recog 2.3.15 → 2.3.20

Sign up to get free protection for your applications and to get access to all the features.
Files changed (53) hide show
  1. checksums.yaml +4 -4
  2. data/.github/workflows/ci.yml +26 -0
  3. data/.snyk +10 -0
  4. data/LICENSE +1 -1
  5. data/bin/recog_standardize +8 -2
  6. data/cpe-remap.yaml +314 -170
  7. data/identifiers/README.md +24 -10
  8. data/identifiers/fields.txt +104 -0
  9. data/identifiers/hw_device.txt +5 -4
  10. data/identifiers/hw_family.txt +17 -0
  11. data/identifiers/hw_product.txt +87 -6
  12. data/identifiers/os_architecture.txt +0 -10
  13. data/identifiers/os_device.txt +12 -31
  14. data/identifiers/os_family.txt +2 -94
  15. data/identifiers/os_product.txt +45 -124
  16. data/identifiers/service_family.txt +14 -37
  17. data/identifiers/service_product.txt +283 -88
  18. data/identifiers/vendor.txt +99 -192
  19. data/lib/recog/version.rb +1 -1
  20. data/requirements.txt +1 -1
  21. data/update_cpes.py +110 -49
  22. data/xml/apache_modules.xml +60 -0
  23. data/xml/dns_versionbind.xml +40 -17
  24. data/xml/favicons.xml +163 -20
  25. data/xml/ftp_banners.xml +25 -25
  26. data/xml/hp_pjl_id.xml +1 -1
  27. data/xml/html_title.xml +561 -51
  28. data/xml/http_cookies.xml +266 -61
  29. data/xml/http_servers.xml +472 -96
  30. data/xml/http_wwwauth.xml +53 -26
  31. data/xml/ldap_searchresult.xml +10 -6
  32. data/xml/mdns_device-info_txt.xml +308 -10
  33. data/xml/ntp_banners.xml +15 -1
  34. data/xml/operating_system.xml +1 -0
  35. data/xml/rtsp_servers.xml +7 -0
  36. data/xml/sip_banners.xml +346 -8
  37. data/xml/sip_user_agents.xml +321 -7
  38. data/xml/smb_native_lm.xml +32 -1
  39. data/xml/smb_native_os.xml +158 -33
  40. data/xml/smtp_banners.xml +48 -7
  41. data/xml/smtp_expn.xml +1 -0
  42. data/xml/smtp_help.xml +2 -0
  43. data/xml/smtp_vrfy.xml +3 -1
  44. data/xml/snmp_sysdescr.xml +211 -42
  45. data/xml/ssh_banners.xml +127 -14
  46. data/xml/telnet_banners.xml +44 -14
  47. data/xml/tls_jarm.xml +140 -0
  48. data/xml/x509_issuers.xml +179 -7
  49. data/xml/x509_subjects.xml +252 -35
  50. metadata +6 -5
  51. data/identifiers/software_class.txt +0 -26
  52. data/identifiers/software_family.txt +0 -91
  53. data/identifiers/software_product.txt +0 -333
data/xml/ssh_banners.xml CHANGED
@@ -33,12 +33,12 @@
33
33
  <param pos="0" name="service.product" value="iLO"/>
34
34
  <param pos="0" name="service.family" value="iLO"/>
35
35
  <param pos="1" name="service.version"/>
36
- <param pos="0" name="service.cpe23" value="cpe:/a:hp:integrated_lights_out:{service.version}"/>
37
36
  <param pos="0" name="hw.vendor" value="HP"/>
38
37
  <param pos="0" name="os.vendor" value="HP"/>
39
38
  <param pos="0" name="os.product" value="iLO"/>
40
39
  <param pos="0" name="os.family" value="iLO"/>
41
40
  <param pos="0" name="os.device" value="Lights Out Management"/>
41
+ <param pos="0" name="os.cpe23" value="cpe:/o:hp:integrated_lights-out_firmware:-"/>
42
42
  </fingerprint>
43
43
 
44
44
  <fingerprint pattern="^Serv-U_([\d\.]+)$">
@@ -552,7 +552,7 @@
552
552
  </fingerprint>
553
553
 
554
554
  <fingerprint pattern="^OpenSSH_(7\.8) (FreeBSD-20180909)$">
555
- <description>OpenSSH running on FreeBSD 12.0</description>
555
+ <description>OpenSSH running on FreeBSD 12.0/12.1</description>
556
556
  <example service.version="7.8" openssh.comment="FreeBSD-20180909">OpenSSH_7.8 FreeBSD-20180909</example>
557
557
  <param pos="1" name="service.version"/>
558
558
  <param pos="2" name="openssh.comment"/>
@@ -888,9 +888,10 @@
888
888
  <param pos="0" name="os.cpe23" value="cpe:/o:canonical:ubuntu_linux:13.04"/>
889
889
  </fingerprint>
890
890
 
891
- <fingerprint pattern="^OpenSSH_(6\.2p2) (Ubuntu-6unbuntu\d(?:\.\d)?)$">
891
+ <fingerprint pattern="^OpenSSH_(6\.2p2) (Ubuntu-6\S*)$">
892
892
  <description>OpenSSH running on Ubuntu 13.10</description>
893
893
  <example service.version="6.2p2" openssh.comment="Ubuntu-6unbuntu0.4">OpenSSH_6.2p2 Ubuntu-6unbuntu0.4</example>
894
+ <example service.version="6.2p2" openssh.comment="Ubuntu-6">OpenSSH_6.2p2 Ubuntu-6</example>
894
895
  <param pos="1" name="service.version"/>
895
896
  <param pos="2" name="openssh.comment"/>
896
897
  <param pos="0" name="service.vendor" value="OpenBSD"/>
@@ -917,10 +918,11 @@
917
918
  <param pos="0" name="service.cpe23" value="cpe:/a:openbsd:openssh:{service.version}"/>
918
919
  </fingerprint>
919
920
 
920
- <fingerprint pattern="^OpenSSH_(6\.6(?:\.\d)?p1) (Ubuntu-2ubuntu\d+(?:\.\d+)?)$">
921
+ <fingerprint pattern="^OpenSSH_(6\.6(?:\.1)?p1) (Ubuntu-2\S*)$">
921
922
  <description>OpenSSH running on Ubuntu 14.04</description>
922
923
  <example service.version="6.6p1" openssh.comment="Ubuntu-2ubuntu1">OpenSSH_6.6p1 Ubuntu-2ubuntu1</example>
923
924
  <example service.version="6.6.1p1" openssh.comment="Ubuntu-2ubuntu2">OpenSSH_6.6.1p1 Ubuntu-2ubuntu2</example>
925
+ <example service.version="6.6.1p1" openssh.comment="Ubuntu-2ubuntu2.13">OpenSSH_6.6.1p1 Ubuntu-2ubuntu2.13</example>
924
926
  <param pos="1" name="service.version"/>
925
927
  <param pos="2" name="openssh.comment"/>
926
928
  <param pos="0" name="service.vendor" value="OpenBSD"/>
@@ -950,9 +952,10 @@
950
952
  <param pos="0" name="os.cpe23" value="cpe:/o:canonical:ubuntu_linux:14.10"/>
951
953
  </fingerprint>
952
954
 
953
- <fingerprint pattern="^OpenSSH_(6\.7p1) (Ubuntu-5ubuntu\d(?:\.\d)?)$">
955
+ <fingerprint pattern="^OpenSSH_(6\.7p1) (Ubuntu-5\S*)$">
954
956
  <description>OpenSSH running on Ubuntu 15.04 (vivid)</description>
955
957
  <example service.version="6.7p1" openssh.comment="Ubuntu-5ubuntu1">OpenSSH_6.7p1 Ubuntu-5ubuntu1</example>
958
+ <example service.version="6.7p1" openssh.comment="Ubuntu-5ubuntu1.4">OpenSSH_6.7p1 Ubuntu-5ubuntu1.4</example>
956
959
  <param pos="1" name="service.version"/>
957
960
  <param pos="2" name="openssh.comment"/>
958
961
  <param pos="0" name="service.vendor" value="OpenBSD"/>
@@ -966,9 +969,10 @@
966
969
  <param pos="0" name="os.cpe23" value="cpe:/o:canonical:ubuntu_linux:15.04"/>
967
970
  </fingerprint>
968
971
 
969
- <fingerprint pattern="^OpenSSH_(6\.9p1) (Ubuntu-2)$">
972
+ <fingerprint pattern="^OpenSSH_(6\.9p1) (Ubuntu-2\S*)$">
970
973
  <description>OpenSSH running on Ubuntu 15.10</description>
971
974
  <example service.version="6.9p1" openssh.comment="Ubuntu-2">OpenSSH_6.9p1 Ubuntu-2</example>
975
+ <example service.version="6.9p1" openssh.comment="Ubuntu-2ubuntu0.2">OpenSSH_6.9p1 Ubuntu-2ubuntu0.2</example>
972
976
  <param pos="1" name="service.version"/>
973
977
  <param pos="2" name="openssh.comment"/>
974
978
  <param pos="0" name="service.vendor" value="OpenBSD"/>
@@ -982,9 +986,11 @@
982
986
  <param pos="0" name="os.cpe23" value="cpe:/o:canonical:ubuntu_linux:15.10"/>
983
987
  </fingerprint>
984
988
 
985
- <fingerprint pattern="^OpenSSH_(7\.2p2) (Ubuntu-4ubuntu\d(?:\.\d)?)$">
989
+ <fingerprint pattern="^OpenSSH_(7\.2p2) (Ubuntu-4\S*)$">
986
990
  <description>OpenSSH running on Ubuntu 16.04 (vivid)</description>
987
991
  <example service.version="7.2p2" openssh.comment="Ubuntu-4ubuntu2.7">OpenSSH_7.2p2 Ubuntu-4ubuntu2.7</example>
992
+ <example service.version="7.2p2" openssh.comment="Ubuntu-4ubuntu1">OpenSSH_7.2p2 Ubuntu-4ubuntu1</example>
993
+ <example service.version="7.2p2" openssh.comment="Ubuntu-4">OpenSSH_7.2p2 Ubuntu-4</example>
988
994
  <param pos="1" name="service.version"/>
989
995
  <param pos="2" name="openssh.comment"/>
990
996
  <param pos="0" name="service.vendor" value="OpenBSD"/>
@@ -1030,9 +1036,10 @@
1030
1036
  <param pos="0" name="os.cpe23" value="cpe:/o:canonical:ubuntu_linux:17.04"/>
1031
1037
  </fingerprint>
1032
1038
 
1033
- <fingerprint pattern="^OpenSSH_(7\.5p1) (Ubuntu-10ubuntu\d(?:\.\d)?)$">
1039
+ <fingerprint pattern="^OpenSSH_(7\.5p1) (Ubuntu-10\S*)$">
1034
1040
  <description>OpenSSH running on Ubuntu 17.10</description>
1035
1041
  <example service.version="7.5p1" openssh.comment="Ubuntu-10ubuntu0.1">OpenSSH_7.5p1 Ubuntu-10ubuntu0.1</example>
1042
+ <example service.version="7.5p1" openssh.comment="Ubuntu-10">OpenSSH_7.5p1 Ubuntu-10</example>
1036
1043
  <param pos="1" name="service.version"/>
1037
1044
  <param pos="2" name="openssh.comment"/>
1038
1045
  <param pos="0" name="service.vendor" value="OpenBSD"/>
@@ -1046,9 +1053,10 @@
1046
1053
  <param pos="0" name="os.cpe23" value="cpe:/o:canonical:ubuntu_linux:17.10"/>
1047
1054
  </fingerprint>
1048
1055
 
1049
- <fingerprint pattern="^OpenSSH_(7\.6p1) (Ubuntu-4ubuntu\d(?:\.\d)?)$">
1056
+ <fingerprint pattern="^OpenSSH_(7\.6p1) (Ubuntu-4\S*)$">
1050
1057
  <description>OpenSSH running on Ubuntu 18.04</description>
1051
1058
  <example service.version="7.6p1" openssh.comment="Ubuntu-4ubuntu0.3">OpenSSH_7.6p1 Ubuntu-4ubuntu0.3</example>
1059
+ <example service.version="7.6p1" openssh.comment="Ubuntu-4">OpenSSH_7.6p1 Ubuntu-4</example>
1052
1060
  <param pos="1" name="service.version"/>
1053
1061
  <param pos="2" name="openssh.comment"/>
1054
1062
  <param pos="0" name="service.vendor" value="OpenBSD"/>
@@ -1062,9 +1070,10 @@
1062
1070
  <param pos="0" name="os.cpe23" value="cpe:/o:canonical:ubuntu_linux:18.04"/>
1063
1071
  </fingerprint>
1064
1072
 
1065
- <fingerprint pattern="^OpenSSH_(7\.7p1) (Ubuntu-4)$">
1073
+ <fingerprint pattern="^OpenSSH_(7\.7p1) (Ubuntu-4\S*)$">
1066
1074
  <description>OpenSSH running on Ubuntu 18.10</description>
1067
1075
  <example service.version="7.7p1" openssh.comment="Ubuntu-4">OpenSSH_7.7p1 Ubuntu-4</example>
1076
+ <example service.version="7.7p1" openssh.comment="Ubuntu-4ubuntu0.3">OpenSSH_7.7p1 Ubuntu-4ubuntu0.3</example>
1068
1077
  <param pos="1" name="service.version"/>
1069
1078
  <param pos="2" name="openssh.comment"/>
1070
1079
  <param pos="0" name="service.vendor" value="OpenBSD"/>
@@ -1110,6 +1119,39 @@
1110
1119
  <param pos="0" name="os.cpe23" value="cpe:/o:canonical:ubuntu_linux:19.10"/>
1111
1120
  </fingerprint>
1112
1121
 
1122
+ <fingerprint pattern="^OpenSSH_(8\.2p1) (Ubuntu-4\S*)$">
1123
+ <description>OpenSSH running on Ubuntu 20.04</description>
1124
+ <example service.version="8.2p1" openssh.comment="Ubuntu-4ubuntu0.1">OpenSSH_8.2p1 Ubuntu-4ubuntu0.1</example>
1125
+ <example service.version="8.2p1" openssh.comment="Ubuntu-4">OpenSSH_8.2p1 Ubuntu-4</example>
1126
+ <param pos="1" name="service.version"/>
1127
+ <param pos="2" name="openssh.comment"/>
1128
+ <param pos="0" name="service.vendor" value="OpenBSD"/>
1129
+ <param pos="0" name="service.family" value="OpenSSH"/>
1130
+ <param pos="0" name="service.product" value="OpenSSH"/>
1131
+ <param pos="0" name="service.cpe23" value="cpe:/a:openbsd:openssh:{service.version}"/>
1132
+ <param pos="0" name="os.vendor" value="Ubuntu"/>
1133
+ <param pos="0" name="os.family" value="Linux"/>
1134
+ <param pos="0" name="os.product" value="Linux"/>
1135
+ <param pos="0" name="os.version" value="20.04"/>
1136
+ <param pos="0" name="os.cpe23" value="cpe:/o:canonical:ubuntu_linux:20.04"/>
1137
+ </fingerprint>
1138
+
1139
+ <fingerprint pattern="^OpenSSH_(8\.3p1) (Ubuntu-1\S*)$">
1140
+ <description>OpenSSH running on Ubuntu 20.10</description>
1141
+ <example service.version="8.3p1" openssh.comment="Ubuntu-1">OpenSSH_8.3p1 Ubuntu-1</example>
1142
+ <param pos="1" name="service.version"/>
1143
+ <param pos="2" name="openssh.comment"/>
1144
+ <param pos="0" name="service.vendor" value="OpenBSD"/>
1145
+ <param pos="0" name="service.family" value="OpenSSH"/>
1146
+ <param pos="0" name="service.product" value="OpenSSH"/>
1147
+ <param pos="0" name="service.cpe23" value="cpe:/a:openbsd:openssh:{service.version}"/>
1148
+ <param pos="0" name="os.vendor" value="Ubuntu"/>
1149
+ <param pos="0" name="os.family" value="Linux"/>
1150
+ <param pos="0" name="os.product" value="Linux"/>
1151
+ <param pos="0" name="os.version" value="20.10"/>
1152
+ <param pos="0" name="os.cpe23" value="cpe:/o:canonical:ubuntu_linux:20.10"/>
1153
+ </fingerprint>
1154
+
1113
1155
  <fingerprint pattern="^OpenSSH_([^\s]+)\s+(Ubuntu-\d\d?)$">
1114
1156
  <description>OpenSSH running on Ubuntu (unknown release)</description>
1115
1157
  <example service.version="7.6p1" openssh.comment="Ubuntu-2">OpenSSH_7.6p1 Ubuntu-2</example>
@@ -1329,9 +1371,56 @@
1329
1371
  <param pos="0" name="os.cpe23" value="cpe:/o:debian:debian_linux:9.0"/>
1330
1372
  </fingerprint>
1331
1373
 
1332
- <fingerprint pattern="^OpenSSH_(7\.9p1) (Debian-10|Debian-\d\d?\+deb10u\d+)$">
1333
- <description>OpenSSH running on Debian 10.x (buster)</description>
1374
+ <fingerprint pattern="^OpenSSH_(7\.9p1) (Debian-10)$">
1375
+ <description>OpenSSH running on Debian 10.0 (buster)</description>
1334
1376
  <example service.version="7.9p1" openssh.comment="Debian-10">OpenSSH_7.9p1 Debian-10</example>
1377
+ <param pos="1" name="service.version"/>
1378
+ <param pos="2" name="openssh.comment"/>
1379
+ <param pos="0" name="service.vendor" value="OpenBSD"/>
1380
+ <param pos="0" name="service.family" value="OpenSSH"/>
1381
+ <param pos="0" name="service.product" value="OpenSSH"/>
1382
+ <param pos="0" name="service.cpe23" value="cpe:/a:openbsd:openssh:{service.version}"/>
1383
+ <param pos="0" name="os.vendor" value="Debian"/>
1384
+ <param pos="0" name="os.family" value="Linux"/>
1385
+ <param pos="0" name="os.product" value="Linux"/>
1386
+ <param pos="0" name="os.version" value="10.0"/>
1387
+ <param pos="0" name="os.cpe23" value="cpe:/o:debian:debian_linux:10.0"/>
1388
+ </fingerprint>
1389
+
1390
+ <fingerprint pattern="^OpenSSH_(7\.9p1) (Debian-10\+deb10u1)$">
1391
+ <description>OpenSSH running on Debian 10.1 (buster)</description>
1392
+ <example service.version="7.9p1" openssh.comment="Debian-10+deb10u1">OpenSSH_7.9p1 Debian-10+deb10u1</example>
1393
+ <param pos="1" name="service.version"/>
1394
+ <param pos="2" name="openssh.comment"/>
1395
+ <param pos="0" name="service.vendor" value="OpenBSD"/>
1396
+ <param pos="0" name="service.family" value="OpenSSH"/>
1397
+ <param pos="0" name="service.product" value="OpenSSH"/>
1398
+ <param pos="0" name="service.cpe23" value="cpe:/a:openbsd:openssh:{service.version}"/>
1399
+ <param pos="0" name="os.vendor" value="Debian"/>
1400
+ <param pos="0" name="os.family" value="Linux"/>
1401
+ <param pos="0" name="os.product" value="Linux"/>
1402
+ <param pos="0" name="os.version" value="10.1"/>
1403
+ <param pos="0" name="os.cpe23" value="cpe:/o:debian:debian_linux:10.1"/>
1404
+ </fingerprint>
1405
+
1406
+ <fingerprint pattern="^OpenSSH_(7\.9p1) (Debian-10\+deb10u2)$">
1407
+ <description>OpenSSH running on Debian 10.2 (buster)</description>
1408
+ <example service.version="7.9p1" openssh.comment="Debian-10+deb10u2">OpenSSH_7.9p1 Debian-10+deb10u2</example>
1409
+ <param pos="1" name="service.version"/>
1410
+ <param pos="2" name="openssh.comment"/>
1411
+ <param pos="0" name="service.vendor" value="OpenBSD"/>
1412
+ <param pos="0" name="service.family" value="OpenSSH"/>
1413
+ <param pos="0" name="service.product" value="OpenSSH"/>
1414
+ <param pos="0" name="service.cpe23" value="cpe:/a:openbsd:openssh:{service.version}"/>
1415
+ <param pos="0" name="os.vendor" value="Debian"/>
1416
+ <param pos="0" name="os.family" value="Linux"/>
1417
+ <param pos="0" name="os.product" value="Linux"/>
1418
+ <param pos="0" name="os.version" value="10.2"/>
1419
+ <param pos="0" name="os.cpe23" value="cpe:/o:debian:debian_linux:10.2"/>
1420
+ </fingerprint>
1421
+
1422
+ <fingerprint pattern="^OpenSSH_(7\.9p1) (Debian-10\S+)$">
1423
+ <description>OpenSSH running on Debian 10.x (buster catchall)</description>
1335
1424
  <example service.version="7.9p1" openssh.comment="Debian-10+deb10u6">OpenSSH_7.9p1 Debian-10+deb10u6</example>
1336
1425
  <param pos="1" name="service.version"/>
1337
1426
  <param pos="2" name="openssh.comment"/>
@@ -1615,7 +1704,7 @@
1615
1704
  <param pos="0" name="service.product" value="SSH"/>
1616
1705
  <param pos="0" name="os.vendor" value="Cisco"/>
1617
1706
  <param pos="0" name="os.product" value="Wireless LAN Controller"/>
1618
- <param pos="0" name="os.cpe23" value="cpe:/o:cisco:wireless_lan_controller:-"/>
1707
+ <param pos="0" name="os.cpe23" value="cpe:/o:cisco:wireless_lan_controller_software:-"/>
1619
1708
  </fingerprint>
1620
1709
 
1621
1710
  <fingerprint pattern="(?i)^Cleo (\S+)/(\S+) SSH FTP server$">
@@ -1776,6 +1865,7 @@
1776
1865
  <param pos="0" name="service.vendor" value="Standard Networks"/>
1777
1866
  <param pos="0" name="service.family" value="MOVEit DMZ"/>
1778
1867
  <param pos="0" name="service.product" value="MOVEit DMZ"/>
1868
+ <param pos="0" name="service.cpe23" value="cpe:/a:ipswitch:moveit_dmz:{service.version}"/>
1779
1869
  <param pos="0" name="os.vendor" value="Microsoft"/>
1780
1870
  <param pos="0" name="os.family" value="Windows"/>
1781
1871
  <param pos="0" name="os.product" value="Windows"/>
@@ -1864,7 +1954,8 @@
1864
1954
  <param pos="1" name="service.version"/>
1865
1955
  <param pos="0" name="service.vendor" value="Attachmate"/>
1866
1956
  <param pos="0" name="service.family" value="Reflection"/>
1867
- <param pos="0" name="service.product" value="Reflection"/>
1957
+ <param pos="0" name="service.product" value="Reflection for Secure IT"/>
1958
+ <param pos="0" name="service.cpe23" value="cpe:/a:attachmate:reflection_for_secure_it:{service.version}"/>
1868
1959
  </fingerprint>
1869
1960
 
1870
1961
  <fingerprint pattern="^([^\s]*)\s*F-Secure SSH\s*(?:.*)$">
@@ -1883,6 +1974,7 @@
1883
1974
  <param pos="0" name="service.vendor" value="SSH Communications Security"/>
1884
1975
  <param pos="0" name="service.family" value="SSH Tectia Server"/>
1885
1976
  <param pos="0" name="service.product" value="SSH Tectia Server"/>
1977
+ <param pos="0" name="service.cpe23" value="cpe:/a:ssh:tectia_server:{service.version}"/>
1886
1978
  </fingerprint>
1887
1979
 
1888
1980
  <fingerprint pattern="^([0-9\.]+) SSH Secure Shell(?: \(non-commercial\))?$">
@@ -1894,6 +1986,7 @@
1894
1986
  <param pos="0" name="service.vendor" value="SSH Communications Security"/>
1895
1987
  <param pos="0" name="service.family" value="SSH Tectia Server"/>
1896
1988
  <param pos="0" name="service.product" value="SSH Tectia Server"/>
1989
+ <param pos="0" name="service.cpe23" value="cpe:/a:ssh:tectia_server:{service.version}"/>
1897
1990
  </fingerprint>
1898
1991
 
1899
1992
  <fingerprint pattern="^([0-9\.]+) SSH Secure Shell Windows NT Server$">
@@ -1907,6 +2000,7 @@
1907
2000
  <param pos="0" name="service.vendor" value="SSH Communications Security"/>
1908
2001
  <param pos="0" name="service.family" value="SSH Tectia Server"/>
1909
2002
  <param pos="0" name="service.product" value="SSH Tectia Server"/>
2003
+ <param pos="0" name="service.cpe23" value="cpe:/a:ssh:tectia_server:{service.version}"/>
1910
2004
  </fingerprint>
1911
2005
 
1912
2006
  <fingerprint pattern="^ARRIS_(.*)$">
@@ -1994,6 +2088,7 @@
1994
2088
  <param pos="0" name="service.vendor" value="Standard Networks"/>
1995
2089
  <param pos="0" name="service.family" value="MOVEit DMZ"/>
1996
2090
  <param pos="0" name="service.product" value="MOVEit DMZ"/>
2091
+ <param pos="0" name="service.cpe23" value="cpe:/a:ipswitch:moveit_dmz:-"/>
1997
2092
  <param pos="0" name="os.vendor" value="Microsoft"/>
1998
2093
  <param pos="0" name="os.family" value="Windows"/>
1999
2094
  <param pos="0" name="os.product" value="Windows"/>
@@ -2019,7 +2114,12 @@
2019
2114
  <param pos="0" name="os.vendor" value="NetApp"/>
2020
2115
  <param pos="0" name="os.family" value="Data ONTAP"/>
2021
2116
  <param pos="0" name="os.product" value="Data ONTAP"/>
2117
+ <param pos="0" name="os.device" value="NAS"/>
2022
2118
  <param pos="0" name="os.cpe23" value="cpe:/o:netapp:data_ontap:-"/>
2119
+ <param pos="0" name="hw.vendor" value="NetApp"/>
2120
+ <param pos="0" name="hw.family" value="Data ONTAP"/>
2121
+ <param pos="0" name="hw.product" value="Data ONTAP"/>
2122
+ <param pos="0" name="hw.device" value="NAS"/>
2023
2123
  </fingerprint>
2024
2124
 
2025
2125
  <fingerprint pattern="^(\d\.\d+\.\d+) SSH Secure Shell OpenVMS V\d+\.\d+$">
@@ -2125,6 +2225,19 @@
2125
2225
  <param pos="0" name="service.product" value="WeOnlyDo SSH Server"/>
2126
2226
  </fingerprint>
2127
2227
 
2228
+ <fingerprint pattern="^Zyxel SSH server$">
2229
+ <description>Zyxel Firewall SSH service</description>
2230
+ <example>Zyxel SSH server</example>
2231
+ <param pos="0" name="service.vendor" value="Zyxel"/>
2232
+ <param pos="0" name="service.family" value="Zywall"/>
2233
+ <param pos="0" name="os.vendor" value="Zyxel"/>
2234
+ <param pos="0" name="os.product" value="ZyNOS firmware"/>
2235
+ <param pos="0" name="os.cpe23" value="cpe:/o:zyxel:zynos_firmware:-"/>
2236
+ <param pos="0" name="hw.vendor" value="Zyxel"/>
2237
+ <param pos="0" name="hw.device" value="Firewall"/>
2238
+ <param pos="0" name="hw.family" value="Unified Security Gateway"/>
2239
+ </fingerprint>
2240
+
2128
2241
  <!--
2129
2242
  1.2.22j4rad
2130
2243
  2.40
@@ -550,7 +550,7 @@
550
550
  </example>
551
551
  <param pos="0" name="hw.vendor" value="Grandstream"/>
552
552
  <param pos="0" name="hw.family" value="GXV"/>
553
- <param pos="0" name="hw.device" value="Web cam"/>
553
+ <param pos="0" name="hw.device" value="IP Camera"/>
554
554
  <param pos="1" name="hw.product"/>
555
555
  </fingerprint>
556
556
 
@@ -617,7 +617,7 @@
617
617
  <param pos="0" name="hw.vendor" value="SMA Solar Technology Ag"/>
618
618
  <param pos="0" name="hw.family" value="Sunny"/>
619
619
  <param pos="0" name="hw.product" value="WebBox"/>
620
- <param pos="0" name="hw.device" value="Power device"/>
620
+ <param pos="0" name="hw.device" value="Power Device"/>
621
621
  <param pos="0" name="os.vendor" value="Microsoft"/>
622
622
  <param pos="0" name="os.family" value="Windows"/>
623
623
  <param pos="0" name="os.product" value="Windows CE"/>
@@ -1018,7 +1018,7 @@
1018
1018
  <param pos="5" name="os.version.version"/>
1019
1019
  </fingerprint>
1020
1020
 
1021
- <fingerprint pattern="^Model name\s+: (MiiNePort [\w-]+)(?:\r|\n|\x00)+Serial No.\s+: (\d+)(?:\r|\n|\x00)+Device name\s+: [\w:-_\&amp;]+(?:\r|\n|\x00)+Firmware version\s+: ([\d.]+) Build (\d+)(?:\r|\n|\x00)+Ethernet MAC address: ([\w:]+)(?:\r|\n|\x00)+">
1021
+ <fingerprint pattern="^Model name\s+: (MiiNePort [\w-]+)(?:\r|\n|\x00)+Serial No.\s+: (\d+)(?:\r|\n|\x00)+Device name\s+: [\w:\&amp;-]+(?:\r|\n|\x00)+Firmware version\s+: ([\d.]+) Build (\d+)(?:\r|\n|\x00)+Ethernet MAC address: ([\w:]+)(?:\r|\n|\x00)+">
1022
1022
  <description>Moxa MiiNePort Series Embedded device server</description>
1023
1023
  <!-- Model name : MiiNePort E2\r\nSerial No. : 9999\r\nDevice name : MiiNePort_E2_4064\r\nFirmware version : 1.3.36 Build 15031615\r\nEthernet MAC address: 00:90:E8:5A:92:FF\r\n\r\nPlease keyin your password: -->
1024
1024
 
@@ -1064,6 +1064,7 @@
1064
1064
  <param pos="0" name="hw.family" value="EDR"/>
1065
1065
  <param pos="0" name="hw.device" value="Router"/>
1066
1066
  <param pos="0" name="hw.product" value="EDR-G902"/>
1067
+ <param pos="0" name="hw.cpe23" value="cpe:/h:moxa:edr-g902:-"/>
1067
1068
  <param pos="0" name="os.vendor" value="Moxa"/>
1068
1069
  <param pos="0" name="os.family" value="EDR"/>
1069
1070
  <param pos="0" name="os.device" value="Router"/>
@@ -1231,10 +1232,13 @@
1231
1232
  <param pos="0" name="os.vendor" value="Arescom"/>
1232
1233
  <param pos="0" name="os.device" value="WAP"/>
1233
1234
  <param pos="1" name="os.model"/>
1235
+ <param pos="0" name="hw.vendor" value="Arescom"/>
1236
+ <param pos="0" name="hw.device" value="WAP"/>
1237
+ <param pos="1" name="hw.model"/>
1234
1238
  </fingerprint>
1235
1239
 
1236
1240
  <fingerprint pattern="^Welcome to ViewStation">
1237
- <description>Polycom ViewStation Video Vonference System</description>
1241
+ <description>Polycom ViewStation Video Conference System</description>
1238
1242
  <!-- Welcome to ViewStation\nPassword: -->
1239
1243
 
1240
1244
  <example _encoding="base64">
@@ -1252,7 +1256,7 @@
1252
1256
  Rmxvd1BvaW50LzIyMDAgU0RTTCBbQVRNXSBSb3V0ZXIgZnAyMjAwLTEyIHYzLjAuMiBSZWFkeQpMb2dpbjog
1253
1257
  </example>
1254
1258
  <param pos="0" name="os.vendor" value="FlowPoint"/>
1255
- <param pos="0" name="hw.device" value="Broadband router"/>
1259
+ <param pos="0" name="hw.device" value="Broadband Router"/>
1256
1260
  <param pos="0" name="hw.product" value="DSL Router"/>
1257
1261
  <param pos="1" name="hw.model"/>
1258
1262
  <param pos="2" name="os.version"/>
@@ -1267,7 +1271,7 @@
1267
1271
  MpIDIwMDEtMjAwMyBieSBHbG9iZXNwYW5WaXJhdGEsIEluYy4KCgpsb2dpbjog
1268
1272
  </example>
1269
1273
  <param pos="0" name="os.vendor" value="Conexant"/>
1270
- <param pos="0" name="hw.device" value="Broadband router"/>
1274
+ <param pos="0" name="hw.device" value="Broadband Router"/>
1271
1275
  <param pos="1" name="os.version"/>
1272
1276
  </fingerprint>
1273
1277
 
@@ -1491,7 +1495,12 @@
1491
1495
  <param pos="0" name="os.vendor" value="NetApp"/>
1492
1496
  <param pos="0" name="os.family" value="Data ONTAP"/>
1493
1497
  <param pos="0" name="os.product" value="Data ONTAP"/>
1498
+ <param pos="0" name="os.device" value="NAS"/>
1494
1499
  <param pos="0" name="os.cpe23" value="cpe:/o:netapp:data_ontap:-"/>
1500
+ <param pos="0" name="hw.vendor" value="NetApp"/>
1501
+ <param pos="0" name="hw.family" value="Data ONTAP"/>
1502
+ <param pos="0" name="hw.product" value="Data ONTAP"/>
1503
+ <param pos="0" name="hw.device" value="NAS"/>
1495
1504
  </fingerprint>
1496
1505
 
1497
1506
  <fingerprint pattern="OpenVMS.*Version\sV([^\s]+).*">
@@ -1573,7 +1582,7 @@
1573
1582
  T1JUPj4+TE9HT04gUEFTU1dPUkQ+My4yNyoqKioqKg==
1574
1583
  </example>
1575
1584
  <param pos="0" name="os.vendor" value="Conexant"/>
1576
- <param pos="0" name="os.device" value="Broadband router"/>
1585
+ <param pos="0" name="os.device" value="Broadband Router"/>
1577
1586
  <param pos="0" name="os.product" value="AccessRunner ADSL router"/>
1578
1587
  </fingerprint>
1579
1588
 
@@ -1586,7 +1595,7 @@
1586
1595
  RoZSBjb25uZWN0aW9uIHJlcXVlc3QgISEh
1587
1596
  </example>
1588
1597
  <param pos="0" name="hw.vendor" value="DrayTek"/>
1589
- <param pos="0" name="hw.device" value="Broadband router"/>
1598
+ <param pos="0" name="hw.device" value="Broadband Router"/>
1590
1599
  <param pos="0" name="hw.product" value="Vigor"/>
1591
1600
  </fingerprint>
1592
1601
 
@@ -1797,7 +1806,7 @@
1797
1806
  \n \nServer Name: PS-B04E8E\nServer Model: LPV 2 - TX 1\nF / W Version: 2.00 J \nMAC Address: AE 32 EA 21 BB E3\n
1798
1807
  Uptime: 0 days, 00: 00: 12\n \nPlease Enter Password:"-->
1799
1808
 
1800
- <example _encoding="base64" os.version="2.00" host.id="PS-B04E8E" os.model="LPV" os.address="AE 32 EA 21 BB E3">
1809
+ <example _encoding="base64" os.version="2.00" host.id="PS-B04E8E" hw.model="LPV" host.mac="AE 32 EA 21 BB E3">
1801
1810
  KioqKioqKioqKioqKioqKioqKioqKioqKioqKioqKioqKipcbiogV2VsY29tZSB0byBNRUxDTyBQc
1802
1811
  mludCBTZXJ2ZXIgKlxuKiBUZWxuZXQgQ29uc29sZSAqXG4qKioqKioqKioqKioqKioqKioqKioqKi
1803
1812
  oqKioqKioqKioqKlxuIFxuU2VydmVyIE5hbWU6IFBTLUIwNEU4RVxuU2VydmVyIE1vZGVsOiBMUFY
@@ -1807,11 +1816,13 @@
1807
1816
  </example>
1808
1817
  <param pos="0" name="os.vendor" value="Buffalo"/>
1809
1818
  <param pos="0" name="os.family" value="PrintServer"/>
1810
- <param pos="0" name="os.device" value="Printer"/>
1819
+ <param pos="0" name="os.device" value="Print Server"/>
1811
1820
  <param pos="1" name="host.id"/>
1812
- <param pos="2" name="os.model"/>
1821
+ <param pos="0" name="hw.vendor" value="Buffalo"/>
1822
+ <param pos="0" name="hw.device" value="Print Server"/>
1823
+ <param pos="2" name="hw.model"/>
1813
1824
  <param pos="3" name="os.version"/>
1814
- <param pos="4" name="os.address"/>
1825
+ <param pos="4" name="host.mac"/>
1815
1826
  </fingerprint>
1816
1827
 
1817
1828
  <fingerprint pattern="^(?m)AIX Version\W(\d).*">
@@ -1943,9 +1954,9 @@
1943
1954
  <example _encoding="base64" os.version="2.90.00">
1944
1955
  UHJlY2lzZS9SVENTIHYyLjkwLjAwIFRlbG5ldCBzZXJ2ZXIKCgpTZXJ2aWNlIFBvcnQgTWFuYWdlciBBY3RpdmUKCjxFc2M+IEVuZHMgU2Vzc2lvbgoKroot
1945
1956
  </example>
1946
- <param pos="0" name="hw.device" value="Power device"/>
1957
+ <param pos="0" name="hw.device" value="Power Device"/>
1947
1958
  <param pos="0" name="hw.vendor" value="Liebert"/>
1948
- <param pos="0" name="os.device" value="Power device"/>
1959
+ <param pos="0" name="os.device" value="Power Device"/>
1949
1960
  <param pos="0" name="os.vendor" value="Liebert"/>
1950
1961
  <param pos="1" name="os.version"/>
1951
1962
  </fingerprint>
@@ -2065,4 +2076,23 @@
2065
2076
  <param pos="0" name="service.component.cpe23" value="cpe:/a:sap:netweaver_application_server:-"/>
2066
2077
  </fingerprint>
2067
2078
 
2079
+ <fingerprint pattern="^(?:\r|\n|\s)*UDP/TCP/IP Stack: ACT Video security">
2080
+ <description>ACT Security IP Cameras</description>
2081
+ <!--
2082
+ UDP/TCP/IP Stack: ACT Video security\r\n
2083
+ V5.8\r\n
2084
+ Welcome connection : 192.168.0.1:61300\r\n
2085
+ \r\n
2086
+ Password:
2087
+ -->
2088
+
2089
+ <example _encoding="base64">
2090
+ VURQL1RDUC9JUCBTdGFjazogQUNUIFZpZGVvIHNlY3VyaXR5DQpWNS44DQpX
2091
+ ZWxjb21lIGNvbm5lY3Rpb24gOiAxOTIuMTY4LjAuMTo2MTMwMA0KDQpQYXNz
2092
+ d29yZDog
2093
+ </example>
2094
+ <param pos="0" name="hw.vendor" value="ACT Security"/>
2095
+ <param pos="0" name="hw.device" value="IP Camera"/>
2096
+ </fingerprint>
2097
+
2068
2098
  </fingerprints>