recog 2.3.17 → 2.3.21

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: f593d696005c5d90c90e99a3ff779f11e73eeb28d94c6fed500bef2124502803
-  data.tar.gz: 555a3b4fc6ba321c11d0479cc6054e4f316fa810d567bdddf2dfa2de08788043
+  metadata.gz: 972b7cc1ae69526b61f221eeefce61d192ccf4b1603342f94195bf6cd2ddba95
+  data.tar.gz: 807831da5cdfd3160bca893367c92f4b817514758b996968829253f548d19709
 SHA512:
-  metadata.gz: eeddda28aaf2233544f1f4072d1f1d62431d5a8ade16edfb39f57aa05d8199794305c043af3618bced6b752f247709fc5b0f6ee430309779e5ed56bd0f963cc7
-  data.tar.gz: 32c03df36eef13503fdeb2ebdb5a54a5fc26e682ced5b43e047d5e885135019e19b6617845dd0087d7c06c246dc49c6866ed00585e8b6978a1db9c58dc1ce4ad
+  metadata.gz: a923e57f1f34fb74358756372fc3d3d08c20f0a0b9b1088905f57f4b09a2a56b2d9d4940d39e609ff50c164d15e285c9e1707032864d55f969a7ed4d72e68de5
+  data.tar.gz: 62d17cd2cdf9c3a6d35b36e4ace9c20744d42cfd99a2e90f65e463540fceb551f35f7572179af261c8881116aeadc51986e371631dc451df31081d52d79a58c1

data/.github/workflows/ci.yml

@@ -0,0 +1,26 @@
+name: CI
+
+on: [push, pull_request]
+
+jobs:
+  test:
+    name: 'Ruby: ${{ matrix.ruby-version }}'
+    runs-on: ubuntu-latest
+    strategy:
+      fail-fast: false
+      matrix:
+        ruby-version: ['2.5', '2.6', '2.7', '3.0', 'jruby-9.1.17.0', 'jruby']
+
+    steps:
+    - uses: actions/checkout@v2
+    - name: Set up Ruby
+      uses: ruby/setup-ruby@v1
+      with:
+        ruby-version: ${{ matrix.ruby-version }}
+        bundler-cache: true # runs 'bundle install' and caches installed gems automatically
+    - name: Run tests
+      run: |
+        bundle exec rake --version
+        bundle exec rake tests
+      env:
+        JRUBY_OPTS: --server -J-Xms512m -J-Xmx2G

data/bin/recog_standardize

@@ -50,6 +50,7 @@ end
 
 # Load the unique identifiers
 vendors = load_identifiers(File.join(bdir, "vendor.txt"))
+fields = load_identifiers(File.join(bdir, "fields.txt"))
 os_arch = load_identifiers(File.join(bdir, "os_architecture.txt"))
 os_prod = load_identifiers(File.join(bdir, "os_product.txt"))
 os_family = load_identifiers(File.join(bdir, "os_family.txt"))
@@ -67,6 +68,10 @@ ARGV.each do |arg|
     ndb.fingerprints.each do |f|
       f.params.each do |k,v|
         paramIndex, val = v
+        if ! fields[k]
+          puts "FIELD MISSING: #{k}"
+          fields[k] = true
+        end
         next if paramIndex != 0
         next if val.index("{") != nil
         next if val.strip == ""
@@ -131,6 +136,7 @@ exit if ! options.write
 
 # Write back the unique identifiers
 write_identifiers(vendors, File.join(bdir, "vendor.txt"))
+write_identifiers(fields, File.join(bdir, "fields.txt"))
 write_identifiers(os_arch, File.join(bdir, "os_architecture.txt"))
 write_identifiers(os_prod, File.join(bdir, "os_product.txt"))
 write_identifiers(os_family, File.join(bdir, "os_family.txt"))

data/cpe-remap.yaml

@@ -1,201 +1,343 @@
 mappings:
-  alpine:
-    vendor: alpinelinux
-    products:
-      linux: alpine_linux
-  apache:
-    products:
-      httpd: http_server
-  apple:
-    products:
-      ios: iphone_os
-  aprelium_technologies:
-    vendor: aprelium
-  alt-n:
-    vendor: altn
-  bea:
-    products:
-      weblogic: weblogic_server
-  blue_coat:
-    vendor: bluecoat
-  carnegie_mellon_university:
-    vendor: cmu
-    products:
-      cyrus_imap: cyrus_imap_server
-  centos:
-    products:
-      linux: centos
-  centos_webpanel:
-    vendor: centos-webpanel
-  check_point:
-    vendor: checkpoint
-  cisco:
-    vendor: cisco
-    products:
-      adaptive_security_appliance: adaptive_security_appliance_software
-      apic: application_policy_infrastructure_controller
-      pix: pix_firewall_software
-      telepresence: telepresence_video_communication_server_software
-  crushftp:
-    products:
-      crushftp_web_interface: crushftp
-  data_domain:
-    vendor: dell
-    products:
-      dd_os: emc_data_domain_os
-  debian:
-    products:
-      linux: debian_linux
-  drupal:
-    products:
-      cms: drupal
-  embedthis:
-    products:
-       goahead_webserver: goahead
-  emc:
-    products:
-      celerra: celerra_network_attached_storage
-  f5:
-    products:
-      big-ip: big-ip_local_traffic_manager
-      big-ip_ltm: big-ip_local_traffic_manager
-  fedora_project:
-    vendor: fedoraproject
-  hp:
-    products:
-      ilo: integrated_lights_out
-      tru64_unix: tru64
-  ibm:
-    products:
-      lotus_domino: lotus_domino_server
-      ibm_domino: lotus_domino
-      os/400: os_400
-  intel:
-    products:
-      intel(r)_active_management_technology: active_management_technology
-      intel(r)_standard_manageability: standard_manageability
-  jamf:
-    products:
-      jamf_pro: jamf
-  juniper:
-    products:
-      junos_os: junos
-  kibana:
-    vendor: elasticsearch
-  kodi:
-    products:
-      media_server: kodi
-  cz.nic:
-    vendor: knot-dns
-  litespeed_technologies:
-    vendor: litespeedtech
-  linux:
-    products:
-      linux: linux_kernel
-  lynx_technology:
-    vendor: lynxtechnology
-    products:
-      twonky_media_server: twonky_server
-  mailenable:
-    products:
-      mail_server: mailenable
-  microsoft:
-    products:
-      active_directory_controller: active_directory
-      exchange_server_5.5: exchange_server
-      exchange_2000_server: exchange_server
-      exchange_2003_server: exchange_server
-      exchange_2007_server: exchange_server
-      lightweight_directory_server: active_directory_lightweight_directory_service
-      windows_server_2003_datacenter_edition: windows_server_2003
-      windows_server_2003_r2: windows_server_2003
-      windows_2008_r2: windows_server_2008
-      windows_server_2008_datacenter_edition: windows_server_2008
-      windows_server_2008_r2: windows_server_2008
-      windows_server_2008_r2_datacenter_edition: windows_server_2008
-      windows_server_2012_r2: windows_server_2012
-      nt: windows_nt
-      windows_nt_desktop: windows_nt
-      windows_nt_server: windows_nt
-      windows_server_2000: windows_2000
-      windows_2000_server: windows_2000
-      windows_2000_datacenter_server: windows_2000
-      pws: personal_web_server
-  mod_ssl:
-    vendor: modssl
-  mod_wsgi:
-    vendor: modwsgi
-  mort_bay:
-    vendor: mortbay
-  munin:
-    vendor: munin-monitoring
-  nlnet_labs:
-    vendor: nlnetlabs
-    products:
-      dnsd: name_server_daemon
-  net-snmp:
-    products:
-      snmp_agent: net-snmp
-  owncloud:
-    products:
-      owncloud_server: owncloud
-  palo_alto_networks:
-    vendor: paloaltonetworks
-    products:
-      pa_firewall: pan-os
-  parallels:
-    products:
-      plesk: parallels_plesk_panel
-  plesk:
-    vendor: parallels
-  proftpd_project:
-    vendor: proftpd
-  progress:
-    products:
-      openedge_explorer: openedge
-  pulse_secure:
-    vendor: pulsesecure
-  realvnc_ltd.:
-    vendor: realvnc
-  red_hat:
-    vendor: redhat
-    products:
-      cygwin_x_server_project: cygwin
-      fedora_core_linux: fedora_core
-      jboss_as: jboss_wildfly_application_server
-      jboss_eap: jboss_enterprise_application_platform
-      jbossweb: jboss_web_framework_kit
-      red_hat_directory_server: directory_server
-  squid_cache:
-    vendor: squid-cache
-  sun:
-    vendor: sun
-    products:
-      solaris: sunos
-  swagger:
-    vendor: smartbear
-  tandberg:
-    vendor: cisco
-  tightvnc:
-    products:
-      desktop: tightvnc
-  ubiquiti:
-    vendor: ui
-  ubuntu:
-    vendor: canonical
-    products:
-      linux: ubuntu_linux
-  vandyke_software:
-    vendor: vandyke
-  vmware:
-    products:
-      photon_linux: photon_os
-      zimbra: zimbra_desktop
-      vcenter: vcenter_server
-      vmware_esx_server: esx
-      vmware_esxi_server: esxi
-  wind_river:
-    vendor: windriver
-  x.org:
-    products:
-      x.org_x11: x11
+  # The following section contains CPE application or 'a' remappings. These will
+  # ONLY be used for mapping Recog 'service' attributes.
+  a:
+    akamai:
+      products:
+        ghost: akamaighost
+    amazon:
+      products:
+        s3: amazon_simple_storage_service
+        cloudfront_load_balancer: amazon_cloudfront
+    apache:
+      products:
+        httpd: http_server
+    aprelium_technologies:
+      vendor: aprelium
+    alt-n:
+      vendor: altn
+    aruba_networks:
+      vendor: arubanetworks
+    bea:
+      products:
+        weblogic: weblogic_server
+    blue_coat:
+      vendor: bluecoat
+    carnegie_mellon_university:
+      vendor: cmu
+      products:
+        cyrus_imap: cyrus_imap_server
+    centos_webpanel:
+      vendor: centos-webpanel
+    check_point:
+      vendor: checkpoint
+    cherokee_project:
+      vendor: cherokee-project
+    cisco:
+      products:
+        apic: application_policy_infrastructure_controller
+    cloudflare:
+      products:
+        cloudflare_load_balancer: load_balancing
+    cpanel:
+      products:
+        cpanel_service_daemon: cpanel
+    crushftp:
+      products:
+        crushftp_web_interface: crushftp
+    cz.nic:
+      vendor: knot-dns
+    drupal:
+      products:
+        cms: drupal
+    embedthis:
+      products:
+        goahead_webserver: goahead
+    envoy_proxy:
+      vendor: envoyproxy
+    f5:
+      products:
+        big-ip: big-ip_local_traffic_manager
+        big-ip_ltm: big-ip_local_traffic_manager
+    fedora_project:
+      vendor: fedoraproject
+    google:
+      products:
+        google_web_services: web_server
+    ibm:
+      products:
+        lotus_domino: lotus_domino_server
+        ibm_domino: lotus_domino
+    ignite_realtime:
+      vendor: igniterealtime
+    intel:
+      products:
+        intel(r)_active_management_technology: active_management_technology
+        intel(r)_standard_manageability: standard_manageability
+    jamf:
+      products:
+        jamf_pro: jamf
+    kibana:
+      vendor: elasticsearch
+    kubernetes:
+      products:
+        nginx_ingress_controller: ingress-nginx
+    kodi:
+      products:
+        media_server: kodi
+    kong:
+      vendor: konghq
+      products:
+        gateway: kong_gateway
+    litespeed_technologies:
+      vendor: litespeedtech
+    lotus:
+      vendor: ibm
+    lynx_technology:
+      vendor: lynxtechnology
+      products:
+        twonky_media_server: twonky_server
+    mailenable:
+      products:
+        mail_server: mailenable
+    manageengine:
+      vendor: zohocorp
+      products:
+        adaudit_plus: manageengine_adaudit_plus
+        desktop_central: manageengine_desktop_central
+        opmanager: manageengine_opmanager
+    microsoft:
+      products:
+        active_directory_controller: active_directory
+        exchange_server_5.5: exchange_server
+        exchange_2000_server: exchange_server
+        exchange_2003_server: exchange_server
+        exchange_2007_server: exchange_server
+        lightweight_directory_server: active_directory_lightweight_directory_service
+        pws: personal_web_server
+    mod_ssl:
+      vendor: modssl
+    mod_wsgi:
+      vendor: modwsgi
+    # NIST took the vendor name from the website but apparently missed the `.in`
+    # in moinmo.in was part of the name
+    moinmoin:
+      vendor: moinmo
+    mort_bay:
+      vendor: mortbay
+    munin:
+      vendor: munin-monitoring
+    nlnet_labs:
+      vendor: nlnetlabs
+      products:
+        dnsd: name_server_daemon
+    net-snmp:
+      products:
+        snmp_agent: net-snmp
+    owncloud:
+      products:
+        owncloud_server: owncloud
+    parallels:
+      products:
+        plesk: parallels_plesk_panel
+    plesk:
+      vendor: parallels
+    proftpd_project:
+      vendor: proftpd
+    progress:
+      products:
+        openedge_explorer: openedge
+    pulse_secure:
+      vendor: pulsesecure
+    realvnc_ltd.:
+      vendor: realvnc
+    red_hat:
+      vendor: redhat
+      products:
+        cygwin_x_server_project: cygwin
+        jboss_as: jboss_wildfly_application_server
+        jboss_eap: jboss_enterprise_application_platform
+        jbossweb: jboss_web_framework_kit
+        red_hat_directory_server: directory_server
+    serv-u:
+      vendor: solarwinds
+    squid_cache:
+      vendor: squid-cache
+    ssh_communications_security:
+      vendor: ssh
+      products:
+        ssh_tectia_server: tectia_server
+    standard_networks:
+      vendor: ipswitch
+    swagger:
+      vendor: smartbear
+    synology:
+      products:
+        dsm: diskstation_manager
+    tightvnc:
+      products:
+        desktop: tightvnc
+    tor_project:
+      vendor: torproject
+    traefik_labs:
+      vendor: traefik
+      products:
+        traefik_proxy: traefik
+    twistedmatrix:
+      products:
+        twisted_web: twistedweb
+    ubiquiti:
+      vendor: ui
+    vandyke_software:
+      vendor: vandyke
+    vmware:
+      products:
+        zimbra: zimbra_desktop
+        vcenter: vcenter_server
+    x.org:
+      products:
+        x.org_x11: x11
+
+  # The following section contains CPE operating system or 'o' remappings. These will
+  # ONLY be used for mapping Recog 'os' attributes.
+  o:
+    alpine:
+      vendor: alpinelinux
+      products:
+        linux: alpine_linux
+    apple:
+      products:
+        ios: iphone_os
+    brocade:
+      vendor: broadcom
+      products:
+        fabric_os: fabric_operating_system
+    centos:
+      products:
+        linux: centos
+    check_point:
+      vendor: checkpoint
+    cisco:
+      products:
+        adaptive_security_appliance: adaptive_security_appliance_software
+        nam: network_analysis_module_software
+        pix: pix_firewall_software
+        telepresence: telepresence_video_communication_server_software
+        vpn_3000_concentrator: vpn_3000_concentrator_series_software
+        wireless_lan_controller: wireless_lan_controller_software
+    citrix:
+      products:
+        netscaler: netscaler_firmware
+        netscaler_gateway: netscaler_gateway_firmware
+    cumulus:
+      vendor: cumulusnetworks
+    data_domain:
+      vendor: dell
+      products:
+        dd_os: emc_data_domain_os
+    debian:
+      products:
+        linux: debian_linux
+    hp:
+      products:
+        ilo: integrated_lights-out_firmware
+        ilo_firmware: integrated_lights-out_firmware
+        ilo_2: integrated_lights-out_2_firmware
+        ilo_3: integrated_lights-out_3_firmware
+        ilo_4: integrated_lights-out_4_firmware
+        ilo_5: integrated_lights-out_5_firmware
+        tru64_unix: tru64
+    ibm:
+      products:
+        os/400: os_400
+        i5/os: i5os
+    juniper:
+      products:
+        junos_os: junos
+    linux:
+      products:
+        linux: linux_kernel
+    microsoft:
+      products:
+        windows_server_2003_datacenter_edition: windows_server_2003
+        windows_server_2003_r2: windows_server_2003
+        windows_2008_r2: windows_server_2008
+        windows_server_2008_datacenter_edition: windows_server_2008
+        windows_server_2008_r2: windows_server_2008
+        windows_server_2008_r2_datacenter_edition: windows_server_2008
+        windows_server_2012_r2: windows_server_2012
+        nt: windows_nt
+        windows_nt_desktop: windows_nt
+        windows_nt_server: windows_nt
+        windows_server_2000: windows_2000
+        windows_2000_server: windows_2000
+        windows_2000_datacenter_server: windows_2000
+    oracle:
+      products:
+        ilom: integrated_lights_out_manager_firmware
+    palo_alto_networks:
+      vendor: paloaltonetworks
+    red_hat:
+      vendor: redhat
+      products:
+        fedora_core_linux: fedora_core
+    sun:
+      products:
+        solaris: sunos
+    ubiquiti:
+      vendor: ui
+    ubuntu:
+      vendor: canonical
+      products:
+        linux: ubuntu_linux
+    vmware:
+      products:
+        photon_linux: photon_os
+        vmware_esx_server: esx
+        vmware_esxi_server: esxi
+    wind_river:
+      vendor: windriver
+
+  # The following section contains CPE hardware or 'h' remappings. These will
+  # ONLY be used for mapping Recog 'hw' attributes.
+  h:
+    apple:
+      products:
+        imac_(retina_4k_21.5-inch_2019): imac
+        imac_(retina_5k_27-inch_2017): imac
+        imac_(retina_5k_27-inch_2019): imac
+        imac_(retina_5k_27-inch_2020): imac
+        macbook_air_(13-inch_2017): macbook_air
+        macbook_air_(m1_2020): macbook_air
+        macbook_air_(retina_13-inch_2018): macbook_air
+        macbook_air_(retina_13-inch_2019): macbook_air
+        macbook_air_(retina_13-inch_2020): macbook_air
+        macbook_pro_(13-inch_2018_four_thunderbolt_3_ports): macbook_pro
+        macbook_pro_(13-inch_2019_two_thunderbolt_3_ports): macbook_pro
+        macbook_pro_(13-inch_2020): macbook_pro
+        macbook_pro_(13-inch_m1_2020): macbook_pro
+        macbook_pro_(15-inch_2018): macbook_pro
+        macbook_pro_(15-inch_2019): macbook_pro
+        macbook_pro_(16-inch_2019): macbook_pro
+        macbook_pro_(retina_13-inch_early_2015): macbook_pro
+        macbook_pro_(retina_15-inch_mid_2015): macbook_pro
+    cisco:
+      products:
+        nam: network_analysis_module
+    citrix:
+      products:
+        netscaler_sdx_gateway: netscaler_sdx
+    emc:
+      products:
+        celerra: celerra_network_attached_storage
+    hp:
+      products:
+        ilo: integrated_lights-out
+    kace:
+      vendor: dell
+      products:
+        k1000: kace_k1000_systems_management_appliance
+    tandberg:
+      vendor: cisco
+    ubiquiti:
+      vendor: ui