xml/hp_pjl_id.xml +370 -409
data/xml/http_cookies.xml +304 -348
data/xml/http_servers.xml +3202 -3483
data/xml/http_wwwauth.xml +342 -409
data/xml/imap_banners.xml +149 -190
data/xml/mdns_device-info_txt.xml +97 -111
data/xml/mdns_workstation_txt.xml +6 -6
data/xml/mysql_banners.xml +99 -198
data/xml/mysql_error.xml +4 -11
data/xml/nntp_banners.xml +42 -45
data/xml/ntp_banners.xml +2 -3
data/xml/pop_banners.xml +214 -247
data/xml/rsh_resp.xml +68 -76
data/xml/sip_banners.xml +19 -19
data/xml/sip_user_agents.xml +63 -74
data/xml/smb_native_os.xml +387 -433
data/xml/smtp_banners.xml +1318 -1460
data/xml/smtp_debug.xml +24 -27
data/xml/smtp_ehlo.xml +19 -22
data/xml/smtp_expn.xml +61 -70
data/xml/smtp_help.xml +139 -160
data/xml/smtp_mailfrom.xml +14 -16
data/xml/smtp_noop.xml +28 -31
data/xml/smtp_quit.xml +16 -18
data/xml/smtp_rcptto.xml +8 -10
data/xml/smtp_rset.xml +12 -13
data/xml/smtp_turn.xml +12 -13
data/xml/smtp_vrfy.xml +66 -76
data/xml/snmp_sysdescr.xml +7257 -8016
data/xml/snmp_sysobjid.xml +392 -434
data/xml/ssh_banners.xml +783 -867
data/xml/upnp_banners.xml +594 -628
metadata +11 -9

data/xml/mysql_error.xml CHANGED

@@ -1,4 +1,4 @@
-<?xml version="1.0"?>
+<?xml version="1.0" encoding="UTF-8"?>
 <!--
      Upon successful connection to a MySQL/derivative TCP endpoint, if the
      connecting client is not allowed to speak to the MySQL service (for
@@ -160,7 +160,6 @@
     <param pos="0" name="service.family" value="MySQL"/>
     <param pos="0" name="service.product" value="MySQL"/>
   </fingerprint>
   <!-- ER_HOST_IS_BLOCKED -->
   <fingerprint pattern="Stroj '[^']+' je zablokován kvůli mnoha chybám při připojování. Odblokujete použitím 'mysqladmin flush-hosts'">
     <description>Oracle MySQL error ER_HOST_IS_BLOCKED (cze)</description>
@@ -295,7 +294,6 @@
     <param pos="0" name="service.family" value="MySQL"/>
     <param pos="0" name="service.product" value="MySQL"/>
   </fingerprint>
   <!-- ER_CANT_CREATE_THREAD -->
   <fingerprint pattern="Nemohu vytvořit nový thread \(errno -?\d+\). Pokud je ještě nějaká volná paměť, podívejte se do manuálu na část o chybách specifických pro jednotlivé operační systémy">
     <description>Oracle MySQL error ER_CANT_CREATE_THREAD (cze)</description>
@@ -423,7 +421,6 @@
     <param pos="0" name="service.family" value="MySQL"/>
     <param pos="0" name="service.product" value="MySQL"/>
   </fingerprint>
   <!-- ER_CON_COUNT_ERROR -->
   <fingerprint pattern="Příliš mnoho spojení">
     <description>Oracle MySQL error ER_CON_COUNT_ERROR (cze)</description>
@@ -586,7 +583,6 @@
     <param pos="0" name="service.family" value="MySQL"/>
     <param pos="0" name="service.product" value="MySQL"/>
   </fingerprint>
   <!-- ER_BAD_HOST_ERROR -->
   <fingerprint pattern="Nemohu zjistit jméno stroje pro Vaši adresu">
     <description>Oracle MySQL error ER_BAD_HOST_ERROR (cze)</description>
@@ -749,26 +745,23 @@
     <param pos="0" name="service.family" value="MySQL"/>
     <param pos="0" name="service.product" value="MySQL"/>
   </fingerprint>
   <fingerprint pattern="^Host '[^']+' is not allowed to connect to this MariaDB server$">
-    <example>Host '10.10.10.10' is not allowed to connect to this MariaDB server</example>
     <description>MariaDB MariaDB - Error: Host not allowed to connect (English) </description>
+    <example>Host '10.10.10.10' is not allowed to connect to this MariaDB server</example>
     <param pos="0" name="service.vendor" value="MariaDB"/>
     <param pos="0" name="service.family" value="MySQL"/>
     <param pos="0" name="service.product" value="MariaDB"/>
   </fingerprint>
   <fingerprint pattern="^#07000Proxy Warning - IP Forbidden$">
-    <example>#07000Proxy Warning - IP Forbidden</example>
     <description>Oracle MySQL Proxy - Error: Host not allowed to connect</description>
+    <example>#07000Proxy Warning - IP Forbidden</example>
     <param pos="0" name="service.vendor" value="Oracle"/>
     <param pos="0" name="service.family" value="MySQL"/>
     <param pos="0" name="service.product" value="MySQL Proxy"/>
   </fingerprint>
   <fingerprint pattern="^\(proxy\) all backends are down$">
-    <example>(proxy) all backends are down</example>
     <description>Oracle MySQL Proxy - Error: Backends down</description>
+    <example>(proxy) all backends are down</example>
     <param pos="0" name="service.vendor" value="Oracle"/>
     <param pos="0" name="service.family" value="MySQL"/>
     <param pos="0" name="service.product" value="MySQL Proxy"/>

data/xml/nntp_banners.xml CHANGED

@@ -1,51 +1,48 @@
-<?xml version="1.0"?>
+<?xml version="1.0" encoding="UTF-8"?>
 <!--
 NNTP greeting messages (part of the banner after the response code) are matched
 against these patterns to fingerprint NNTP servers.
 -->
 <fingerprints matches="nntp.banner">
-   <fingerprint pattern="^NNTP Service (?:.*) Version: (5.0.2195.[0-9]+) .*$">
-      <example>NNTP Service 5.00.0984 Version: 5.0.2195.7034 Posting Allowed</example>
-      <example>NNTP Service 5.00.0984 Version: 5.0.2195.5329 Posting Allowed</example>
-      <description>Microsoft IIS NNTP Server on Windows 2000</description>
-      <param pos="0" name="service.vendor" value="Microsoft"/>
-      <param pos="0" name="service.product" value="IIS"/>
-      <param pos="0" name="service.family" value="IIS"/>
-      <param pos="1" name="service.version"/>
-      <param pos="0" name="os.vendor" value="Microsoft"/>
-      <param pos="0" name="os.device" value="General"/>
-      <param pos="0" name="os.family" value="Windows"/>
-      <param pos="0" name="os.product" value="Windows 2000"/>
-      <param pos="1" name="ms.nttp.version"/>
-   </fingerprint>
-   <fingerprint pattern="^NNTP Service (?:.*) Version: (6.0.3790.[0-9]+) .*$">
-     <example>NNTP Service 6.0.3790.3959 Version: 6.0.3790.3959 Posting Allowed</example>
-      <example>NNTP Service 6.0.3790.206 Version: 6.0.3790.206 Posting Allowed</example>
-      <description>Microsoft IIS NNTP Server on Windows Server 2003</description>
-      <param pos="0" name="service.vendor" value="Microsoft"/>
-      <param pos="0" name="service.product" value="IIS"/>
-      <param pos="0" name="service.family" value="IIS"/>
-      <param pos="1" name="service.version"/>
-      <param pos="0" name="os.vendor" value="Microsoft"/>
-      <param pos="0" name="os.device" value="General"/>
-      <param pos="0" name="os.family" value="Windows"/>
-      <param pos="0" name="os.product" value="Windows Server 2003"/>
-      <param pos="1" name="ms.nttp.version"/>
-   </fingerprint>
-   <fingerprint pattern="^NNTP Service Microsoft. Internet Services (?:.*) Version: (?:[^ ]+) .*$">
-      <example>NNTP Service Microsoft. Internet Services 5.00 Version: 5.0.2068.0 Posting Allowed</example>
-      <example>NNTP Service Microsoft. Internet Services 5.00.7515. Version: 5.0.0.7515 Posting Allowed</example>
-      <example>NNTP Service Microsoft. Internet Services 5.5 Version: 5.5.1726.0 Posting Allowed</example>
-      <description>Older Microsoft IIS NNTP Servers</description>
-      <param pos="0" name="service.vendor" value="Microsoft"/>
-      <param pos="0" name="service.family" value="Exchange Server"/>
-      <param pos="0" name="service.product" value="Exchange Server"/>
-      <param pos="0" name="os.vendor" value="Microsoft"/>
-      <param pos="0" name="os.device" value="General"/>
-      <param pos="0" name="os.family" value="Windows"/>
-      <param pos="0" name="os.product" value="Windows"/>
-   </fingerprint>
+  <fingerprint pattern="^NNTP Service (?:.*) Version: (5.0.2195.[0-9]+) .*$">
+    <description>Microsoft IIS NNTP Server on Windows 2000</description>
+    <example>NNTP Service 5.00.0984 Version: 5.0.2195.7034 Posting Allowed</example>
+    <example>NNTP Service 5.00.0984 Version: 5.0.2195.5329 Posting Allowed</example>
+    <param pos="0" name="service.vendor" value="Microsoft"/>
+    <param pos="0" name="service.product" value="IIS"/>
+    <param pos="0" name="service.family" value="IIS"/>
+    <param pos="1" name="service.version"/>
+    <param pos="0" name="os.vendor" value="Microsoft"/>
+    <param pos="0" name="os.device" value="General"/>
+    <param pos="0" name="os.family" value="Windows"/>
+    <param pos="0" name="os.product" value="Windows 2000"/>
+    <param pos="1" name="ms.nttp.version"/>
+  </fingerprint>
+  <fingerprint pattern="^NNTP Service (?:.*) Version: (6.0.3790.[0-9]+) .*$">
+    <description>Microsoft IIS NNTP Server on Windows Server 2003</description>
+    <example>NNTP Service 6.0.3790.3959 Version: 6.0.3790.3959 Posting Allowed</example>
+    <example>NNTP Service 6.0.3790.206 Version: 6.0.3790.206 Posting Allowed</example>
+    <param pos="0" name="service.vendor" value="Microsoft"/>
+    <param pos="0" name="service.product" value="IIS"/>
+    <param pos="0" name="service.family" value="IIS"/>
+    <param pos="1" name="service.version"/>
+    <param pos="0" name="os.vendor" value="Microsoft"/>
+    <param pos="0" name="os.device" value="General"/>
+    <param pos="0" name="os.family" value="Windows"/>
+    <param pos="0" name="os.product" value="Windows Server 2003"/>
+    <param pos="1" name="ms.nttp.version"/>
+  </fingerprint>
+  <fingerprint pattern="^NNTP Service Microsoft. Internet Services (?:.*) Version: (?:[^ ]+) .*$">
+    <description>Older Microsoft IIS NNTP Servers</description>
+    <example>NNTP Service Microsoft. Internet Services 5.00 Version: 5.0.2068.0 Posting Allowed</example>
+    <example>NNTP Service Microsoft. Internet Services 5.00.7515. Version: 5.0.0.7515 Posting Allowed</example>
+    <example>NNTP Service Microsoft. Internet Services 5.5 Version: 5.5.1726.0 Posting Allowed</example>
+    <param pos="0" name="service.vendor" value="Microsoft"/>
+    <param pos="0" name="service.family" value="Exchange Server"/>
+    <param pos="0" name="service.product" value="Exchange Server"/>
+    <param pos="0" name="os.vendor" value="Microsoft"/>
+    <param pos="0" name="os.device" value="General"/>
+    <param pos="0" name="os.family" value="Windows"/>
+    <param pos="0" name="os.product" value="Windows"/>
+  </fingerprint>
 </fingerprints>

data/xml/ntp_banners.xml CHANGED

@@ -1,4 +1,4 @@
-<?xml version="1.0"?>
+<?xml version="1.0" encoding="UTF-8"?>
 <!--
 NTP "banners", taken from a readvar response
 -->
@@ -79,7 +79,6 @@ NTP "banners", taken from a readvar response
     <param pos="0" name="os.product" value="Windows 7"/>
     <param pos="3" name="os.arch"/>
   </fingerprint>
   <fingerprint pattern="^.*version=&quot;ntpd (\S+)[^&quot;]+&quot;,.*system=&quot;Equallogic \(R\) storage array&quot;" flags="REG_DOT_NEWLINE,REG_ICASE">
     <description>ntpd running on an EqualLogic Storage Array that includes the NTP version</description>
     <example>
@@ -231,7 +230,7 @@ NTP "banners", taken from a readvar response
     <param pos="0" name="os.product" value="BSD/OS"/>
     <param pos="1" name="os.arch"/>
     <param pos="2" name="os.version"/>
-  </fingerprint>-->
+  </fingerprint>
   <fingerprint pattern="^.*system=&quot;BSD/OS&quot;" flags="REG_DOT_NEWLINE,REG_ICASE">
     <description>BSD/OS without a version or arch</description>
     <example>

data/xml/pop_banners.xml CHANGED

@@ -1,254 +1,222 @@
-<?xml version="1.0"?>
+<?xml version="1.0" encoding="UTF-8"?>
 <!--
 POP3 greeting messages (part of the banner after the status indicator +OK or -ERR) are
 matched against these patterns to fingerprint POP3 servers.
 -->
 <fingerprints matches="pop3.banner">
-   <fingerprint pattern="^([^ ]+) +Cyrus POP3 v(\d+\.\d+.*)-OS X(?: Server)? ([\d\.]+).* server ready">
-      <description>OSX Cyrus POP</description>
-      <example host.domain="8.8.8.8" service.version="2.3.8" os.version="10.5">8.8.8.8 Cyrus POP3 v2.3.8-OS X Server 10.5: 9A562 server ready &lt;1999107648.1324502155@8.8.8.8&gt;</example>
-      <param pos="0" name="service.vendor" value="Carnegie Mellon University"/>
-      <param pos="0" name="service.family" value="Cyrus MTA"/>
-      <param pos="0" name="service.product" value="Cyrus POP"/>
-      <param pos="2" name="service.version"/>
-      <param pos="0" name="os.vendor" value="Apple"/>
-      <param pos="0" name="os.family" value="Mac OS X"/>
-      <param pos="0" name="os.product" value="Mac OS X"/>
-      <param pos="0" name="os.device" value="General"/>
-      <param pos="3" name="os.version"/>
-      <param pos="1" name="host.domain"/>
-    </fingerprint>
-   <fingerprint pattern="^([^ ]+) +Cyrus POP3 v([\d\.]+)">
-      <description>CMU Cyrus POP</description>
-      <example host.domain="foo" service.version="2.3">foo Cyrus POP3 v2.3</example>
-      <example host.domain="foo" service.version="2.3.14">foo Cyrus POP3 v2.3.14 server ready &lt;13087751828270990591.1301068892@foo&gt;</example>
-      <param pos="0" name="service.vendor" value="Carnegie Mellon University"/>
-      <param pos="0" name="service.family" value="Cyrus MTA"/>
-      <param pos="0" name="service.product" value="Cyrus POP"/>
-      <param pos="2" name="service.version"/>
-      <param pos="1" name="host.domain"/>
-    </fingerprint>
-    <fingerprint pattern="^Lotus Notes POP3 server version X[^ ]+ ready on .*$">
-      <example>Lotus Notes POP3 server version X2.0 ready on foo/bar.</example>
-      <description>IBM Lotus Notes/Domino</description>
-      <param pos="0" name="service.vendor" value="IBM"/>
-      <param pos="0" name="service.family" value="Lotus Domino"/>
-      <param pos="0" name="service.product" value="Lotus Domino"/>
-   </fingerprint>
-    <fingerprint pattern="^Lotus Notes POP3 server version Release ([^ ]+) ready on .*$">
-      <example>Lotus Notes POP3 server version Release 8.5.1FP5 ready on foo/US.</example>
-      <description>IBM Lotus Notes/Domino</description>
-      <param pos="0" name="service.vendor" value="IBM"/>
-      <param pos="0" name="service.family" value="Lotus Domino"/>
-      <param pos="0" name="service.product" value="Lotus Domino"/>
-      <param pos="1" name="service.version"/>
-   </fingerprint>
-   <fingerprint pattern="^Qpopper \(version (\d+\.\d+\.\d+), modified by Sphera Technologies\) at (.+) starting\..*$">
-      <description>Qpopper with Sphera mods</description>
-      <example>Qpopper (version 4.0.3, modified by Sphera Technologies) at domain starting.  &lt;xxx@domain&gt;</example>
-      <param pos="0" name="service.vendor" value="Sphera"/>
-      <param pos="0" name="service.family" value="Qpopper"/>
-      <param pos="0" name="service.product" value="Qpopper"/>
-      <param pos="1" name="service.version"/>
-      <param pos="2" name="host.domain"/>
-   </fingerprint>
-   <fingerprint pattern="^Qpopper \(version (\d+\.\d+\.\d+)-mysql-(.+)\) at (.+) starting\..*$">
-      <description>Qpopper with MySQL auth module</description>
-      <example>Qpopper (version 4.0.3-mysql-0.13) at domain starting.  &lt;xxx@domain&gt;</example>
-      <param pos="0" name="service.vendor" value="Qualcomm"/>
-      <param pos="0" name="service.family" value="Qpopper"/>
-      <param pos="0" name="service.product" value="Qpopper"/>
-      <param pos="1" name="service.version"/>
-      <param pos="0" name="service.component.family" value="qpopper-mysql"/>
-      <param pos="0" name="service.component.product" value="qpopper-mysql"/>
-      <param pos="2" name="service.component.version"/>
-      <param pos="3" name="host.domain"/>
-   </fingerprint>
-   <fingerprint pattern="^Qpop(?:per)? \(version ([\d\.]+)\) at (.+)(?: starting\.)?.*$" flags="REG_ICASE">
-      <description>Qpopper missing version info</description>
-      <example>Qpopper (version 4.0.16) at foo.example.com</example>
-      <example>QPOP (version 2.53) at domain starting.  &lt;xxx@domain&gt;</example>
-      <example>Qpopper (version 4.0.3) at domain starting.  &lt;xxx@domain&gt;</example>
-      <param pos="0" name="service.vendor" value="Qualcomm"/>
-      <param pos="0" name="service.family" value="Qpopper"/>
-      <param pos="0" name="service.product" value="Qpopper"/>
-      <param pos="1" name="service.version"/>
-      <param pos="2" name="host.domain"/>
-   </fingerprint>
-   <fingerprint pattern="^QPOP \(version (.*)\) at (.+) starting\..*$">
-      <description>Qpopper with missing version info</description>
-      <example>QPOP (version ?) at domain starting.  &lt;xxx@domain&gt;</example>
-      <param pos="0" name="service.vendor" value="Qualcomm"/>
-      <param pos="0" name="service.family" value="Qpopper"/>
-      <param pos="0" name="service.product" value="Qpopper"/>
-      <param pos="1" name="qpopper.version"/>
-      <param pos="2" name="host.domain"/>
-   </fingerprint>
-   <fingerprint pattern="^Microsoft Exchange Server 2003 POP3 server version (\d+\.\d+\.\d+\.\d+) (.+) ready.$">
-      <description>Microsoft Exchange Server 2003</description>
-      <example>Microsoft Exchange Server 2003 POP3 server version 6.5.6944.0 (host) ready.</example>
-      <param pos="0" name="service.vendor" value="Microsoft"/>
-      <param pos="0" name="service.family" value="Exchange Server"/>
-      <param pos="0" name="service.product" value="Exchange 2003 Server"/>
-      <param pos="1" name="service.version"/>
-      <param pos="2" name="host.name"/>
-      <param pos="0" name="os.vendor" value="Microsoft"/>
-      <param pos="0" name="os.device" value="General"/>
-      <param pos="0" name="os.family" value="Windows"/>
-      <param pos="0" name="os.product" value="Windows"/>
-   </fingerprint>
-   <fingerprint pattern="^Microsoft Exchange 2000 POP3 server version (\d+\.\d+\.\d+\.\d+) (.+) ready.$">
-      <description>Microsoft Exchange Server 2000</description>
-      <example>Microsoft Exchange 2000 POP3 server version 6.0.6603.0 (host) ready.</example>
-      <param pos="0" name="service.vendor" value="Microsoft"/>
-      <param pos="0" name="service.family" value="Exchange Server"/>
-      <param pos="0" name="service.product" value="Exchange 2000 Server"/>
-      <param pos="1" name="service.version"/>
-      <param pos="2" name="host.name"/>
-      <param pos="0" name="os.vendor" value="Microsoft"/>
-      <param pos="0" name="os.device" value="General"/>
-      <param pos="0" name="os.family" value="Windows"/>
-      <param pos="0" name="os.product" value="Windows"/>
-   </fingerprint>
-   <fingerprint pattern="^Microsoft Exchange POP3 server version (\d+\.\d+\.\d+\.\d+) ready$">
-      <description>Microsoft Exchange Server</description>
-      <example>Microsoft Exchange POP3 server version 5.5.2654.50 ready</example>
-      <param pos="0" name="service.vendor" value="Microsoft"/>
-      <param pos="0" name="service.family" value="Exchange Server"/>
-      <param pos="0" name="service.product" value="Exchange Server"/>
-      <param pos="1" name="service.version"/>
-      <param pos="0" name="os.vendor" value="Microsoft"/>
-      <param pos="0" name="os.device" value="General"/>
-      <param pos="0" name="os.family" value="Windows"/>
-      <param pos="0" name="os.product" value="Windows"/>
-   </fingerprint>
-   <fingerprint pattern="^Microsoft Windows POP3 Service Version 1.0 &lt;.+@(.+)&gt; ready.$">
-      <description>Microsoft POP3 Services on Windows 2003</description>
-      <example>Microsoft Windows POP3 Service Version 1.0 &lt;xxx@host&gt; ready.</example>
-      <param pos="0" name="service.vendor" value="Microsoft"/>
-      <param pos="0" name="service.family" value="E-mail Services"/>
-      <param pos="0" name="service.product" value="E-mail Services"/>
-      <param pos="1" name="host.name"/>
-      <param pos="0" name="os.vendor" value="Microsoft"/>
-      <param pos="0" name="os.device" value="General"/>
-      <param pos="0" name="os.family" value="Windows"/>
-      <param pos="0" name="os.product" value="Windows Server 2003"/>
-   </fingerprint>
-   <fingerprint pattern="^Microsoft Exchange Server 2007 POP3 service ready\.?$">
-     <description>Microsoft Exchange Server 2007</description>
-      <example>Microsoft Exchange Server 2007 POP3 service ready</example>
-      <param pos="0" name="service.vendor" value="Microsoft"/>
-      <param pos="0" name="service.family" value="Exchange Server"/>
-      <param pos="0" name="service.product" value="Exchange 2007 Server"/>
-      <param pos="0" name="os.vendor" value="Microsoft"/>
-      <param pos="0" name="os.device" value="General"/>
-      <param pos="0" name="os.family" value="Windows"/>
-      <param pos="0" name="os.product" value="Windows"/>
-    </fingerprint>
-    <fingerprint pattern="^The? Microsoft Exchange POP3 service is ready\.?$">
-      <description>Microsoft Exchange Server, generic</description>
-      <example>The Microsoft Exchange POP3 service is ready.</example>
-      <param pos="0" name="service.vendor" value="Microsoft"/>
-      <param pos="0" name="service.family" value="Exchange Server"/>
-      <param pos="0" name="service.product" value="Exchange Server"/>
-      <param pos="0" name="os.vendor" value="Microsoft"/>
-      <param pos="0" name="os.device" value="General"/>
-      <param pos="0" name="os.family" value="Windows"/>
-      <param pos="0" name="os.product" value="Windows"/>
-    </fingerprint>
-   <fingerprint pattern="^[dD]ovecot (?:DA )?ready\.(?: &lt;.+@(.+)&gt;)?$">
-      <!--  Dovecot DA ready.
-            dovecot ready.
-            Dovecot ready.
-            Dovecot ready. <xxx@host>
-        -->
-      <description>Dovecot Secure POP Server</description>
-      <param pos="0" name="service.family" value="Dovecot"/>
-      <param pos="0" name="service.product" value="Dovecot"/>
-      <param pos="1" name="host.name"/>
-    </fingerprint>
-    <fingerprint pattern="^(\S+) Zimbra POP3 server ready\.?$">
-      <example>catfood.example.com Zimbra POP3 server ready</example>
-      <example>dogfood.example.com Zimbra POP3 server ready</example>
-      <description>VMware Zimbra POP</description>
-      <param pos="0" name="service.vendor" value="VMware"/>
-      <param pos="0" name="service.product" value="Zimbra"/>
-      <param pos="1" name="host.name"/>
-    </fingerprint>
-    <fingerprint pattern="^(\S+) Zimbra (\S+) POP3 server ready\.?$">
-      <example>example.com Zimbra 7.0.0_GA_3079 POP3 server ready</example>
-      <description>VMware Zimbra POP</description>
-      <param pos="0" name="service.vendor" value="VMware"/>
-      <param pos="0" name="service.product" value="Zimbra"/>
-      <param pos="2" name="service.version"/>
-      <param pos="1" name="host.name"/>
-   </fingerprint>
-    <fingerprint pattern="^(?:S?POP3? server ready |Hello there.? )?&lt;.*@([^&gt;]+)&gt;$">
-      <example>POP3 server ready &lt;58c29ae4-7316-429e-8109-060444ab1a28@foo.example.com&gt;</example>
-      <example>&lt;84427.1298535083@foo.example.com&gt;</example>
-      <description>Generic masked POP3 server</description>
-      <param pos="1" name="host.name"/>
-   </fingerprint>
-   <fingerprint pattern="^ApplePasswordServer ([\d\.]+) password">
-      <description>Apple Open Directory</description>
-      <example>ApplePasswordServer 10.6.0.0 password server at 10.2.90.228 ready.</example>
-      <example>ApplePasswordServer 10.5.0.1 password serv</example>
-      <param pos="0" name="service.vendor" value="Apple"/>
-      <param pos="0" name="service.product" value="Open Directory"/>
-      <param pos="0" name="os.vendor" value="Apple"/>
-      <param pos="0" name="os.family" value="Mac OS X"/>
-      <param pos="0" name="os.product" value="Mac OS X"/>
-      <param pos="1" name="os.version"/>
-      <!-- the version coming from this service is usually accurate for the major version
-           but horribly wrong for the minor and patch levels, therefore drop the certainty
-           in lieu of a "quality" attribute for fingerprints -->
-      <param pos="0" name="os.certainty" value="0.5"/>
-   </fingerprint>
-   <fingerprint pattern="^TCPIP POP server V\d\.\d\S-\S{3}, OpenVMS V(\d\.\d-\d)(?:\s+\S+)?\s+at\s+(\S+), .*$">
-      <description>TCP/IP Services for OpenVMS POP server</description>
-      <example os.version="7.3-2" host.name="example.com">TCPIP POP server V5.4J-15A, OpenVMS V7.3-2 Alpha at example.com, up since 2015-02-12 08:44:53 20400434.2</example>
-      <!--V5.4J-15A refers to TCP/IP Services for OpenVMS version-->
-      <param pos="0" name="service.family" value="OpenVMS"/>
-      <param pos="0" name="service.product" value="TCPIP POP server"/>
-      <param pos="0" name="service.vendor" value="HP"/>
-      <param pos="0" name="os.vendor" value="HP"/>
-      <param pos="0" name="os.family" value="OpenVMS"/>
-      <param pos="0" name="os.product" value="OpenVMS"/>
-      <param pos="0" name="os.device" value="General"/>
-      <param pos="1" name="os.version"/>
-      <param pos="2" name="host.name"/>
-    </fingerprint>
-    <fingerprint pattern="^Hello there\.$">
-      <example>Hello there.</example>
-      <description>Courier MTA POP</description>
-      <param pos="0" name="service.vendor" value="Double Precision"/>
-      <param pos="0" name="service.family" value="Courier MTA"/>
-      <param pos="0" name="service.product" value="Courier POP"/>
-    </fingerprint>
-<!--
+  <fingerprint pattern="^([^ ]+) +Cyrus POP3 v(\d+\.\d+.*)-OS X(?: Server)? ([\d\.]+).* server ready">
+    <description>OSX Cyrus POP</description>
+    <example host.domain="8.8.8.8" service.version="2.3.8" os.version="10.5">8.8.8.8 Cyrus POP3 v2.3.8-OS X Server 10.5: 9A562 server ready &lt;1999107648.1324502155@8.8.8.8&gt;</example>
+    <param pos="0" name="service.vendor" value="Carnegie Mellon University"/>
+    <param pos="0" name="service.family" value="Cyrus MTA"/>
+    <param pos="0" name="service.product" value="Cyrus POP"/>
+    <param pos="2" name="service.version"/>
+    <param pos="0" name="os.vendor" value="Apple"/>
+    <param pos="0" name="os.family" value="Mac OS X"/>
+    <param pos="0" name="os.product" value="Mac OS X"/>
+    <param pos="0" name="os.device" value="General"/>
+    <param pos="3" name="os.version"/>
+    <param pos="1" name="host.domain"/>
+  </fingerprint>
+  <fingerprint pattern="^([^ ]+) +Cyrus POP3 v([\d\.]+)">
+    <description>CMU Cyrus POP</description>
+    <example host.domain="foo" service.version="2.3">foo Cyrus POP3 v2.3</example>
+    <example host.domain="foo" service.version="2.3.14">foo Cyrus POP3 v2.3.14 server ready &lt;13087751828270990591.1301068892@foo&gt;</example>
+    <param pos="0" name="service.vendor" value="Carnegie Mellon University"/>
+    <param pos="0" name="service.family" value="Cyrus MTA"/>
+    <param pos="0" name="service.product" value="Cyrus POP"/>
+    <param pos="2" name="service.version"/>
+    <param pos="1" name="host.domain"/>
+  </fingerprint>
+  <fingerprint pattern="^Lotus Notes POP3 server version X[^ ]+ ready on .*$">
+    <description>IBM Lotus Notes/Domino</description>
+    <example>Lotus Notes POP3 server version X2.0 ready on foo/bar.</example>
+    <param pos="0" name="service.vendor" value="IBM"/>
+    <param pos="0" name="service.family" value="Lotus Domino"/>
+    <param pos="0" name="service.product" value="Lotus Domino"/>
+  </fingerprint>
+  <fingerprint pattern="^Lotus Notes POP3 server version Release ([^ ]+) ready on .*$">
+    <description>IBM Lotus Notes/Domino</description>
+    <example>Lotus Notes POP3 server version Release 8.5.1FP5 ready on foo/US.</example>
+    <param pos="0" name="service.vendor" value="IBM"/>
+    <param pos="0" name="service.family" value="Lotus Domino"/>
+    <param pos="0" name="service.product" value="Lotus Domino"/>
+    <param pos="1" name="service.version"/>
+  </fingerprint>
+  <fingerprint pattern="^Qpopper \(version (\d+\.\d+\.\d+), modified by Sphera Technologies\) at (.+) starting\..*$">
+    <description>Qpopper with Sphera mods</description>
+    <example>Qpopper (version 4.0.3, modified by Sphera Technologies) at domain starting.  &lt;xxx@domain&gt;</example>
+    <param pos="0" name="service.vendor" value="Sphera"/>
+    <param pos="0" name="service.family" value="Qpopper"/>
+    <param pos="0" name="service.product" value="Qpopper"/>
+    <param pos="1" name="service.version"/>
+    <param pos="2" name="host.domain"/>
+  </fingerprint>
+  <fingerprint pattern="^Qpopper \(version (\d+\.\d+\.\d+)-mysql-(.+)\) at (.+) starting\..*$">
+    <description>Qpopper with MySQL auth module</description>
+    <example>Qpopper (version 4.0.3-mysql-0.13) at domain starting.  &lt;xxx@domain&gt;</example>
+    <param pos="0" name="service.vendor" value="Qualcomm"/>
+    <param pos="0" name="service.family" value="Qpopper"/>
+    <param pos="0" name="service.product" value="Qpopper"/>
+    <param pos="1" name="service.version"/>
+    <param pos="0" name="service.component.family" value="qpopper-mysql"/>
+    <param pos="0" name="service.component.product" value="qpopper-mysql"/>
+    <param pos="2" name="service.component.version"/>
+    <param pos="3" name="host.domain"/>
+  </fingerprint>
+  <fingerprint pattern="^Qpop(?:per)? \(version ([\d\.]+)\) at (.+)(?: starting\.)?.*$" flags="REG_ICASE">
+    <description>Qpopper missing version info</description>
+    <example>Qpopper (version 4.0.16) at foo.example.com</example>
+    <example>QPOP (version 2.53) at domain starting.  &lt;xxx@domain&gt;</example>
+    <example>Qpopper (version 4.0.3) at domain starting.  &lt;xxx@domain&gt;</example>
+    <param pos="0" name="service.vendor" value="Qualcomm"/>
+    <param pos="0" name="service.family" value="Qpopper"/>
+    <param pos="0" name="service.product" value="Qpopper"/>
+    <param pos="1" name="service.version"/>
+    <param pos="2" name="host.domain"/>
+  </fingerprint>
+  <fingerprint pattern="^QPOP \(version (.*)\) at (.+) starting\..*$">
+    <description>Qpopper with missing version info</description>
+    <example>QPOP (version ?) at domain starting.  &lt;xxx@domain&gt;</example>
+    <param pos="0" name="service.vendor" value="Qualcomm"/>
+    <param pos="0" name="service.family" value="Qpopper"/>
+    <param pos="0" name="service.product" value="Qpopper"/>
+    <param pos="1" name="qpopper.version"/>
+    <param pos="2" name="host.domain"/>
+  </fingerprint>
+  <fingerprint pattern="^Microsoft Exchange Server 2003 POP3 server version (\d+\.\d+\.\d+\.\d+) (.+) ready.$">
+    <description>Microsoft Exchange Server 2003</description>
+    <example>Microsoft Exchange Server 2003 POP3 server version 6.5.6944.0 (host) ready.</example>
+    <param pos="0" name="service.vendor" value="Microsoft"/>
+    <param pos="0" name="service.family" value="Exchange Server"/>
+    <param pos="0" name="service.product" value="Exchange 2003 Server"/>
+    <param pos="1" name="service.version"/>
+    <param pos="2" name="host.name"/>
+    <param pos="0" name="os.vendor" value="Microsoft"/>
+    <param pos="0" name="os.device" value="General"/>
+    <param pos="0" name="os.family" value="Windows"/>
+    <param pos="0" name="os.product" value="Windows"/>
+  </fingerprint>
+  <fingerprint pattern="^Microsoft Exchange 2000 POP3 server version (\d+\.\d+\.\d+\.\d+) (.+) ready.$">
+    <description>Microsoft Exchange Server 2000</description>
+    <example>Microsoft Exchange 2000 POP3 server version 6.0.6603.0 (host) ready.</example>
+    <param pos="0" name="service.vendor" value="Microsoft"/>
+    <param pos="0" name="service.family" value="Exchange Server"/>
+    <param pos="0" name="service.product" value="Exchange 2000 Server"/>
+    <param pos="1" name="service.version"/>
+    <param pos="2" name="host.name"/>
+    <param pos="0" name="os.vendor" value="Microsoft"/>
+    <param pos="0" name="os.device" value="General"/>
+    <param pos="0" name="os.family" value="Windows"/>
+    <param pos="0" name="os.product" value="Windows"/>
+  </fingerprint>
+  <fingerprint pattern="^Microsoft Exchange POP3 server version (\d+\.\d+\.\d+\.\d+) ready$">
+    <description>Microsoft Exchange Server</description>
+    <example>Microsoft Exchange POP3 server version 5.5.2654.50 ready</example>
+    <param pos="0" name="service.vendor" value="Microsoft"/>
+    <param pos="0" name="service.family" value="Exchange Server"/>
+    <param pos="0" name="service.product" value="Exchange Server"/>
+    <param pos="1" name="service.version"/>
+    <param pos="0" name="os.vendor" value="Microsoft"/>
+    <param pos="0" name="os.device" value="General"/>
+    <param pos="0" name="os.family" value="Windows"/>
+    <param pos="0" name="os.product" value="Windows"/>
+  </fingerprint>
+  <fingerprint pattern="^Microsoft Windows POP3 Service Version 1.0 &lt;.+@(.+)&gt; ready.$">
+    <description>Microsoft POP3 Services on Windows 2003</description>
+    <example>Microsoft Windows POP3 Service Version 1.0 &lt;xxx@host&gt; ready.</example>
+    <param pos="0" name="service.vendor" value="Microsoft"/>
+    <param pos="0" name="service.family" value="E-mail Services"/>
+    <param pos="0" name="service.product" value="E-mail Services"/>
+    <param pos="1" name="host.name"/>
+    <param pos="0" name="os.vendor" value="Microsoft"/>
+    <param pos="0" name="os.device" value="General"/>
+    <param pos="0" name="os.family" value="Windows"/>
+    <param pos="0" name="os.product" value="Windows Server 2003"/>
+  </fingerprint>
+  <fingerprint pattern="^Microsoft Exchange Server 2007 POP3 service ready\.?$">
+    <description>Microsoft Exchange Server 2007</description>
+    <example>Microsoft Exchange Server 2007 POP3 service ready</example>
+    <param pos="0" name="service.vendor" value="Microsoft"/>
+    <param pos="0" name="service.family" value="Exchange Server"/>
+    <param pos="0" name="service.product" value="Exchange 2007 Server"/>
+    <param pos="0" name="os.vendor" value="Microsoft"/>
+    <param pos="0" name="os.device" value="General"/>
+    <param pos="0" name="os.family" value="Windows"/>
+    <param pos="0" name="os.product" value="Windows"/>
+  </fingerprint>
+  <fingerprint pattern="^The? Microsoft Exchange POP3 service is ready\.?$">
+    <description>Microsoft Exchange Server, generic</description>
+    <example>The Microsoft Exchange POP3 service is ready.</example>
+    <param pos="0" name="service.vendor" value="Microsoft"/>
+    <param pos="0" name="service.family" value="Exchange Server"/>
+    <param pos="0" name="service.product" value="Exchange Server"/>
+    <param pos="0" name="os.vendor" value="Microsoft"/>
+    <param pos="0" name="os.device" value="General"/>
+    <param pos="0" name="os.family" value="Windows"/>
+    <param pos="0" name="os.product" value="Windows"/>
+  </fingerprint>
+  <fingerprint pattern="^[dD]ovecot (?:DA )?ready\.(?: &lt;.+@(.+)&gt;)?$">
+    <description>Dovecot Secure POP Server</description>
+    <param pos="0" name="service.family" value="Dovecot"/>
+    <param pos="0" name="service.product" value="Dovecot"/>
+    <param pos="1" name="host.name"/>
+  </fingerprint>
+  <fingerprint pattern="^(\S+) Zimbra POP3 server ready\.?$">
+    <description>VMware Zimbra POP</description>
+    <example>catfood.example.com Zimbra POP3 server ready</example>
+    <example>dogfood.example.com Zimbra POP3 server ready</example>
+    <param pos="0" name="service.vendor" value="VMware"/>
+    <param pos="0" name="service.product" value="Zimbra"/>
+    <param pos="1" name="host.name"/>
+  </fingerprint>
+  <fingerprint pattern="^(\S+) Zimbra (\S+) POP3 server ready\.?$">
+    <description>VMware Zimbra POP</description>
+    <example>example.com Zimbra 7.0.0_GA_3079 POP3 server ready</example>
+    <param pos="0" name="service.vendor" value="VMware"/>
+    <param pos="0" name="service.product" value="Zimbra"/>
+    <param pos="2" name="service.version"/>
+    <param pos="1" name="host.name"/>
+  </fingerprint>
+  <fingerprint pattern="^(?:S?POP3? server ready |Hello there.? )?&lt;.*@([^&gt;]+)&gt;$">
+    <description>Generic masked POP3 server</description>
+    <example>POP3 server ready &lt;58c29ae4-7316-429e-8109-060444ab1a28@foo.example.com&gt;</example>
+    <example>&lt;84427.1298535083@foo.example.com&gt;</example>
+    <param pos="1" name="host.name"/>
+  </fingerprint>
+  <fingerprint pattern="^ApplePasswordServer ([\d\.]+) password">
+    <description>Apple Open Directory</description>
+    <example>ApplePasswordServer 10.6.0.0 password server at 10.2.90.228 ready.</example>
+    <example>ApplePasswordServer 10.5.0.1 password serv</example>
+    <param pos="0" name="service.vendor" value="Apple"/>
+    <param pos="0" name="service.product" value="Open Directory"/>
+    <param pos="0" name="os.vendor" value="Apple"/>
+    <param pos="0" name="os.family" value="Mac OS X"/>
+    <param pos="0" name="os.product" value="Mac OS X"/>
+    <param pos="1" name="os.version"/>
+    <param pos="0" name="os.certainty" value="0.5"/>
+  </fingerprint>
+  <fingerprint pattern="^TCPIP POP server V\d\.\d\S-\S{3}, OpenVMS V(\d\.\d-\d)(?:\s+\S+)?\s+at\s+(\S+), .*$">
+    <description>TCP/IP Services for OpenVMS POP server</description>
+    <example os.version="7.3-2" host.name="example.com">TCPIP POP server V5.4J-15A, OpenVMS V7.3-2 Alpha at example.com, up since 2015-02-12 08:44:53 20400434.2</example>
+    <param pos="0" name="service.family" value="OpenVMS"/>
+    <param pos="0" name="service.product" value="TCPIP POP server"/>
+    <param pos="0" name="service.vendor" value="HP"/>
+    <param pos="0" name="os.vendor" value="HP"/>
+    <param pos="0" name="os.family" value="OpenVMS"/>
+    <param pos="0" name="os.product" value="OpenVMS"/>
+    <param pos="0" name="os.device" value="General"/>
+    <param pos="1" name="os.version"/>
+    <param pos="2" name="host.name"/>
+  </fingerprint>
+  <fingerprint pattern="^Hello there\.$">
+    <description>Courier MTA POP</description>
+    <example>Hello there.</example>
+    <param pos="0" name="service.vendor" value="Double Precision"/>
+    <param pos="0" name="service.family" value="Courier MTA"/>
+    <param pos="0" name="service.product" value="Courier POP"/>
+  </fingerprint>
+  <!--
 ; Mandrake 8.1 - uses UW IMAP
 ; +OK POP3 mandrake81-f540k v2000.70mdk server ready
@@ -471,5 +439,4 @@ matched against these patterns to fingerprint POP3 servers.
 Oops, that would loop!
 -->
 </fingerprints>