recog 2.3.17 → 2.3.21

data/identifiers/README.md

@@ -1,16 +1,27 @@
 # Recog: Identifiers
 
-This directory contains lists of standard identifiers for mapping Recog matches. The goal is define a standard set of constants to represent known software, hardware, vendors, and categories.
+This directory contains lists of standard identifiers for mapping Recog matches.
+The goal is define a standard set of constants to represent known software,
+hardware, vendors, and categories.
 
-This is currently incomplete and will be updated as standardization work moves forward.
+This is currently incomplete and will be updated as standardization work moves
+forward.
 
-Fingerprints should use these identifiers whenever possible; if a different name or syntax for a given identifier is preferred, this should be implemented in the application through a mapping function.
+Fingerprints should use these identifiers whenever possible; if a different name
+or syntax for a given identifier is preferred, this should be implemented in the
+application through a mapping function.
 
 ## Lists
 
+### Fields
+
+`fields.txt` defines the various fields (`os.vendor`, etc.) used to assert
+information about a match.
+
 ### Vendors
 
-`vendor.txt` defines known vendor names, covering services, operating systems, and hardware.
+`vendor.txt` defines known vendor names, covering services, operating systems,
+and hardware.
 
 ### Operating Systems
 
@@ -22,14 +33,14 @@ Fingerprints should use these identifiers whenever possible; if a different name
 
 `os_device.txt` defines known types of devices by function or purpose.
 
-
 ### Hardware
 
 `hw_product.txt` defines known hardware product names.
 
 `hw_family.txt` defines known hardware product families.
 
-`hw_device.txt` defines known types of devices by function or purpose (overlaps with `os_device.txt`).
+`hw_device.txt` defines known types of devices by function or purpose (overlaps
+with `os_device.txt`).
 
 ### Services
 
@@ -47,10 +58,13 @@ Fingerprints should use these identifiers whenever possible; if a different name
 
 ## Pending Work
 
-  * All existing fingerprints should be correlated against these lists to identify mismatches and updated accordingly.
+* All existing fingerprints should be correlated against these lists to
+  identify mismatches and updated accordingly.
 
-  * All net new identifiers from the existing fingerprints should be merged into these lists.
+* All net new identifiers from the existing fingerprints should be merged into
+these lists.
 
-  * All fingerprint assertions should be enumerated, documented, and standardized where possible (`host.mac`, etc).
+* All fingerprint assertions should be enumerated, documented, and standardized
+where possible (`host.mac`, etc).
 
-  * Hardware identifiers should be enumerated, consolidated, and standardized.
+* Hardware identifiers should be enumerated, consolidated, and standardized.

data/identifiers/fields.txt

@@ -0,0 +1,104 @@
+agilent.serial
+apache.info
+apache.variant
+apache.variant.version
+chromecast.capabilities
+chromecast.generation
+chromecast.serial_number
+cisco.imc_model
+cisco.serial_number
+cookie
+dell.service_tag
+extron.model
+fortinet.serial_number
+host.domain
+host.ip
+host.mac
+host.mac_eui64
+host.mac_local
+host.name
+host.time
+hw.certainty
+hw.cpe23
+hw.device
+hw.family
+hw.model
+hw.product
+hw.serial_number
+hw.series
+hw.vendor
+hw.version
+imail.eval
+jetty.info
+junction.cookie
+junction.name
+lenovo.machine_model
+lenovo.machine_type
+linux.kernel.version
+loadbalancer.poolname
+mdaemon.unregistered
+mercur.os.info
+metainfo.version
+metainfo.version.version
+ms.nttp.version
+notes.build.version
+ntmail.id
+openssh.comment
+openssh.cvepatch
+os.arch
+os.build
+os.certainty
+os.cpe23
+os.device
+os.edition
+os.family
+os.model
+os.product
+os.rev
+os.vendor
+os.version
+os.version.version
+os.version.version.version
+postfix.os.info
+postoffice.build
+postoffice.id
+procurve.model
+proftpd.server.name
+pureftpd.config
+python.version
+qpopper.version
+ruckus.serial_number
+securetransport.build
+sendmail.config.version
+sendmail.hpux.phne.version
+sendmail.vendor.version
+service.certainty
+service.component.cpe23
+service.component.family
+service.component.product
+service.component.vendor
+service.component.version
+service.cpe23
+service.device
+service.edition
+service.family
+service.node
+service.product
+service.protocol
+service.vendor
+service.version
+service.version.version
+service.version.version.version
+service.version.version.version.version
+siemens.model
+snmp.fpmib.oid.1
+snmp.fpmib.oid.2
+system.time
+system.time.format
+system.time.micros
+system.time.millis
+tandberg.model
+thttpd.mx-patch
+tomcat.info
+wd2go.device_id
+zmailer.ident

data/identifiers/hw_device.txt

@@ -22,6 +22,7 @@ Ethernet Adapter
 Firewall
 HMI Controller
 Handheld Scanner
+Hypervisor
 IP Camera
 IPS
 Industrial Control
@@ -45,6 +46,7 @@ Power Relay
 Powerline
 Print Server
 Printer
+Relay Controller
 Router
 SD-WAN Appliance
 SIP Device

data/identifiers/hw_family.txt

@@ -5,17 +5,20 @@ AirPort
 Apple TV
 Communication Manager
 DVR
+Data ONTAP
 DiskStation
 Document Centre
 EDR
 Extended Systems ExtendNet
 FRITZ!Box
+FRITZ!Fon
 FRITZ!Powerline
 FRITZ!WLAN Repeater
 FS
 Firewall-1
 Forms Printer
 FortiGate
+FortiVoice
 GW25
 GXV
 GXW
@@ -42,8 +45,11 @@ Multifunction
 My Book
 NE
 NPort
+NetScaler
 NetVanta
+Netscaler
 Network Audio
+Network Security Appliance
 Network Video Door Station
 Optra
 Orbi
@@ -59,6 +65,7 @@ Router
 S500 Range
 SIP Device
 SIP Gateway
+SL2100
 Service Access Switch
 Service Router
 Simatic HMI
@@ -79,9 +86,12 @@ TelePresence
 Time Capsule
 TippingPoint
 Turbo Station
+UNIVERGE
 UniFi
 Unified Security Gateway
+VDX
 VSX
+Vigor
 VoIP
 WD2GO
 WiMax
@@ -93,6 +103,7 @@ Xserve
 ZXDSL
 ZXHN
 ZXV
+airMAX
 iLO
 iMac
 iPad

data/identifiers/hw_product.txt

@@ -3,6 +3,7 @@
 34972A Data Logger
 3PAR
 53230A Frequency Counter
+883 VoIP
 ADB-4820CD
 APIC
 AV Receiver
@@ -19,6 +20,7 @@ Apple TV (2nd generation)
 Apple TV (3rd generation)
 Apple TV (4th generation)
 Apple TV 4K
+Apple TV 4K (2nd generation)
 Appliance
 ArchiveTeam Warrior
 Asset Management
@@ -35,15 +37,19 @@ Catalyst
 Catalyst 1900
 Celerra
 Chromecast
+ClearPass Policy Manager
 ClickShare
 CloudKey
 CommandPost
 ConnectUPS Web Card
 Crosswork SON Appliance
+D Series
+DCS-825L
 DCS-932
 DD OS
 DNA Center
 DSL Router
+Data ONTAP
 Digital Signage Player
 Discover
 Discovery
@@ -57,9 +63,12 @@ EP-series
 EXA Signal Analyzer
 Eagle Eye Director II
 EchoLife Home Gateway
+EdgeRouter X
 EdgeSwitch
 Elevation
+Email Security Gateway
 EqualLogic
+Ethernet Relay Controller
 Ethernet Relay Module
 Excella
 Fastmark M5
@@ -70,9 +79,20 @@ Firewall-1
 FlexiPacket Hub
 FortiMail
 FortiManager
+GXP1610
+GXP1615
+GXP1625
+GXP1628
+GXP2200
 GigaVUE
 HDHomeRun
 HDIPCam
+HT801
+HT802
+HT812
+HT813
+HT814
+HT818
 HiPer Access Router Card
 Home Controller
 Home Gateway
@@ -89,6 +109,7 @@ IP Link Control Processor
 IP2IR
 IPMI
 IVR
+Infinity Controler
 IntelliSlot Web Card
 Internet Payment Gateway
 Internet Phone Adapter
@@ -100,6 +121,7 @@ JetDirect
 K1000
 KWS-1043N
 Key Management
+Key Management Server
 Lantick Ethernet Relay Controller
 Lencore Sound Manager 2
 MDS 9000
@@ -115,6 +137,7 @@ Mac mini (Late 2009)
 Mac mini (Late 2012)
 Mac mini (Late 2014)
 Mac mini (Late 2018)
+Mac mini (M1, 2020)
 Mac mini (Mid 2007)
 Mac mini (Mid 2010)
 Mac mini (Mid 2011)
@@ -132,16 +155,20 @@ MacBook Air (13-inch, Early 2014)
 MacBook Air (13-inch, Late 2010)
 MacBook Air (13-inch, Mid 2011)
 MacBook Air (13-inch, Mid 2012)
+MacBook Air (M1, 2020)
 MacBook Air (Mid 2009)
 MacBook Air (Retina, 13-inch, 2018)
 MacBook Air (Retina, 13-inch, 2019)
+MacBook Air (Retina, 13-inch, 2020)
 MacBook Pro (13-inch, 2016, Four Thunderbolt 3 ports)
 MacBook Pro (13-inch, 2016, Two Thunderbolt 3 ports)
 MacBook Pro (13-inch, 2017, Four Thunderbolt 3 ports)
 MacBook Pro (13-inch, 2017, Two Thunderbolt 3 ports)
 MacBook Pro (13-inch, 2018, Four Thunderbolt 3 ports)
 MacBook Pro (13-inch, 2019, Two Thunderbolt 3 ports)
+MacBook Pro (13-inch, 2020)
 MacBook Pro (13-inch, Late 2011)
+MacBook Pro (13-inch, M1, 2020)
 MacBook Pro (13-inch, Mid 2009)
 MacBook Pro (13-inch, Mid 2010)
 MacBook Pro (13-inch, Mid 2012)
@@ -153,6 +180,8 @@ MacBook Pro (15-inch, Late 2008)
 MacBook Pro (15-inch, Late 2011)
 MacBook Pro (15-inch, Mid 2009)
 MacBook Pro (15-inch, Mid 2010)
+MacBook Pro (15-inch, Mid 2012)
+MacBook Pro (16-inch, 2019)
 MacBook Pro (17-inch, Early 2008)
 MacBook Pro (17-inch, Late 2011)
 MacBook Pro (17-inch, Mid 2009)
@@ -164,24 +193,32 @@ MacBook Pro (Retina, 15-inch, Early 2013)
 MacBook Pro (Retina, 15-inch, Late 2013)
 MacBook Pro (Retina, 15-inch, Mid 2015)
 Makito X Decoder
+Media Gateway
 MediaLink Controller
 MediaSense
 Meeting Management
 Meeting Server
 MegaRAC
+Meraki Device
 Mercury
 Mergepoint
 Miniserver
 My Book Live
 N5172B Signal Generator
+NAM
 NAS4Free
 NFVIS
 NPort
+NetScaler Gateway
+NetScaler SDX Gateway
 NetScreen
 NetVR
 Netbox
+Netscaler Gateway
+Network Camera
 Network Gateway
 Network Node
+Network Security Appliance
 Nexus 1000V
 Nexus Player
 OfficeConnect Switch
@@ -189,8 +226,10 @@ OnHub
 OpenManage
 OpenManage Switch
 OpenNAC
+Orbi micro
 Orbit IP Camera
 PDR M800
+PIAF Virtual Appliance
 PLAY
 PLC-5
 Paragon-100G
@@ -201,6 +240,8 @@ Prime Collaboration Manager
 Primergy
 Printer
 Prosafe Plus
+R Series
+RT31P2
 RTU
 Rack PDU Card
 Raspberry Pi
@@ -210,12 +251,18 @@ ReeCam
 Roku
 Room Alert
 S7 DALI Gateway
+SD-WAN
 SHIELD
 SIP Gateway
 SIParator Firewall
+SL2100
 SLS
 SPA
+SPA112
+SPA122
 SRP
+SV8100
+SV9100
 ScanFront
 Scrutinizer
 Sensor
@@ -230,6 +277,7 @@ SolsticePod
 SoundPoint
 Spot
 Stealthwatch
+Steelhead
 Storage Appliance
 Sub
 Sunny WebBox
@@ -238,6 +286,7 @@ SuperStack 3 Firewall
 SuperStack II
 Symmetry EN-2DBC
 System Management
+TG789vac
 TelePresence
 TelePresence MCU
 Tenable Appliance
@@ -245,13 +294,20 @@ Tenable Core
 Tetration
 Time Capsule
 TouchLink Control Panel
+UCM6202
+UCM6204
+UCM6208
 UCS Manager
+USG20-VPN
+USG40
+USG60
 UniFi Cloud Key
 UniFi NVR
 UniFi Security Gateway
 Univerge
 Universal Media Gateway
 VBrick Rev
+VPN Gateway
 Verizon FiOS Router
 Video Controller
 Vigor
@@ -259,6 +315,7 @@ Virtual Connect Manager
 Virtual Traffic Manager
 Vood
 WLAN AP
+WNR2000
 WebBox
 Whiteboard
 Wireless Dock
@@ -279,6 +336,8 @@ iCOM Control Panel
 iDRAC
 iLO
 iLO 3
+iLO 4
+iMac (20/24-inch, Early 2008)
 iMac (21.5-inch, 2017)
 iMac (21.5-inch, Late 2012)
 iMac (21.5-inch, Late 2013)
@@ -297,6 +356,7 @@ iMac (Retina 4K, 21.5-inch, 2019)
 iMac (Retina 4K, 21.5-inch, Late 2015)
 iMac (Retina 5K, 27-inch, 2017)
 iMac (Retina 5K, 27-inch, 2019)
+iMac (Retina 5K, 27-inch, 2020)
 iMac (Retina 5K, 27-inch, Late 2015)
 iMac (Retina 5K, 27-inch, Mid 2015)
 iMac Pro (Retina 5K, Late 2017)
@@ -308,7 +368,11 @@ iPad Air (3rd generation)
 iPad Air 2
 iPad Pro (10.5-inch)
 iPad Pro (11-inch)
+iPad Pro (11-inch, 2nd generation)
 iPad Pro (12.9-inch)
+iPad Pro (12.9-inch, 2nd generation)
+iPad Pro (12.9-inch, 3rd generation)
+iPad Pro (12.9-inch, 4th generation)
 iPad Pro (9.7-inch)
 iPad mini
 iPad mini (5th generation)
@@ -316,6 +380,12 @@ iPad mini 2
 iPad mini 3
 iPad mini 4
 iPhone
+iPhone 11 Pro
+iPhone 11 Pro Max
+iPhone 12 5G
+iPhone 12 Mini 5G
+iPhone 12 Pro 5G
+iPhone 12 Pro Max 5G
 iPhone 3G
 iPhone 3GS
 iPhone 4
@@ -332,6 +402,7 @@ iPhone 7 Plus
 iPhone 8
 iPhone 8 Plus
 iPhone SE
+iPhone SE (2020)
 iPhone X
 iPhone XR
 iPhone XS