recog 2.3.20 → 2.3.23
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/.github/dependabot.yml +8 -0
- data/.github/workflows/ci.yml +1 -1
- data/.github/workflows/verify.yml +89 -0
- data/.vscode/bin/monitor-recog-fingerprints.sh +54 -0
- data/.vscode/extensions.json +5 -0
- data/.vscode/settings.json +8 -0
- data/.vscode/tasks.json +77 -0
- data/CONTRIBUTING.md +8 -0
- data/README.md +17 -0
- data/bin/recog_standardize +28 -13
- data/bin/recog_verify +42 -8
- data/cpe-remap.yaml +62 -3
- data/features/data/schema_failure.xml +4 -0
- data/features/data/tests_with_failures.xml +6 -0
- data/features/support/hooks.rb +9 -0
- data/features/verify.feature +85 -21
- data/identifiers/fields.txt +6 -5
- data/identifiers/hw_device.txt +8 -0
- data/identifiers/hw_family.txt +8 -0
- data/identifiers/hw_product.txt +54 -0
- data/identifiers/os_device.txt +2 -0
- data/identifiers/os_family.txt +2 -0
- data/identifiers/os_product.txt +18 -2
- data/identifiers/service_product.txt +26 -0
- data/identifiers/vendor.txt +62 -1
- data/lib/recog/db.rb +2 -1
- data/lib/recog/fingerprint.rb +33 -6
- data/lib/recog/fingerprint_parse_error.rb +10 -0
- data/lib/recog/nizer.rb +1 -82
- data/lib/recog/verifier.rb +9 -9
- data/lib/recog/verify_reporter.rb +17 -6
- data/lib/recog/version.rb +1 -1
- data/requirements.txt +1 -1
- data/spec/data/external_example_fingerprint/hp_printer_ex_01.txt +1 -0
- data/spec/data/external_example_fingerprint/hp_printer_ex_02.txt +1 -0
- data/spec/data/external_example_fingerprint.xml +8 -0
- data/spec/data/external_example_illegal_path_fingerprint.xml +7 -0
- data/spec/lib/fingerprint_self_test_spec.rb +1 -0
- data/spec/lib/recog/db_spec.rb +84 -61
- data/spec/lib/recog/fingerprint_spec.rb +4 -4
- data/spec/lib/recog/verify_reporter_spec.rb +73 -4
- data/tools/dev/hooks/pre-commit +21 -0
- data/update_cpes.py +130 -37
- data/xml/apache_os.xml +98 -56
- data/xml/architecture.xml +15 -1
- data/xml/dhcp_vendor_class.xml +206 -0
- data/xml/dns_versionbind.xml +26 -13
- data/xml/favicons.xml +236 -47
- data/xml/fingerprints.xsd +9 -1
- data/xml/ftp_banners.xml +213 -197
- data/xml/h323_callresp.xml +101 -101
- data/xml/hp_pjl_id.xml +84 -84
- data/xml/html_title.xml +715 -45
- data/xml/http_cookies.xml +143 -80
- data/xml/http_servers.xml +510 -310
- data/xml/http_wwwauth.xml +177 -75
- data/xml/imap_banners.xml +10 -10
- data/xml/mdns_device-info_txt.xml +421 -26
- data/xml/mysql_banners.xml +3 -2
- data/xml/nntp_banners.xml +12 -9
- data/xml/ntp_banners.xml +97 -97
- data/xml/operating_system.xml +98 -83
- data/xml/pop_banners.xml +27 -27
- data/xml/rsh_resp.xml +3 -3
- data/xml/sip_banners.xml +46 -8
- data/xml/sip_user_agents.xml +180 -27
- data/xml/smb_native_lm.xml +5 -5
- data/xml/smb_native_os.xml +28 -25
- data/xml/smtp_banners.xml +258 -254
- data/xml/smtp_ehlo.xml +1 -1
- data/xml/smtp_help.xml +11 -11
- data/xml/smtp_noop.xml +2 -2
- data/xml/snmp_sysdescr.xml +1554 -1429
- data/xml/snmp_sysobjid.xml +27 -27
- data/xml/ssh_banners.xml +27 -20
- data/xml/telnet_banners.xml +256 -57
- data/xml/tls_jarm.xml +48 -6
- data/xml/x11_banners.xml +3 -3
- data/xml/x509_issuers.xml +69 -2
- data/xml/x509_subjects.xml +144 -33
- metadata +24 -4
- data/lib/recog/verifier_factory.rb +0 -13
data/xml/ntp_banners.xml
CHANGED
|
@@ -4,7 +4,7 @@
|
|
|
4
4
|
NTP "banners", taken from a readvar response
|
|
5
5
|
-->
|
|
6
6
|
|
|
7
|
-
<fingerprint pattern="
|
|
7
|
+
<fingerprint pattern="version=Domain Time II (\S+),hostname=([^,]+),.*system=Win2003.*,processor=(\S+)" flags="REG_DOT_NEWLINE,REG_ICASE">
|
|
8
8
|
<description>Greyware Automation Products, Inc. Domain Time II on Windows Server 2003</description>
|
|
9
9
|
<example service.version="5.1.b.20100331R" os.arch="x64" host.name="blah">
|
|
10
10
|
version=Domain Time II 5.1.b.20100331R,hostname=blah,domain=,flat=WORKGROUP,system=Win2003 x64,processor=x64
|
|
@@ -23,7 +23,7 @@
|
|
|
23
23
|
<param pos="0" name="os.cpe23" value="cpe:/o:microsoft:windows_server_2003:-"/>
|
|
24
24
|
</fingerprint>
|
|
25
25
|
|
|
26
|
-
<fingerprint pattern="
|
|
26
|
+
<fingerprint pattern="version=Domain Time II (\S+),hostname=([^,]+),.*system=Win2008R2.*,processor=(\S+)" flags="REG_DOT_NEWLINE,REG_ICASE">
|
|
27
27
|
<description>Greyware Automation Products, Inc. Domain Time II on Windows Server 2008 R2</description>
|
|
28
28
|
<example service.version="5.2.b.20120215R" os.arch="x64" host.name="blah">
|
|
29
29
|
version=Domain Time II 5.2.b.20120215R,hostname=blah,domain=blah,flat=blah,system=Win2008R2 x64,processor=x64
|
|
@@ -39,7 +39,7 @@
|
|
|
39
39
|
<param pos="0" name="os.cpe23" value="cpe:/o:microsoft:windows_server_2008:-"/>
|
|
40
40
|
</fingerprint>
|
|
41
41
|
|
|
42
|
-
<fingerprint pattern="
|
|
42
|
+
<fingerprint pattern="version=Domain Time II (\S+),hostname=([^,]+),.*system=Win2008.*,processor=(\S+)" flags="REG_DOT_NEWLINE,REG_ICASE">
|
|
43
43
|
<description>Greyware Automation Products, Inc. Domain Time II on Windows 2008</description>
|
|
44
44
|
<example service.version="5.2.b.20140303R" os.arch="x86" host.name="blah">
|
|
45
45
|
version=Domain Time II 5.2.b.20140303R,hostname=blah,domain=blah,flat=blah,system=Win2008,processor=x86
|
|
@@ -58,7 +58,7 @@
|
|
|
58
58
|
<param pos="0" name="os.cpe23" value="cpe:/o:microsoft:windows_server_2008:-"/>
|
|
59
59
|
</fingerprint>
|
|
60
60
|
|
|
61
|
-
<fingerprint pattern="
|
|
61
|
+
<fingerprint pattern="version=Domain Time II (\S+),hostname=([^,]+),.*system=Win2012.*,processor=(\S+)" flags="REG_DOT_NEWLINE,REG_ICASE">
|
|
62
62
|
<description>Greyware Automation Products, Inc. Domain Time II on Windows Server 2012</description>
|
|
63
63
|
<example service.version="5.2.b.20140101R" os.arch="x64" host.name="blah">
|
|
64
64
|
version=Domain Time II 5.2.b.20140101R,hostname=blah,domain=blah,flat=blah,system=Win2012 x64,processor=x64
|
|
@@ -74,7 +74,7 @@
|
|
|
74
74
|
<param pos="0" name="os.cpe23" value="cpe:/o:microsoft:windows_server_2012:-"/>
|
|
75
75
|
</fingerprint>
|
|
76
76
|
|
|
77
|
-
<fingerprint pattern="
|
|
77
|
+
<fingerprint pattern="version=Domain Time II (\S+),hostname=([^,]+),.*system=Win7.*,processor=(\S+)" flags="REG_DOT_NEWLINE,REG_ICASE">
|
|
78
78
|
<description>Greyware Automation Products, Inc. Domain Time II on Windows 7</description>
|
|
79
79
|
<example service.version="5.2.b.20130405R" os.arch="x64" host.name="blah">
|
|
80
80
|
version=Domain Time II 5.2.b.20130405R,hostname=blah,domain=,flat=WORKGROUP,system=Win7 x64,processor=x64
|
|
@@ -90,9 +90,9 @@
|
|
|
90
90
|
<param pos="0" name="os.cpe23" value="cpe:/o:microsoft:windows_7:-"/>
|
|
91
91
|
</fingerprint>
|
|
92
92
|
|
|
93
|
-
<fingerprint pattern="
|
|
93
|
+
<fingerprint pattern="version="ntpd (\S+)[^"]+",.*system="Equallogic \(R\) storage array"" flags="REG_DOT_NEWLINE,REG_ICASE">
|
|
94
94
|
<description>ntpd running on an EqualLogic Storage Array that includes the NTP version</description>
|
|
95
|
-
<example>
|
|
95
|
+
<example service.version="4.2.0-r">
|
|
96
96
|
version="ntpd 4.2.0-r Fri Feb 5 15:18:30 EST 2010 (1)",
|
|
97
97
|
processor="Working", system="EqualLogic (R) storage array", leap=0,
|
|
98
98
|
stratum=3, precision=-7, rootdelay=102.894, rootdispersion=245.154,
|
|
@@ -107,7 +107,7 @@
|
|
|
107
107
|
<param pos="0" name="os.product" value="Storage Array"/>
|
|
108
108
|
</fingerprint>
|
|
109
109
|
|
|
110
|
-
<fingerprint pattern="
|
|
110
|
+
<fingerprint pattern="system="Equallogic \(R\) storage array"" flags="REG_DOT_NEWLINE,REG_ICASE">
|
|
111
111
|
<description>ntpd running on an EqualLogic Storage Array that does not include the NTP version</description>
|
|
112
112
|
<example>
|
|
113
113
|
processor="Working", system="Equallogic (R) storage array", leap=3,
|
|
@@ -120,7 +120,7 @@
|
|
|
120
120
|
<param pos="0" name="os.product" value="Storage Array"/>
|
|
121
121
|
</fingerprint>
|
|
122
122
|
|
|
123
|
-
<fingerprint pattern="
|
|
123
|
+
<fingerprint pattern="version="ntpd ([^ ]+)[^"]+",.*processor="([^ ]+)",.*system="Linux/(?:[^ ]+\.ESX)"" flags="REG_DOT_NEWLINE,REG_ICASE">
|
|
124
124
|
<description>ntpd running on VMware ESX</description>
|
|
125
125
|
<example service.version="4.2.2p1@1.1570-o" os.arch="x86_64">
|
|
126
126
|
version="ntpd 4.2.2p1@1.1570-o Thu Nov 26 11:34:34 UTC 2009 (1)",
|
|
@@ -138,9 +138,9 @@
|
|
|
138
138
|
<param pos="0" name="hw.device" value="Hypervisor"/>
|
|
139
139
|
</fingerprint>
|
|
140
140
|
|
|
141
|
-
<fingerprint pattern="
|
|
141
|
+
<fingerprint pattern="version="ntpd ([^ ]+)[^"]+",.*processor="([^ ]+)",.*system="Linux/?([^ ]+)"" flags="REG_DOT_NEWLINE,REG_ICASE">
|
|
142
142
|
<description>ntpd running on Linux</description>
|
|
143
|
-
<example>
|
|
143
|
+
<example service.version="4.2.4p3@1.1502-o" os.arch="i686" os.version="2.4.29">
|
|
144
144
|
version="ntpd 4.2.4p3@1.1502-o Wed Jul 18 11:45:01 UTC 2007 (1)",
|
|
145
145
|
processor="i686", system="Linux/2.4.29", leap=00, stratum=3,
|
|
146
146
|
</example>
|
|
@@ -155,9 +155,9 @@
|
|
|
155
155
|
<param pos="0" name="os.cpe23" value="cpe:/o:linux:linux_kernel:{os.version}"/>
|
|
156
156
|
</fingerprint>
|
|
157
157
|
|
|
158
|
-
<fingerprint pattern="
|
|
158
|
+
<fingerprint pattern="version="ntpd ([^ ]+)[^"]+",.*processor="([^"]+)",.*system="Darwin/?6\.([^"]+)"" flags="REG_DOT_NEWLINE,REG_ICASE">
|
|
159
159
|
<description>ntpd running on Mac OSX 10.2/Jaguar</description>
|
|
160
|
-
<example service.version="4.1.1@1.786" os.version.version="8">
|
|
160
|
+
<example service.version="4.1.1@1.786" os.version.version="8" os.arch="Power Macintosh">
|
|
161
161
|
version="ntpd 4.1.1@1.786 Tue Nov 12 09:30:41 PST 2002 (1)", processor="Power Macintosh", system="Darwin6.8",
|
|
162
162
|
</example>
|
|
163
163
|
<param pos="0" name="service.family" value="NTP"/>
|
|
@@ -173,7 +173,7 @@
|
|
|
173
173
|
<param pos="0" name="os.cpe23" value="cpe:/o:apple:mac_os_x:10.2"/>
|
|
174
174
|
</fingerprint>
|
|
175
175
|
|
|
176
|
-
<fingerprint pattern="
|
|
176
|
+
<fingerprint pattern="version="ntpd ([^ ]+)[^"]+",.*processor="([^"]+)",.*system="Darwin/?7\.([^"]+)"" flags="REG_DOT_NEWLINE,REG_ICASE">
|
|
177
177
|
<description>ntpd running on Mac OSX 10.3/Panther</description>
|
|
178
178
|
<param pos="0" name="service.family" value="NTP"/>
|
|
179
179
|
<param pos="0" name="service.product" value="NTP"/>
|
|
@@ -188,9 +188,9 @@
|
|
|
188
188
|
<param pos="0" name="os.cpe23" value="cpe:/o:apple:mac_os_x:10.3"/>
|
|
189
189
|
</fingerprint>
|
|
190
190
|
|
|
191
|
-
<fingerprint pattern="
|
|
191
|
+
<fingerprint pattern="version="ntpd ([^ ]+)[^"]+",.*processor="([^"]+)",.*system="Darwin/?8\.([^"]+)"" flags="REG_DOT_NEWLINE,REG_ICASE">
|
|
192
192
|
<description>ntpd running on Mac OSX 10.4/Tiger</description>
|
|
193
|
-
<example>
|
|
193
|
+
<example service.version="4.2.0@1.1161-r" os.arch="i386" os.version.version="11.1">
|
|
194
194
|
version="ntpd 4.2.0@1.1161-r Fri Jan 13 11:36:23 PST 2006 (1)",
|
|
195
195
|
processor="i386", system="Darwin/8.11.1", leap=11, stratum=16,
|
|
196
196
|
</example>
|
|
@@ -207,9 +207,9 @@
|
|
|
207
207
|
<param pos="0" name="os.cpe23" value="cpe:/o:apple:mac_os_x:10.4"/>
|
|
208
208
|
</fingerprint>
|
|
209
209
|
|
|
210
|
-
<fingerprint pattern="
|
|
210
|
+
<fingerprint pattern="version="ntpd ([^ ]+)[^"]+",.*processor="([^"]+)",.*system="Darwin/?9\.([^"]+)"" flags="REG_DOT_NEWLINE,REG_ICASE">
|
|
211
211
|
<description>ntpd running on Mac OSX 10.5/Leopard</description>
|
|
212
|
-
<example>
|
|
212
|
+
<example service.version="4.2.2@1.1532-o" os.arch="Power Macintosh" os.version.version="0.0">
|
|
213
213
|
version="ntpd 4.2.2@1.1532-o Mon Sep 24 01:42:27 UTC 2007 (1)",
|
|
214
214
|
processor="Power Macintosh", system="Darwin/9.0.0", leap=3, stratum=16,
|
|
215
215
|
</example>
|
|
@@ -226,9 +226,9 @@
|
|
|
226
226
|
<param pos="0" name="os.cpe23" value="cpe:/o:apple:mac_os_x:10.5"/>
|
|
227
227
|
</fingerprint>
|
|
228
228
|
|
|
229
|
-
<fingerprint pattern="
|
|
229
|
+
<fingerprint pattern="version="ntpd ([^ ]+)[^"]+",.*processor="([^"]+)",.*system="Darwin/?10\.([^"]+)"" flags="REG_DOT_NEWLINE,REG_ICASE">
|
|
230
230
|
<description>ntpd running on Mac OSX 10.6/Snow Leopard</description>
|
|
231
|
-
<example>
|
|
231
|
+
<example service.version="4.2.4p4@1.1520-o" os.arch="i386" os.version.version="8.0">
|
|
232
232
|
version="ntpd 4.2.4p4@1.1520-o Mon May 18 19:38:25 UTC 2009 (1)",
|
|
233
233
|
processor="i386", system="Darwin/10.8.0", leap=0, stratum=3,
|
|
234
234
|
</example>
|
|
@@ -245,7 +245,7 @@
|
|
|
245
245
|
<param pos="0" name="os.cpe23" value="cpe:/o:apple:mac_os_x:10.6"/>
|
|
246
246
|
</fingerprint>
|
|
247
247
|
|
|
248
|
-
<fingerprint pattern="
|
|
248
|
+
<fingerprint pattern="processor="([^"]+)".*system="BSD/OS([\d.]+)"" flags="REG_DOT_NEWLINE,REG_ICASE">
|
|
249
249
|
<description>BSD/OS with a version and arch</description>
|
|
250
250
|
<example os.arch="i386" os.version="4.3.1">
|
|
251
251
|
processor="i386", system="BSD/OS4.3.1", leap=0, stratum=2
|
|
@@ -256,7 +256,7 @@
|
|
|
256
256
|
<param pos="2" name="os.version"/>
|
|
257
257
|
</fingerprint>
|
|
258
258
|
|
|
259
|
-
<fingerprint pattern="
|
|
259
|
+
<fingerprint pattern="system="BSD/OS"" flags="REG_DOT_NEWLINE,REG_ICASE">
|
|
260
260
|
<description>BSD/OS without a version or arch</description>
|
|
261
261
|
<example>
|
|
262
262
|
system="BSD/OS", leap=3, stratum=16, rootdelay=0.00
|
|
@@ -265,9 +265,9 @@
|
|
|
265
265
|
<param pos="0" name="os.product" value="BSD/OS"/>
|
|
266
266
|
</fingerprint>
|
|
267
267
|
|
|
268
|
-
<fingerprint pattern="
|
|
268
|
+
<fingerprint pattern="version="ntpd ([^ ]+)[^"]+",.*processor="([^"]+)",.*system="Darwin/?11\.([^"]+)"" flags="REG_DOT_NEWLINE,REG_ICASE">
|
|
269
269
|
<description>ntpd running on Mac OSX 10.7/Lion</description>
|
|
270
|
-
<example>
|
|
270
|
+
<example service.version="4.2.6@1.2089-o" os.arch="x86_64" os.version.version="2.0">
|
|
271
271
|
version="ntpd 4.2.6@1.2089-o Fri May 28 01:20:53 UTC 2010 (1)",
|
|
272
272
|
processor="x86_64", system="Darwin/11.2.0", leap=11, stratum=16,
|
|
273
273
|
</example>
|
|
@@ -284,7 +284,7 @@
|
|
|
284
284
|
<param pos="0" name="os.cpe23" value="cpe:/o:apple:mac_os_x:10.7"/>
|
|
285
285
|
</fingerprint>
|
|
286
286
|
|
|
287
|
-
<fingerprint pattern="
|
|
287
|
+
<fingerprint pattern="version="ntpd ([^ ]+)[^"]+",.*processor="([^"]+)",.*system="Darwin/?12\.([^"]+)"" flags="REG_DOT_NEWLINE,REG_ICASE">
|
|
288
288
|
<description>ntpd running on Mac OSX 10.8/Mountain Lion</description>
|
|
289
289
|
<example service.version="4.2.6@1.2089-o" os.arch="x86_64" os.version.version="1.0">
|
|
290
290
|
version="ntpd 4.2.6@1.2089-o Fri May 28 01:20:53 UTC 2010 (1)",
|
|
@@ -303,7 +303,7 @@
|
|
|
303
303
|
<param pos="0" name="os.cpe23" value="cpe:/o:apple:mac_os_x:10.8"/>
|
|
304
304
|
</fingerprint>
|
|
305
305
|
|
|
306
|
-
<fingerprint pattern="
|
|
306
|
+
<fingerprint pattern="version="ntpd ([^ ]+)[^"]+",.*processor="([^"]+)",.*system="Darwin/?13\.([^"]+)"" flags="REG_DOT_NEWLINE,REG_ICASE">
|
|
307
307
|
<description>ntpd running on Mac OSX 10.9/Mavericks</description>
|
|
308
308
|
<example service.version="4.2.6@1.2089-o" os.arch="x86_64" os.version.version="4.0">
|
|
309
309
|
version="ntpd 4.2.6@1.2089-o Fri May 28 01:20:53 UTC 2010 (1)",
|
|
@@ -322,7 +322,7 @@
|
|
|
322
322
|
<param pos="0" name="os.cpe23" value="cpe:/o:apple:mac_os_x:10.9"/>
|
|
323
323
|
</fingerprint>
|
|
324
324
|
|
|
325
|
-
<fingerprint pattern="
|
|
325
|
+
<fingerprint pattern="version="ntpd ([^ ]+)[^"]+",.*processor="([^"]+)",.*system="Darwin/?14\.([^"]+)"" flags="REG_DOT_NEWLINE,REG_ICASE">
|
|
326
326
|
<description>ntpd running on Mac OSX 10.10/Yosemite</description>
|
|
327
327
|
<example service.version="4.2.6@1.2089-o" os.arch="x86_64" os.version.version="3.0">
|
|
328
328
|
version="ntpd 4.2.6@1.2089-o Fri May 28 01:20:53 UTC 2010 (1)",
|
|
@@ -341,7 +341,7 @@
|
|
|
341
341
|
<param pos="0" name="os.cpe23" value="cpe:/o:apple:mac_os_x:10.10"/>
|
|
342
342
|
</fingerprint>
|
|
343
343
|
|
|
344
|
-
<fingerprint pattern="
|
|
344
|
+
<fingerprint pattern="version="ntpd ([^ p]+)(p[^ "]+)?[^"]+",.*processor="([^ ]+)",.*system="FreeBSD/?(?:[^ ]+-NETSCALER-([^ ]+))"" flags="REG_DOT_NEWLINE,REG_ICASE">
|
|
345
345
|
<description>ntpd running on Citrix Netscaler, which is based on FreeBSD</description>
|
|
346
346
|
<example service.version="4.2.6" service.version.version="p2@1.2194" os.arch="i386" os.version="9.3">
|
|
347
347
|
version="ntpd 4.2.6p2@1.2194 Wed Nov 24 15:54:11 UTC 2010 (1)",
|
|
@@ -365,9 +365,9 @@
|
|
|
365
365
|
<param pos="0" name="os.cpe23" value="cpe:/o:citrix:netscaler_firmware:{os.version}"/>
|
|
366
366
|
</fingerprint>
|
|
367
367
|
|
|
368
|
-
<fingerprint pattern="
|
|
368
|
+
<fingerprint pattern="version="ntpd ([^ ]+)[^"]+",.*processor="([^ ]+)",.*system="FreeBSD/?([^ ]+)"" flags="REG_DOT_NEWLINE,REG_ICASE">
|
|
369
369
|
<description>ntpd running on FreeBSD</description>
|
|
370
|
-
<example>
|
|
370
|
+
<example service.version="4.2.6p2@1.2194" os.arch="i386" os.version="7.4-PRERELEASE">
|
|
371
371
|
version="ntpd 4.2.6p2@1.2194 Wed Nov 24 15:54:11 UTC 2010 (1)",
|
|
372
372
|
processor="i386", system="FreeBSD/7.4-PRERELEASE", leap=00, stratum=3,
|
|
373
373
|
</example>
|
|
@@ -382,7 +382,7 @@
|
|
|
382
382
|
<param pos="0" name="os.cpe23" value="cpe:/o:freebsd:freebsd:{os.version}"/>
|
|
383
383
|
</fingerprint>
|
|
384
384
|
|
|
385
|
-
<fingerprint pattern="
|
|
385
|
+
<fingerprint pattern="processor="([^ ]+)",.*system="FreeBSD/?([^ ]+)"" flags="REG_DOT_NEWLINE,REG_ICASE">
|
|
386
386
|
<description>ntp without a version on FreeBSD</description>
|
|
387
387
|
<example os.arch="i386" os.version="4.1-RELEASE">
|
|
388
388
|
processor="i386", system="FreeBSD4.1-RELEASE"
|
|
@@ -398,9 +398,9 @@
|
|
|
398
398
|
<param pos="0" name="os.cpe23" value="cpe:/o:freebsd:freebsd:{os.version}"/>
|
|
399
399
|
</fingerprint>
|
|
400
400
|
|
|
401
|
-
<fingerprint pattern="
|
|
401
|
+
<fingerprint pattern="version="ntpd ([^ ]+)[^"]+",.*processor="([^ ]+)",.*system="NetBSD/?([^ ]+)"" flags="REG_DOT_NEWLINE,REG_ICASE">
|
|
402
402
|
<description>ntpd running on NetBSD</description>
|
|
403
|
-
<example>
|
|
403
|
+
<example service.version="4.2.4p6-o" os.arch="sparc64" os.version="5.0_STABLE">
|
|
404
404
|
version="ntpd 4.2.4p6-o Thu Jan 8 21:02:40 MET 2009 (import)",
|
|
405
405
|
processor="sparc64", system="NetBSD/5.0_STABLE", leap=00, stratum=1,
|
|
406
406
|
</example>
|
|
@@ -415,39 +415,39 @@
|
|
|
415
415
|
<param pos="0" name="os.cpe23" value="cpe:/o:netbsd:netbsd:{os.version}"/>
|
|
416
416
|
</fingerprint>
|
|
417
417
|
|
|
418
|
-
<fingerprint pattern="
|
|
418
|
+
<fingerprint pattern="processor="([^ ]+)",.*system="NetBSD/?([^ ]+)"" flags="REG_DOT_NEWLINE,REG_ICASE">
|
|
419
419
|
<description>ntpd running on NetBSD - variant 2</description>
|
|
420
420
|
<example os.arch="i386" os.version="1.5.3">
|
|
421
421
|
processor="i386", system="NetBSD1.5.3"
|
|
422
422
|
</example>
|
|
423
|
-
<example>
|
|
423
|
+
<example os.arch="i386" os.version="1.6">
|
|
424
424
|
processor="i386", system="NetBSD1.6"
|
|
425
425
|
</example>
|
|
426
|
-
<example>
|
|
426
|
+
<example os.arch="i386" os.version="1.6.1">
|
|
427
427
|
processor="i386", system="NetBSD1.6.1"
|
|
428
428
|
</example>
|
|
429
|
-
<example>
|
|
429
|
+
<example os.arch="i386" os.version="1.6.2_STABLE">
|
|
430
430
|
processor="i386", system="NetBSD1.6.2_STABLE"
|
|
431
431
|
</example>
|
|
432
|
-
<example>
|
|
432
|
+
<example os.arch="sbmips" os.version="3.0">
|
|
433
433
|
processor="sbmips", system="NetBSD3.0"
|
|
434
434
|
</example>
|
|
435
|
-
<example>
|
|
435
|
+
<example os.arch="se100" os.version="1.5.3">
|
|
436
436
|
processor="se100", system="NetBSD1.5.3"
|
|
437
437
|
</example>
|
|
438
|
-
<example>
|
|
438
|
+
<example os.arch="seil3" os.version="1.6.1_STABLE">
|
|
439
439
|
processor="seil3", system="NetBSD1.6.1_STABLE"
|
|
440
440
|
</example>
|
|
441
|
-
<example>
|
|
441
|
+
<example os.arch="seil3" os.version="1.6.2_STABLE">
|
|
442
442
|
processor="seil3", system="NetBSD1.6.2_STABLE"
|
|
443
443
|
</example>
|
|
444
|
-
<example>
|
|
444
|
+
<example os.arch="seil4" os.version="1.6.1_STABLE">
|
|
445
445
|
processor="seil4", system="NetBSD1.6.1_STABLE"
|
|
446
446
|
</example>
|
|
447
|
-
<example>
|
|
447
|
+
<example os.arch="seil4" os.version="1.6.2_STABLE">
|
|
448
448
|
processor="seil4", system="NetBSD1.6.2_STABLE"
|
|
449
449
|
</example>
|
|
450
|
-
<example>
|
|
450
|
+
<example os.arch="siara2k" os.version="1.5.3">
|
|
451
451
|
processor="siara2k", system="NetBSD1.5.3"
|
|
452
452
|
</example>
|
|
453
453
|
<param pos="0" name="os.vendor" value="NetBSD"/>
|
|
@@ -458,7 +458,7 @@
|
|
|
458
458
|
<param pos="0" name="os.cpe23" value="cpe:/o:netbsd:netbsd:{os.version}"/>
|
|
459
459
|
</fingerprint>
|
|
460
460
|
|
|
461
|
-
<fingerprint pattern="
|
|
461
|
+
<fingerprint pattern="system="NetWare"" flags="REG_DOT_NEWLINE,REG_ICASE">
|
|
462
462
|
<description>NetWare</description>
|
|
463
463
|
<example>
|
|
464
464
|
system="NetWare", leap=0, stratum=2, rootdelay=0.12
|
|
@@ -469,7 +469,7 @@
|
|
|
469
469
|
<param pos="0" name="os.cpe23" value="cpe:/o:novell:netware:-"/>
|
|
470
470
|
</fingerprint>
|
|
471
471
|
|
|
472
|
-
<fingerprint pattern="
|
|
472
|
+
<fingerprint pattern="version="ntpd ([^ ]+)[^"]+",.*processor="([^ ]+)",.*system="SunOS/?5.0"" flags="REG_DOT_NEWLINE,REG_ICASE">
|
|
473
473
|
<description>ntpd running on Solaris 2.0 (SunOS/5.0) </description>
|
|
474
474
|
<example service.version="4.2.0@1.1161-r" os.arch="sun4u">
|
|
475
475
|
version="ntpd 4.2.0@1.1161-r Wed Apr 20 11:28:05 EDT 2005 (1)",
|
|
@@ -490,7 +490,7 @@
|
|
|
490
490
|
<param pos="0" name="os.cpe23" value="cpe:/o:sun:solaris:2.0"/>
|
|
491
491
|
</fingerprint>
|
|
492
492
|
|
|
493
|
-
<fingerprint pattern="
|
|
493
|
+
<fingerprint pattern="version="ntpd ([^ ]+)[^"]+",.*processor="([^ ]+)",.*system="SunOS/?5.1"" flags="REG_DOT_NEWLINE,REG_ICASE">
|
|
494
494
|
<description> ntpd running on Solaris 2.1 (SunOS/5.1) </description>
|
|
495
495
|
<example service.version="4.2.0@1.1161-r" os.arch="sun4u">
|
|
496
496
|
version="ntpd 4.2.0@1.1161-r Wed Apr 20 11:28:05 EDT 2005 (1)",
|
|
@@ -511,7 +511,7 @@
|
|
|
511
511
|
<param pos="0" name="os.cpe23" value="cpe:/o:sun:solaris:2.1"/>
|
|
512
512
|
</fingerprint>
|
|
513
513
|
|
|
514
|
-
<fingerprint pattern="
|
|
514
|
+
<fingerprint pattern="version="ntpd ([^ ]+)[^"]+",.*processor="([^ ]+)",.*system="SunOS/?5.2"" flags="REG_DOT_NEWLINE,REG_ICASE">
|
|
515
515
|
<description> ntpd running on Solaris 2.2 (SunOS/5.2) </description>
|
|
516
516
|
<example service.version="4.2.0@1.1161-r" os.arch="sun4u">
|
|
517
517
|
version="ntpd 4.2.0@1.1161-r Wed Apr 20 11:28:05 EDT 2005 (1)",
|
|
@@ -532,7 +532,7 @@
|
|
|
532
532
|
<param pos="0" name="os.cpe23" value="cpe:/o:sun:solaris:2.2"/>
|
|
533
533
|
</fingerprint>
|
|
534
534
|
|
|
535
|
-
<fingerprint pattern="
|
|
535
|
+
<fingerprint pattern="version="ntpd ([^ ]+)[^"]+",.*processor="([^ ]+)",.*system="SunOS/?5.3"" flags="REG_DOT_NEWLINE,REG_ICASE">
|
|
536
536
|
<description> ntpd running on Solaris 2.3 (SunOS/5.3) </description>
|
|
537
537
|
<example service.version="4.2.0@1.1161-r" os.arch="sun4u">
|
|
538
538
|
version="ntpd 4.2.0@1.1161-r Wed Apr 20 11:28:05 EDT 2005 (1)",
|
|
@@ -553,7 +553,7 @@
|
|
|
553
553
|
<param pos="0" name="os.cpe23" value="cpe:/o:sun:solaris:2.3"/>
|
|
554
554
|
</fingerprint>
|
|
555
555
|
|
|
556
|
-
<fingerprint pattern="
|
|
556
|
+
<fingerprint pattern="version="ntpd ([^ ]+)[^"]+",.*processor="([^ ]+)",.*system="SunOS/?5.4"" flags="REG_DOT_NEWLINE,REG_ICASE">
|
|
557
557
|
<description>ntpd running on Solaris 2.4 (SunOS/5.4) </description>
|
|
558
558
|
<example service.version="4.2.0@1.1161-r" os.arch="sun4u">
|
|
559
559
|
version="ntpd 4.2.0@1.1161-r Wed Apr 20 11:28:05 EDT 2005 (1)",
|
|
@@ -574,7 +574,7 @@
|
|
|
574
574
|
<param pos="0" name="os.cpe23" value="cpe:/o:sun:solaris:2.4"/>
|
|
575
575
|
</fingerprint>
|
|
576
576
|
|
|
577
|
-
<fingerprint pattern="
|
|
577
|
+
<fingerprint pattern="version="ntpd ([^ ]+)[^"]+",.*processor="([^ ]+)",.*system="SunOS/?5.5"" flags="REG_DOT_NEWLINE,REG_ICASE">
|
|
578
578
|
<description>ntpd running on Solaris 2.5 (SunOS/5.5) </description>
|
|
579
579
|
<example service.version="4.2.0@1.1161-r" os.arch="sun4u">
|
|
580
580
|
version="ntpd 4.2.0@1.1161-r Wed Apr 20 11:28:05 EDT 2005 (1)",
|
|
@@ -595,7 +595,7 @@
|
|
|
595
595
|
<param pos="0" name="os.cpe23" value="cpe:/o:sun:solaris:2.5"/>
|
|
596
596
|
</fingerprint>
|
|
597
597
|
|
|
598
|
-
<fingerprint pattern="
|
|
598
|
+
<fingerprint pattern="version="ntpd ([^ ]+)[^"]+",.*processor="([^ ]+)",.*system="SunOS/?5.6"" flags="REG_DOT_NEWLINE,REG_ICASE">
|
|
599
599
|
<description>ntpd running on Solaris 2.6 (SunOS/5.6) </description>
|
|
600
600
|
<example service.version="4.2.0@1.1161-r" os.arch="sun4u">
|
|
601
601
|
version="ntpd 4.2.0@1.1161-r Wed Apr 20 11:28:05 EDT 2005 (1)",
|
|
@@ -616,7 +616,7 @@
|
|
|
616
616
|
<param pos="0" name="os.cpe23" value="cpe:/o:sun:solaris:2.6"/>
|
|
617
617
|
</fingerprint>
|
|
618
618
|
|
|
619
|
-
<fingerprint pattern="
|
|
619
|
+
<fingerprint pattern="version="ntpd ([^ ]+)[^"]+",.*processor="([^ ]+)",.*system="SunOS/?5.(1[1-9])"" flags="REG_DOT_NEWLINE,REG_ICASE">
|
|
620
620
|
<description>ntpd running on Solaris 11 or above (SunOS/5.11 and above) </description>
|
|
621
621
|
<example service.version="4.2.0@1.1161-r" os.arch="sun4u" os.version="11">
|
|
622
622
|
version="ntpd 4.2.0@1.1161-r Wed Apr 20 11:28:05 EDT 2005 (1)",
|
|
@@ -637,7 +637,7 @@
|
|
|
637
637
|
<param pos="0" name="os.cpe23" value="cpe:/o:oracle:solaris:{os.version}"/>
|
|
638
638
|
</fingerprint>
|
|
639
639
|
|
|
640
|
-
<fingerprint pattern="
|
|
640
|
+
<fingerprint pattern="version="ntpd ([^ ]+)[^"]+",.*processor="([^ ]+)",.*system="SunOS/?5.([789]|10)"" flags="REG_DOT_NEWLINE,REG_ICASE">
|
|
641
641
|
<description>ntpd running on Solaris 7-Solaris 10 (SunOS/5.7 - SunOS/5.10) </description>
|
|
642
642
|
<example service.version="4.2.0@1.1161-r" os.arch="sun4u" os.version="7">
|
|
643
643
|
version="ntpd 4.2.0@1.1161-r Wed Apr 20 11:28:05 EDT 2005 (1)",
|
|
@@ -666,7 +666,7 @@
|
|
|
666
666
|
<param pos="0" name="os.cpe23" value="cpe:/o:sun:solaris:{os.version}"/>
|
|
667
667
|
</fingerprint>
|
|
668
668
|
|
|
669
|
-
<fingerprint pattern="
|
|
669
|
+
<fingerprint pattern="processor="([^ ]+)",.*system="SunOS/?5.0"" flags="REG_DOT_NEWLINE,REG_ICASE">
|
|
670
670
|
<description>Solaris 2.0 (SunOS/5.0) with no ntp version</description>
|
|
671
671
|
<example os.arch="sun4m">
|
|
672
672
|
processor="sun4m", system="SunOS/5.0"
|
|
@@ -682,7 +682,7 @@
|
|
|
682
682
|
<param pos="0" name="os.cpe23" value="cpe:/o:sun:solaris:2.0"/>
|
|
683
683
|
</fingerprint>
|
|
684
684
|
|
|
685
|
-
<fingerprint pattern="
|
|
685
|
+
<fingerprint pattern="processor="([^ ]+)",.*system="SunOS/?5.1"" flags="REG_DOT_NEWLINE,REG_ICASE">
|
|
686
686
|
<description>Solaris 2.1 (SunOS/5.1) with no ntp version</description>
|
|
687
687
|
<example os.arch="sun4m">
|
|
688
688
|
processor="sun4m", system="SunOS/5.1"
|
|
@@ -698,7 +698,7 @@
|
|
|
698
698
|
<param pos="0" name="os.cpe23" value="cpe:/o:sun:solaris:2.1"/>
|
|
699
699
|
</fingerprint>
|
|
700
700
|
|
|
701
|
-
<fingerprint pattern="
|
|
701
|
+
<fingerprint pattern="processor="([^ ]+)",.*system="SunOS/?5.2"" flags="REG_DOT_NEWLINE,REG_ICASE">
|
|
702
702
|
<description>Solaris 2.2 (SunOS/5.2) with no ntp version</description>
|
|
703
703
|
<example os.arch="sun4m">
|
|
704
704
|
processor="sun4m", system="SunOS/5.2"
|
|
@@ -714,7 +714,7 @@
|
|
|
714
714
|
<param pos="0" name="os.cpe23" value="cpe:/o:sun:solaris:2.2"/>
|
|
715
715
|
</fingerprint>
|
|
716
716
|
|
|
717
|
-
<fingerprint pattern="
|
|
717
|
+
<fingerprint pattern="processor="([^ ]+)",.*system="SunOS/?5.3"" flags="REG_DOT_NEWLINE,REG_ICASE">
|
|
718
718
|
<description>Solaris 2.3 (SunOS/5.3) with no ntp version</description>
|
|
719
719
|
<example os.arch="sun4m">
|
|
720
720
|
processor="sun4m", system="SunOS/5.3"
|
|
@@ -730,7 +730,7 @@
|
|
|
730
730
|
<param pos="0" name="os.cpe23" value="cpe:/o:sun:solaris:2.3"/>
|
|
731
731
|
</fingerprint>
|
|
732
732
|
|
|
733
|
-
<fingerprint pattern="
|
|
733
|
+
<fingerprint pattern="processor="([^ ]+)",.*system="SunOS/?5.4"" flags="REG_DOT_NEWLINE,REG_ICASE">
|
|
734
734
|
<description>Solaris 2.4 (SunOS/5.4) with no ntp version</description>
|
|
735
735
|
<example os.arch="sun4m">
|
|
736
736
|
processor="sun4m", system="SunOS/5.4"
|
|
@@ -746,7 +746,7 @@
|
|
|
746
746
|
<param pos="0" name="os.cpe23" value="cpe:/o:sun:solaris:2.4"/>
|
|
747
747
|
</fingerprint>
|
|
748
748
|
|
|
749
|
-
<fingerprint pattern="
|
|
749
|
+
<fingerprint pattern="processor="([^ ]+)",.*system="SunOS/?5.5"" flags="REG_DOT_NEWLINE,REG_ICASE">
|
|
750
750
|
<description>Solaris 2.5 (SunOS/5.5) with no ntp version</description>
|
|
751
751
|
<example os.arch="sun4m">
|
|
752
752
|
processor="sun4m", system="SunOS/5.5"
|
|
@@ -762,7 +762,7 @@
|
|
|
762
762
|
<param pos="0" name="os.cpe23" value="cpe:/o:sun:solaris:2.5"/>
|
|
763
763
|
</fingerprint>
|
|
764
764
|
|
|
765
|
-
<fingerprint pattern="
|
|
765
|
+
<fingerprint pattern="processor="([^ ]+)",.*system="SunOS/?5.6"" flags="REG_DOT_NEWLINE,REG_ICASE">
|
|
766
766
|
<description>Solaris 2.6 (SunOS/5.6) with no ntp version</description>
|
|
767
767
|
<example os.arch="sun4m">
|
|
768
768
|
processor="sun4m", system="SunOS/5.6"
|
|
@@ -778,7 +778,7 @@
|
|
|
778
778
|
<param pos="0" name="os.cpe23" value="cpe:/o:sun:solaris:2.6"/>
|
|
779
779
|
</fingerprint>
|
|
780
780
|
|
|
781
|
-
<fingerprint pattern="
|
|
781
|
+
<fingerprint pattern="processor="([^ ]+)",.*system="SunOS/?5.([789]|10)"" flags="REG_DOT_NEWLINE,REG_ICASE">
|
|
782
782
|
<description>Solaris 7-10 (SunOS/5.7 - SunOS/5.10) with no ntp version</description>
|
|
783
783
|
<example os.arch="sun4m" os.version="7">
|
|
784
784
|
processor="sun4m", system="SunOS/5.7"
|
|
@@ -800,7 +800,7 @@
|
|
|
800
800
|
<param pos="0" name="os.cpe23" value="cpe:/o:sun:solaris:{os.version}"/>
|
|
801
801
|
</fingerprint>
|
|
802
802
|
|
|
803
|
-
<fingerprint pattern="
|
|
803
|
+
<fingerprint pattern="processor="([^ ]+)",.*system="SunOS/?5.(1[1-9])"" flags="REG_DOT_NEWLINE,REG_ICASE">
|
|
804
804
|
<description>Solaris 11 and up with no ntp version</description>
|
|
805
805
|
<example os.arch="sun4m" os.version="11">
|
|
806
806
|
processor="sun4m", system="SunOS/5.11"
|
|
@@ -816,9 +816,9 @@
|
|
|
816
816
|
<param pos="0" name="os.cpe23" value="cpe:/o:oracle:solaris:{os.version}"/>
|
|
817
817
|
</fingerprint>
|
|
818
818
|
|
|
819
|
-
<fingerprint pattern="
|
|
819
|
+
<fingerprint pattern="system="UNIX/SunOS ([^ ]+)"" flags="REG_DOT_NEWLINE,REG_ICASE">
|
|
820
820
|
<description>SunOS with no ntp version</description>
|
|
821
|
-
<example>
|
|
821
|
+
<example os.version="4.x">
|
|
822
822
|
system="UNIX/SunOS 4.x",
|
|
823
823
|
</example>
|
|
824
824
|
<param pos="0" name="os.vendor" value="Sun"/>
|
|
@@ -828,9 +828,9 @@
|
|
|
828
828
|
<param pos="0" name="os.cpe23" value="cpe:/o:sun:solaris:{os.version}"/>
|
|
829
829
|
</fingerprint>
|
|
830
830
|
|
|
831
|
-
<fingerprint pattern="
|
|
831
|
+
<fingerprint pattern="version="ntpd ([^ ]+)[^"]+",.*processor="([^ ]+)",.*system="JUNOS/?([^ ]+)"" flags="REG_DOT_NEWLINE,REG_ICASE">
|
|
832
832
|
<description>ntpd running on Juniper/Netscreen JunOS</description>
|
|
833
|
-
<example>
|
|
833
|
+
<example service.version="4.2.0-a" os.arch="i386" os.version="9.3R4.4">
|
|
834
834
|
version="ntpd 4.2.0-a Wed Aug 12 04:22:47 UTC 2009 (1)",
|
|
835
835
|
processor="i386", system="JUNOS9.3R4.4", leap=11, stratum=16,
|
|
836
836
|
</example>
|
|
@@ -858,13 +858,13 @@
|
|
|
858
858
|
<param pos="0" name="os.cpe23" value="cpe:/o:juniper:junos:{os.version}"/>
|
|
859
859
|
</fingerprint>
|
|
860
860
|
|
|
861
|
-
<fingerprint pattern="
|
|
861
|
+
<fingerprint pattern="version="ntpd ([^ ]+)[^"]+",.*processor="([^ ]+)",.*system="Windows/?([^ ]+)?"" flags="REG_DOT_NEWLINE,REG_ICASE">
|
|
862
862
|
<description>ntpd running on Windows</description>
|
|
863
|
-
<example>
|
|
863
|
+
<example service.version="4.2.4p7@copenhagen-o" os.arch="x86">
|
|
864
864
|
version="ntpd 4.2.4p7@copenhagen-o May 22 11:25:36 (UTC+02:00) 2009 (3)",
|
|
865
865
|
processor="x86", system="Windows", leap=00, stratum=2, precision=-19,
|
|
866
866
|
</example>
|
|
867
|
-
<example>
|
|
867
|
+
<example service.version="4.2.4p4@1.1520-modena-o" os.arch="unknown" os.version="NT">
|
|
868
868
|
version="ntpd 4.2.4p4@1.1520-modena-o Dec 05 9:35:28 (UTC+01:00) 2007 (11)",
|
|
869
869
|
processor="unknown", system="WINDOWS/NT", leap=00, stratum=2,
|
|
870
870
|
</example>
|
|
@@ -879,9 +879,9 @@
|
|
|
879
879
|
<param pos="0" name="os.cpe23" value="cpe:/o:microsoft:windows:{os.version}"/>
|
|
880
880
|
</fingerprint>
|
|
881
881
|
|
|
882
|
-
<fingerprint pattern="
|
|
882
|
+
<fingerprint pattern="version="ntpd ([^ ]+)[^"]+",.*processor="([^ ]+)",.*system="HP-UX/?([^ ]+)?"" flags="REG_DOT_NEWLINE,REG_ICASE">
|
|
883
883
|
<description>ntpd running on HP-UX</description>
|
|
884
|
-
<example>
|
|
884
|
+
<example service.version="4.2.2@1.1532-o" os.arch="9000/800" os.version="B.11.11">
|
|
885
885
|
version="ntpd 4.2.2@1.1532-o Wed Sep 6 16:49:43 EDT 2006 (2)",
|
|
886
886
|
processor="9000/800", system="HP-UX/B.11.11", leap=00, stratum=1,
|
|
887
887
|
</example>
|
|
@@ -896,7 +896,7 @@
|
|
|
896
896
|
<param pos="0" name="os.cpe23" value="cpe:/o:hp:hp-ux:{os.version}"/>
|
|
897
897
|
</fingerprint>
|
|
898
898
|
|
|
899
|
-
<fingerprint pattern="
|
|
899
|
+
<fingerprint pattern="version="ntpd ([^ ]+)[^"]+",.*processor=,.*system="HP-UX/"" flags="REG_DOT_NEWLINE,REG_ICASE">
|
|
900
900
|
<description>ntpd running on HP-UX with an empty processor</description>
|
|
901
901
|
<example service.version="4.2.6">
|
|
902
902
|
version="ntpd 4.2.6 Revision 0.0 Tue Nov 5 14:21:22 UTC 2012",
|
|
@@ -911,9 +911,9 @@
|
|
|
911
911
|
<param pos="0" name="os.cpe23" value="cpe:/o:hp:hp-ux:-"/>
|
|
912
912
|
</fingerprint>
|
|
913
913
|
|
|
914
|
-
<fingerprint pattern="
|
|
914
|
+
<fingerprint pattern="version="ntpd ([^ ]+)[^"]+",.*processor="[^ ]+",.*system="([^ ]+)-hp-hpux([^ ]+)"" flags="REG_DOT_NEWLINE,REG_ICASE">
|
|
915
915
|
<description>ntpd running on HP-UX, where the processor is in the 'system' variable</description>
|
|
916
|
-
<example>
|
|
916
|
+
<example service.version="4.2.5p154@1.1802" os.arch="ia64" os.version="11.31">
|
|
917
917
|
version="ntpd 4.2.5p154@1.1802 Tue Mar 22 22:09:00 UTC 2011 (39)",
|
|
918
918
|
processor="unknown", system="ia64-hp-hpux11.31", leap=00, stratum=1,
|
|
919
919
|
</example>
|
|
@@ -933,9 +933,9 @@
|
|
|
933
933
|
all versions 5.x were ESXi only.
|
|
934
934
|
-->
|
|
935
935
|
|
|
936
|
-
<fingerprint pattern="
|
|
936
|
+
<fingerprint pattern="version="ntpd ([^ ]+)[^"]+",.*processor="([^ ]+)",.*system="VMkernel/?([^ ]+)?"" flags="REG_DOT_NEWLINE,REG_ICASE">
|
|
937
937
|
<description>ntpd running on VMware ESXi</description>
|
|
938
|
-
<example>
|
|
938
|
+
<example service.version="4.2.4p6@1.1495" os.arch="x86_64" os.version="4.1.0">
|
|
939
939
|
version="ntpd 4.2.4p6@1.1495 Wed Sep 22 02:33:15 UTC 2010 (1)",
|
|
940
940
|
processor="x86_64", system="VMkernel/4.1.0", leap=11, stratum=16,
|
|
941
941
|
</example>
|
|
@@ -952,7 +952,7 @@
|
|
|
952
952
|
<param pos="0" name="hw.device" value="Hypervisor"/>
|
|
953
953
|
</fingerprint>
|
|
954
954
|
|
|
955
|
-
<fingerprint pattern="
|
|
955
|
+
<fingerprint pattern="processor="([^ ]+)",.*system="OSF1[/V]?([^ ]+)"" flags="REG_DOT_NEWLINE,REG_ICASE">
|
|
956
956
|
<description>ntpd running on OSF/1</description>
|
|
957
957
|
<example os.arch="alpha" os.version="4.0">
|
|
958
958
|
processor="alpha", system="OSF1V4.0", leap=00, stratum=1, precision=-18,
|
|
@@ -965,7 +965,7 @@
|
|
|
965
965
|
<param pos="1" name="os.arch"/>
|
|
966
966
|
</fingerprint>
|
|
967
967
|
|
|
968
|
-
<fingerprint pattern="
|
|
968
|
+
<fingerprint pattern="system="UNIX/DECOSF1"" flags="REG_DOT_NEWLINE,REG_ICASE">
|
|
969
969
|
<description>DEC OSF/1</description>
|
|
970
970
|
<example>
|
|
971
971
|
system="UNIX/DECOSF1", leap=0, stratum=3, rootdelay=18.14,
|
|
@@ -974,7 +974,7 @@
|
|
|
974
974
|
<param pos="0" name="os.product" value="OSF/1"/>
|
|
975
975
|
</fingerprint>
|
|
976
976
|
|
|
977
|
-
<fingerprint pattern="
|
|
977
|
+
<fingerprint pattern="system="Linux"" flags="REG_DOT_NEWLINE,REG_ICASE">
|
|
978
978
|
<description>Linux with NTP enabled, no processor/version</description>
|
|
979
979
|
<example>
|
|
980
980
|
system="Linux", leap=00, stratum=2, rootdelay=6.480,
|
|
@@ -987,7 +987,7 @@
|
|
|
987
987
|
<param pos="0" name="service.product" value="NTP"/>
|
|
988
988
|
</fingerprint>
|
|
989
989
|
|
|
990
|
-
<fingerprint pattern="
|
|
990
|
+
<fingerprint pattern="system="UNIX/AIX"" flags="REG_DOT_NEWLINE,REG_ICASE">
|
|
991
991
|
<description>AIX with NTP enabled, no processor/version</description>
|
|
992
992
|
<example>
|
|
993
993
|
system="UNIX/AIX", leap=00, stratum=3, rootdelay=2.000,
|
|
@@ -1001,7 +1001,7 @@
|
|
|
1001
1001
|
<param pos="0" name="service.vendor" value="IBM"/>
|
|
1002
1002
|
</fingerprint>
|
|
1003
1003
|
|
|
1004
|
-
<fingerprint pattern="
|
|
1004
|
+
<fingerprint pattern="system="SunOS"" flags="REG_DOT_NEWLINE,REG_ICASE">
|
|
1005
1005
|
<description>Solaris with NTP enabled, no processor/version</description>
|
|
1006
1006
|
<example>
|
|
1007
1007
|
system="SunOS", leap=00, stratum=1, rootdelay=0.000,
|
|
@@ -1015,7 +1015,7 @@
|
|
|
1015
1015
|
<param pos="0" name="service.vendor" value="Sun"/>
|
|
1016
1016
|
</fingerprint>
|
|
1017
1017
|
|
|
1018
|
-
<fingerprint pattern="
|
|
1018
|
+
<fingerprint pattern="system="cisco"" flags="REG_DOT_NEWLINE,REG_ICASE">
|
|
1019
1019
|
<description>Cisco IOS with NTP enabled</description>
|
|
1020
1020
|
<example>
|
|
1021
1021
|
system="cisco", leap=00, stratum=2, rootdelay=39.900,
|
|
@@ -1029,9 +1029,9 @@
|
|
|
1029
1029
|
<param pos="0" name="service.vendor" value="Cisco"/>
|
|
1030
1030
|
</fingerprint>
|
|
1031
1031
|
|
|
1032
|
-
<fingerprint pattern="
|
|
1032
|
+
<fingerprint pattern="system="Data ONTAP/+(\S+)"" flags="REG_DOT_NEWLINE,REG_ICASE">
|
|
1033
1033
|
<description>NetApp file servers</description>
|
|
1034
|
-
<example>
|
|
1034
|
+
<example os.version="8.1RC2">
|
|
1035
1035
|
system="Data ONTAP/8.1RC2"
|
|
1036
1036
|
</example>
|
|
1037
1037
|
<param pos="0" name="os.vendor" value="NetApp"/>
|
|
@@ -1110,7 +1110,7 @@
|
|
|
1110
1110
|
|
|
1111
1111
|
<fingerprint pattern="system="UNIX/Unixware([^ ]+)"" flags="REG_ICASE">
|
|
1112
1112
|
<description>SCO Unixware NTP</description>
|
|
1113
|
-
<example>
|
|
1113
|
+
<example os.product="2">
|
|
1114
1114
|
system="UNIX/Unixware2", leap=3, stratum=16, rootdelay=0.00,
|
|
1115
1115
|
rootdispersion=0.00, peer=0, refid=0.0.0.0, reftime=0x00000000.00000000,
|
|
1116
1116
|
poll=4, clock=0xd1d874b7.051ec000, phase=0.000, freq=0.00, error=0.00
|
|
@@ -1121,7 +1121,7 @@
|
|
|
1121
1121
|
<param pos="1" name="os.product"/>
|
|
1122
1122
|
</fingerprint>
|
|
1123
1123
|
|
|
1124
|
-
<fingerprint pattern="
|
|
1124
|
+
<fingerprint pattern="processor="([^"]+)", system="SCO_SV([\d\.]+)"" flags="REG_DOT_NEWLINE,REG_ICASE">
|
|
1125
1125
|
<description>SCO Unixware NTP - SCO_SV variant</description>
|
|
1126
1126
|
<example os.version="3.2" os.arch="i386">
|
|
1127
1127
|
processor="i386", system="SCO_SV3.2", leap=0, stratum=2, precision=-18
|
|
@@ -1132,9 +1132,9 @@
|
|
|
1132
1132
|
<param pos="2" name="os.version"/>
|
|
1133
1133
|
</fingerprint>
|
|
1134
1134
|
|
|
1135
|
-
<fingerprint pattern="
|
|
1135
|
+
<fingerprint pattern="version="ntpd ([^ ]+)[^"]+",.*\s*processor="([^ ]+)",.*system="SecureOS/([^ ]+)"" flags="REG_DOT_NEWLINE,REG_ICASE">
|
|
1136
1136
|
<description>McAfee Network Firewall Enterprise NTP (SecureOS)</description>
|
|
1137
|
-
<example>
|
|
1137
|
+
<example service.version="4.2.0-r" os.arch="i386" os.version="7.0.1.00">
|
|
1138
1138
|
version="ntpd 4.2.0-r Thu Aug 11 12:41:19 CDT 2005 (1)",
|
|
1139
1139
|
processor="i386", system="SecureOS/7.0.1.00", leap=0, stratum=3,
|
|
1140
1140
|
precision=-19, rootdelay=27.044, rootdispersion=87.845, peer=2357,
|
|
@@ -1142,7 +1142,7 @@
|
|
|
1142
1142
|
clock=0xd2636c8e.d5e2d427, state=4, offset=0.519, frequency=-3.027,
|
|
1143
1143
|
jitter=5.132, stability=0.394
|
|
1144
1144
|
</example>
|
|
1145
|
-
<example>
|
|
1145
|
+
<example service.version="4.2.0-r" os.arch="i386" os.version="7.0.0.04">
|
|
1146
1146
|
version="ntpd 4.2.0-r Thu Aug 11 12:41:19 CDT 2005 (1)",
|
|
1147
1147
|
processor="i386", system="SecureOS/7.0.0.04", leap=0, stratum=2,
|
|
1148
1148
|
precision=-19, rootdelay=56.480, rootdispersion=35.772, peer=8677,
|
|
@@ -1159,16 +1159,16 @@
|
|
|
1159
1159
|
<param pos="3" name="os.version"/>
|
|
1160
1160
|
</fingerprint>
|
|
1161
1161
|
|
|
1162
|
-
<fingerprint pattern="
|
|
1162
|
+
<fingerprint pattern="processor="([^ ]+)".*system="Linux([^ ]+)"" flags="REG_DOT_NEWLINE,REG_ICASE">
|
|
1163
1163
|
<description>ntpd running on linux</description>
|
|
1164
|
-
<example>
|
|
1164
|
+
<example os.arch="i686" os.version="2.6.10">
|
|
1165
1165
|
processor="i686", system="Linux2.6.10", leap=0, stratum=2,
|
|
1166
1166
|
precision=-17, rootdelay=44.644, rootdispersion=29.933, peer=13317,
|
|
1167
1167
|
refid=A.B.C.D, reftime=0xd2c29f69.407570c5, poll=10,
|
|
1168
1168
|
clock=0xd2c2a335.360999dc, state=4, phase=1.037, frequency=55.898,
|
|
1169
1169
|
jitter=0.203, stability=0.004
|
|
1170
1170
|
</example>
|
|
1171
|
-
<example>
|
|
1171
|
+
<example os.arch="i686" os.version="2.6.23.waas">
|
|
1172
1172
|
processor="i686", system="Linux2.6.23.waas", leap=0, stratum=2,
|
|
1173
1173
|
precision=-18, rootdelay=37.550, rootdispersion=427.047, peer=40613,
|
|
1174
1174
|
refid=172.20.62.191, reftime=0xd297a442.8b66c6de, poll=14,
|
|
@@ -1186,9 +1186,9 @@
|
|
|
1186
1186
|
<param pos="0" name="os.cpe23" value="cpe:/o:linux:linux_kernel:{os.version}"/>
|
|
1187
1187
|
</fingerprint>
|
|
1188
1188
|
|
|
1189
|
-
<fingerprint pattern="
|
|
1189
|
+
<fingerprint pattern="version="ntpd (\S+)[^"]+",.*\s*processor="([^ ]+)".*system="Isilon OneFS/v([^ ]+)"" flags="REG_DOT_NEWLINE,REG_ICASE">
|
|
1190
1190
|
<description>Isilon OneFS NTP Server</description>
|
|
1191
|
-
<example>
|
|
1191
|
+
<example service.version="4.2.4p4-o" os.arch="i386" os.version="5.5.4.21">
|
|
1192
1192
|
version="ntpd 4.2.4p4-o Thu Feb 4 20:43:00 UTC 2010 (1)",
|
|
1193
1193
|
processor="i386", system="Isilon OneFS/v5.5.4.21", leap=0, stratum=14,
|
|
1194
1194
|
precision=-19, rootdelay=0.000, rootdispersion=11.260, peer=60044,
|
|
@@ -1289,7 +1289,7 @@
|
|
|
1289
1289
|
<param pos="0" name="os.arch" value="Alpha"/>
|
|
1290
1290
|
</fingerprint>
|
|
1291
1291
|
|
|
1292
|
-
<fingerprint pattern="
|
|
1292
|
+
<fingerprint pattern="version="ntpd ([^ ]+)[^"]+",\s*processor="([^ ]+)",\s*system="BIG-IPBIG-IP\s+([^"]+)"" flags="REG_DOT_NEWLINE,REG_ICASE">
|
|
1293
1293
|
<description>F5 Big-IP Load Balancers NTP</description>
|
|
1294
1294
|
<example service.version="4.1.1a@1.791" os.arch="i386" os.version="4.5PTF-0">
|
|
1295
1295
|
version="ntpd 4.1.1a@1.791 Fri Aug 8 04:08:19 PDT 2003 (1)",
|
|
@@ -1308,7 +1308,7 @@
|
|
|
1308
1308
|
<param pos="3" name="os.version"/>
|
|
1309
1309
|
</fingerprint>
|
|
1310
1310
|
|
|
1311
|
-
<fingerprint pattern="
|
|
1311
|
+
<fingerprint pattern="version="ntpd ([^ ]+)[^"]+",\s*processor,\s*system="/"" flags="REG_DOT_NEWLINE,REG_ICASE">
|
|
1312
1312
|
<description>NTP on an unknown system</description>
|
|
1313
1313
|
<example service.version="4.2.6p2-RC4@1.2180-o">
|
|
1314
1314
|
version="ntpd 4.2.6p2-RC4@1.2180-o Sun Jun 13 02:56:12 UTC 2010 (2)", processor, system="/"
|