recog 2.3.20 → 2.3.23

data/xml/x509_subjects.xml

@@ -69,12 +69,12 @@
 
   <fingerprint pattern="^SERIALNUMBER=PID:([^ ]+) SN:([^,]+),CN=(?:[a-zA-Z0-9\-]+)-SEP([a-fA-F0-9]{12}),OU=[CV]TG,O=Cisco Systems Inc\.$">
     <description>Cisco IP phone with serial number</description>
-    <example host.mac="B07D47D33A1C" hw.product="CP-8851" cisco.serial_number="FCH1924AHCA">SERIALNUMBER=PID:CP-8851 SN:FCH1924AHCA,CN=CP-8851-SEPB07D47D33A1C,OU=CTG,O=Cisco Systems Inc.</example>
-    <example host.mac="64D989000000" hw.product="CP-9951" cisco.serial_number="FCH15200000">SERIALNUMBER=PID:CP-9951 SN:FCH15200000,CN=CP-9951-SEP64D989000000,OU=VTG,O=Cisco Systems Inc.</example>
+    <example host.mac="B07D47D33A1C" hw.product="CP-8851" hw.serial_number="FCH1924AHCA">SERIALNUMBER=PID:CP-8851 SN:FCH1924AHCA,CN=CP-8851-SEPB07D47D33A1C,OU=CTG,O=Cisco Systems Inc.</example>
+    <example host.mac="64D989000000" hw.product="CP-9951" hw.serial_number="FCH15200000">SERIALNUMBER=PID:CP-9951 SN:FCH15200000,CN=CP-9951-SEP64D989000000,OU=VTG,O=Cisco Systems Inc.</example>
     <param pos="0" name="hw.device" value="VoIP"/>
     <param pos="0" name="hw.vendor" value="Cisco"/>
     <param pos="1" name="hw.product"/>
-    <param pos="2" name="cisco.serial_number"/>
+    <param pos="2" name="hw.serial_number"/>
     <param pos="3" name="host.mac"/>
   </fingerprint>
 
@@ -216,7 +216,7 @@
 
   <fingerprint pattern="^CN=([A-Za-z0-9\_\-\.]+),OU=ISS,O=Hewlett-Packard Company,L=Houston,ST=Texas,C=US$">
     <description>HP iLO</description>
-    <example>CN=SERVER-1231,OU=ISS,O=Hewlett-Packard Company,L=Houston,ST=Texas,C=US</example>
+    <example host.name="SERVER-1231">CN=SERVER-1231,OU=ISS,O=Hewlett-Packard Company,L=Houston,ST=Texas,C=US</example>
     <param pos="0" name="hw.device" value="Lights Out Management"/>
     <param pos="0" name="hw.vendor" value="HP"/>
     <param pos="0" name="hw.family" value="iLO"/>
@@ -247,8 +247,8 @@
 
   <fingerprint pattern="^CN=OA\-([a-fA-F0-9]+),OU=Onboard Administrator,">
     <description>HP iLO (Onboard Administrator)</description>
-    <example>CN=OA-001F296E21A3,OU=Onboard Administrator,O=Corp.,L=Location,ST=N/A,C=US</example>
-    <example>CN=OA-80C16E999999,OU=Onboard Administrator,O=Hewlett-Packard</example>
+    <example host.mac="001F296E21A3">CN=OA-001F296E21A3,OU=Onboard Administrator,O=Corp.,L=Location,ST=N/A,C=US</example>
+    <example host.mac="80C16E999999">CN=OA-80C16E999999,OU=Onboard Administrator,O=Hewlett-Packard</example>
     <param pos="0" name="hw.device" value="Lights Out Management"/>
     <param pos="0" name="hw.vendor" value="HP"/>
     <param pos="0" name="hw.family" value="iLO"/>
@@ -264,7 +264,7 @@
 
   <fingerprint pattern="^CN=([A-Za-z0-9\_\-\.]+),OU=Hewlett Packard Enterprise Network Management Software \(SMH\),O=Hewlett Packard Enterprise,L=Houston,ST=Texas,C=US$">
     <description>HP iLO - Enterprise Mgmt variant</description>
-    <example>CN=bigsrv99,OU=Hewlett Packard Enterprise Network Management Software (SMH),O=Hewlett Packard Enterprise,L=Houston,ST=Texas,C=US</example>
+    <example host.name="bigsrv99">CN=bigsrv99,OU=Hewlett Packard Enterprise Network Management Software (SMH),O=Hewlett Packard Enterprise,L=Houston,ST=Texas,C=US</example>
     <param pos="0" name="hw.device" value="Lights Out Management"/>
     <param pos="0" name="hw.vendor" value="HP"/>
     <param pos="0" name="hw.family" value="iLO"/>
@@ -289,6 +289,7 @@
     <param pos="0" name="os.vendor" value="Oracle"/>
     <param pos="0" name="os.family" value="ILOM"/>
     <param pos="0" name="os.product" value="ILOM"/>
+    <param pos="0" name="os.cpe23" value="cpe:/o:oracle:integrated_lights_out_manager_firmware:-"/>
   </fingerprint>
 
   <fingerprint pattern="^CN=AMI,OU=Service Processors,O=American Megatrends Inc">
@@ -307,27 +308,27 @@
 
   <fingerprint pattern="^CN=C-series CIMC,OU=PID:([^ ]+) SERIAL:([^,]+),O=Cisco">
     <description>Cisco Integrated Management Controller</description>
-    <example cisco.serial_number="FCH18999AAA" cisco.imc_model="UCSC-C220-M3S">CN=C-series CIMC,OU=PID:UCSC-C220-M3S SERIAL:FCH18999AAA,O=Cisco Self Signed,L=San Jose,ST=California,C=US</example>
+    <example hw.serial_number="FCH18999AAA" cisco.imc_model="UCSC-C220-M3S">CN=C-series CIMC,OU=PID:UCSC-C220-M3S SERIAL:FCH18999AAA,O=Cisco Self Signed,L=San Jose,ST=California,C=US</example>
     <param pos="0" name="hw.device" value="Lights Out Management"/>
     <param pos="0" name="hw.vendor" value="Cisco"/>
     <param pos="0" name="hw.product" value="IMC"/>
     <param pos="0" name="os.vendor" value="Cisco"/>
     <param pos="0" name="os.family" value="Linux"/>
     <param pos="0" name="os.product" value="IMC"/>
-    <param pos="2" name="cisco.serial_number"/>
+    <param pos="2" name="hw.serial_number"/>
     <param pos="1" name="cisco.imc_model"/>
   </fingerprint>
 
   <fingerprint pattern="^CN=C220-(FCH[^,]+),OU=null,O=Cisco Systems Inc">
     <description>Cisco Integrated Management Controller C220</description>
-    <example cisco.serial_number="FCH17999AAA">CN=C220-FCH17999AAA,OU=null,O=Cisco Systems Inc.,L=San Jose,ST=California,C=US</example>
+    <example hw.serial_number="FCH17999AAA">CN=C220-FCH17999AAA,OU=null,O=Cisco Systems Inc.,L=San Jose,ST=California,C=US</example>
     <param pos="0" name="hw.device" value="Lights Out Management"/>
     <param pos="0" name="hw.vendor" value="Cisco"/>
     <param pos="0" name="hw.product" value="IMC"/>
     <param pos="0" name="os.vendor" value="Cisco"/>
     <param pos="0" name="os.family" value="Linux"/>
     <param pos="0" name="os.product" value="IMC"/>
-    <param pos="1" name="cisco.serial_number"/>
+    <param pos="1" name="hw.serial_number"/>
   </fingerprint>
 
   <fingerprint pattern="^CN=avocent.com,OU=AESS,O=Avocent,L=Sunrise,ST=FL,C=US$">
@@ -352,8 +353,8 @@
 
   <fingerprint pattern="^CN=HP Jetdirect [a-zA-Z0-9]+,OU=([a-fA-F0-9]{12})\+OU=([a-zA-Z0-9]+),O=Hewlett-Packard Co\.$">
     <description>HP Jet Direct - with host MAC and product</description>
-    <example host.mac="2C413883186A" hw.product="J8028E">CN=HP Jetdirect 38831831,OU=2C413883186A+OU=J8028E,O=Hewlett-Packard Co.</example>
-    <example os.product="J8016E">CN=HP Jetdirect FBFA31E7,OU=8851FBE33ABB+OU=J8016E,O=Hewlett-Packard Co.</example>
+    <example host.mac="2C413883186A" hw.product="J8028E" os.product="J8028E">CN=HP Jetdirect 38831831,OU=2C413883186A+OU=J8028E,O=Hewlett-Packard Co.</example>
+    <example os.product="J8016E" host.mac="8851FBE33ABB" hw.product="J8016E">CN=HP Jetdirect FBFA31E7,OU=8851FBE33ABB+OU=J8016E,O=Hewlett-Packard Co.</example>
     <param pos="0" name="hw.device" value="Printer"/>
     <param pos="0" name="hw.vendor" value="HP"/>
     <param pos="0" name="hw.family" value="JetDirect"/>
@@ -407,12 +408,12 @@
 
   <fingerprint pattern="^SERIALNUMBER=([a-zA-Z0-9]+),CN=DEVICE-vWLC,O=Cisco Virtual WLC$">
     <description>Cisco vWLC</description>
-    <example cisco.serial_number="9C89M2088D1">SERIALNUMBER=9C89M2088D1,CN=DEVICE-vWLC,O=Cisco Virtual WLC</example>
+    <example hw.serial_number="9C89M2088D1">SERIALNUMBER=9C89M2088D1,CN=DEVICE-vWLC,O=Cisco Virtual WLC</example>
     <param pos="0" name="os.vendor" value="Cisco"/>
     <param pos="0" name="os.device" value="Wireless Controller"/>
     <param pos="0" name="os.product" value="Wireless LAN Controller"/>
     <param pos="0" name="os.cpe23" value="cpe:/o:cisco:wireless_lan_controller_software:-"/>
-    <param pos="1" name="cisco.serial_number"/>
+    <param pos="1" name="hw.serial_number"/>
   </fingerprint>
 
   <fingerprint pattern="^CN=[a-zA-Z0-9\.\-\_]+,OU=DeviceSSL \(WebAdmin\),O=Cisco Systems Inc\.,C=US$">
@@ -503,7 +504,7 @@
 
   <fingerprint pattern="^CN=([a-zA-Z0-9\.\-\_]+),OU=VMware ESX Server Default Certificate,O=VMware\\, Inc,L=Palo Alto,ST=California,C=US$">
     <description>VMware ESX</description>
-    <example>CN=server99.,OU=VMware ESX Server Default Certificate,O=VMware\, Inc,L=Palo Alto,ST=California,C=US</example>
+    <example host.name="server99.">CN=server99.,OU=VMware ESX Server Default Certificate,O=VMware\, Inc,L=Palo Alto,ST=California,C=US</example>
     <param pos="0" name="service.vendor" value="VMware"/>
     <param pos="0" name="os.vendor" value="VMware"/>
     <param pos="0" name="os.family" value="VMware ESX/ESXi"/>
@@ -588,7 +589,7 @@
     <param pos="0" name="service.vendor" value="Traefik Labs"/>
     <param pos="0" name="service.family" value="Traefik"/>
     <param pos="0" name="service.product" value="Traefik Proxy"/>
-    <param pos="0" name="service.cpe23" value="cpe:/a:containous:traefik:-"/>
+    <param pos="0" name="service.cpe23" value="cpe:/a:traefik:traefik:-"/>
   </fingerprint>
 
   <fingerprint pattern="^CN=default(?: [A-Z]+)?,OU=NS Internal,O=Citrix ANG,L=San Jose,ST=California,C=US$">
@@ -614,8 +615,8 @@
 
   <fingerprint pattern="^CN=([a-zA-Z0-9]{5,12}) ([a-zA-Z0-9]{12}),OU=(?:Cast|Google TV),O=Google Inc,L=Mountain View,ST=California,C=US$">
     <description>Google Chromecast</description>
-    <example chromecast.serial_number="LVDZG5" host.mac_local="FA8FCA67413D">CN=LVDZG5 FA8FCA67413D,OU=Cast,O=Google Inc,L=Mountain View,ST=California,C=US</example>
-    <example chromecast.serial_number="YRBLE" host.mac_local="FA8FCA7DE87D">CN=YRBLE FA8FCA7DE87D,OU=Google TV,O=Google Inc,L=Mountain View,ST=California,C=US</example>
+    <example host.mac_local="FA8FCA67413D" hw.serial_number="LVDZG5">CN=LVDZG5 FA8FCA67413D,OU=Cast,O=Google Inc,L=Mountain View,ST=California,C=US</example>
+    <example host.mac_local="FA8FCA7DE87D" hw.serial_number="YRBLE">CN=YRBLE FA8FCA7DE87D,OU=Google TV,O=Google Inc,L=Mountain View,ST=California,C=US</example>
     <param pos="0" name="os.vendor" value="Google"/>
     <param pos="0" name="os.product" value="Chrome OS"/>
     <param pos="0" name="os.certainty" value="0.5"/>
@@ -624,7 +625,8 @@
     <param pos="0" name="hw.vendor" value="Google"/>
     <param pos="0" name="hw.product" value="Chromecast"/>
     <param pos="0" name="hw.certainty" value="0.5"/>
-    <param pos="1" name="chromecast.serial_number"/>
+    <param pos="1" name="hw.serial_number"/>
+    <param pos="0" name="hw.cpe23" value="cpe:/h:google:chromecast:-"/>
     <!-- This is the hotspot-mode MAC address (clear bit 2) -->
 
     <param pos="2" name="host.mac_local"/>
@@ -632,14 +634,14 @@
 
   <fingerprint pattern="^CN=([a-zA-Z0-9]{5,12}) ([a-zA-Z0-9]{12}),OU=Cast TV \(Vizio\),O=Google Inc,L=Mountain View,ST=California,C=US$">
     <description>Vizio SmartTV (Android) with Google Cast</description>
-    <example chromecast.serial_number="9V039WC9" host.mac_local="FA8FCA697898">CN=9V039WC9 FA8FCA697898,OU=Cast TV (Vizio),O=Google Inc,L=Mountain View,ST=California,C=US</example>
+    <example hw.serial_number="9V039WC9" host.mac_local="FA8FCA697898">CN=9V039WC9 FA8FCA697898,OU=Cast TV (Vizio),O=Google Inc,L=Mountain View,ST=California,C=US</example>
     <param pos="0" name="os.vendor" value="Google"/>
     <param pos="0" name="os.family" value="Linux"/>
     <param pos="0" name="os.product" value="Android"/>
     <param pos="0" name="os.cpe23" value="cpe:/o:google:android:-"/>
     <param pos="0" name="hw.device" value="Smart TV"/>
     <param pos="0" name="hw.vendor" value="Vizio"/>
-    <param pos="1" name="chromecast.serial_number"/>
+    <param pos="1" name="hw.serial_number"/>
     <!-- This is the hotspot-mode MAC address (clear bit 2) -->
 
     <param pos="2" name="host.mac_local"/>
@@ -878,8 +880,8 @@
 
   <fingerprint pattern="^CN=([A-Za-z0-9]+),OU=FortiGate,O=Fortinet,L=Sunnyvale,ST=California,C=US$">
     <description>Fortinet Gateway</description>
-    <example fortinet.serial_number="FG100ETK1800118">CN=FG100ETK1800118,OU=FortiGate,O=Fortinet,L=Sunnyvale,ST=California,C=US</example>
-    <example fortinet.serial_number="FGT30D3X15038375">CN=FGT30D3X15038375,OU=FortiGate,O=Fortinet,L=Sunnyvale,ST=California,C=US</example>
+    <example hw.serial_number="FG100ETK1800118">CN=FG100ETK1800118,OU=FortiGate,O=Fortinet,L=Sunnyvale,ST=California,C=US</example>
+    <example hw.serial_number="FGT30D3X15038375">CN=FGT30D3X15038375,OU=FortiGate,O=Fortinet,L=Sunnyvale,ST=California,C=US</example>
     <param pos="0" name="hw.vendor" value="Fortinet"/>
     <param pos="0" name="hw.device" value="Firewall"/>
     <param pos="0" name="os.vendor" value="Fortinet"/>
@@ -887,12 +889,12 @@
     <param pos="0" name="os.device" value="Firewall"/>
     <param pos="0" name="os.product" value="FortiOS"/>
     <param pos="0" name="os.cpe23" value="cpe:/o:fortinet:fortios:-"/>
-    <param pos="1" name="fortinet.serial_number"/>
+    <param pos="1" name="hw.serial_number"/>
   </fingerprint>
 
   <fingerprint pattern="^CN=([A-Za-z0-9]+),O=Fortinet Ltd\.$">
     <description>Fortinet Gateway (Older)</description>
-    <example fortinet.serial_number="FG100D3G13803999">CN=FG100D3G13803999,O=Fortinet Ltd.</example>
+    <example hw.serial_number="FG100D3G13803999">CN=FG100D3G13803999,O=Fortinet Ltd.</example>
     <param pos="0" name="hw.vendor" value="Fortinet"/>
     <param pos="0" name="hw.device" value="Firewall"/>
     <param pos="0" name="os.vendor" value="Fortinet"/>
@@ -900,7 +902,7 @@
     <param pos="0" name="os.device" value="Firewall"/>
     <param pos="0" name="os.product" value="FortiOS"/>
     <param pos="0" name="os.cpe23" value="cpe:/o:fortinet:fortios:-"/>
-    <param pos="1" name="fortinet.serial_number"/>
+    <param pos="1" name="hw.serial_number"/>
   </fingerprint>
 
   <fingerprint pattern="^CN=FortiMail,OU=FortiMail,O=Fortinet,L=Sunnyvale,ST=California,C=US$">
@@ -1130,10 +1132,11 @@
     <param pos="0" name="os.product" value="Linux"/>
   </fingerprint>
 
-  <fingerprint pattern="^CN=MAC([a-fA-F0-9]{12}),OU=([^,]+),O=Mercury Security Products\\, LLC,L=Long Beach,ST=CA,C=US$">
+  <fingerprint pattern="^CN=MAC([a-fA-F0-9]{12}),OU=([^,]+),O=Mercury Security Products\\, LLC,L=Long Beach,ST=CA,C=US(?:,\S+)?$">
     <description>Mercurity Security (now HID Global)</description>
     <example hw.product="M5IC" host.mac="000FE507A1F1">CN=MAC000FE507A1F1,OU=M5IC,O=Mercury Security Products\, LLC,L=Long Beach,ST=CA,C=US</example>
     <example hw.product="EP-1502" host.mac="000FE508BC71">CN=MAC000FE508BC71,OU=EP-1502,O=Mercury Security Products\, LLC,L=Long Beach,ST=CA,C=US</example>
+    <example hw.product="LP-1501" host.mac="000FE5091111">CN=MAC000FE5091111,OU=LP-1501,O=Mercury Security Products\, LLC,L=Long Beach,ST=CA,C=US,2.5.4.4=#111111111111111111</example>
     <param pos="0" name="hw.vendor" value="Mercury Security"/>
     <param pos="0" name="hw.device" value="Access Control"/>
     <param pos="1" name="host.mac"/>
@@ -1233,7 +1236,7 @@
 
   <fingerprint pattern="^CN=Canon (iR-[a-zA-Z0-9\.\-\_]+)$">
     <description>Canon iR-ADV Printer with product info</description>
-    <example os.product="iR-ADV">CN=Canon iR-ADV</example>
+    <example os.product="iR-ADV" hw.product="iR-ADV">CN=Canon iR-ADV</example>
     <param pos="0" name="hw.device" value="Printer"/>
     <param pos="0" name="hw.vendor" value="Canon"/>
     <param pos="0" name="os.device" value="Printer"/>
@@ -1298,19 +1301,28 @@
 
   <fingerprint pattern="^CN=Ruckus Wireless ZoneDirector SN-(\d+),O=Ruckus Wireless\\, Inc\.,ST=CA,C=US$">
     <description>Ruckus Zone Director</description>
-    <example ruckus.serial_number="221301007591">CN=Ruckus Wireless ZoneDirector SN-221301007591,O=Ruckus Wireless\, Inc.,ST=CA,C=US</example>
+    <example hw.serial_number="221301007591">CN=Ruckus Wireless ZoneDirector SN-221301007591,O=Ruckus Wireless\, Inc.,ST=CA,C=US</example>
     <param pos="0" name="hw.device" value="Wireless Controller"/>
     <param pos="0" name="hw.vendor" value="Ruckus"/>
     <param pos="0" name="hw.product" value="Zone Director"/>
     <param pos="0" name="os.device" value="Wireless Controller"/>
     <param pos="0" name="os.vendor" value="Ruckus"/>
     <param pos="0" name="os.product" value="Zone Director"/>
-    <param pos="1" name="ruckus.serial_number"/>
+    <param pos="1" name="hw.serial_number"/>
+  </fingerprint>
+
+  <fingerprint pattern="^CN=SN-(\d+),O=Ruckus Wireless Inc.,L=Sunnyvale,ST=California,C=US$">
+    <description>Ruckus Wireless Access Point</description>
+    <example hw.serial_number="010101010101">CN=SN-010101010101,O=Ruckus Wireless Inc.,L=Sunnyvale,ST=California,C=US</example>
+    <param pos="0" name="hw.device" value="WAP"/>
+    <param pos="0" name="hw.vendor" value="Ruckus"/>
+    <param pos="0" name="hw.product" value="Access Point"/>
+    <param pos="1" name="hw.serial_number"/>
   </fingerprint>
 
   <fingerprint pattern="^CN=DT([^\s]+) Series,O=NEC Corporation,ST=Tokyo,C=JP$">
     <description>NEC DT Series IP Phone</description>
-    <example>CN=DT800 Series,O=NEC Corporation,ST=Tokyo,C=JP</example>
+    <example hw.product="800">CN=DT800 Series,O=NEC Corporation,ST=Tokyo,C=JP</example>
     <param pos="0" name="os.vendor" value="NEC"/>
     <param pos="0" name="os.device" value="VoIP"/>
     <param pos="0" name="hw.vendor" value="NEC"/>
@@ -1459,9 +1471,10 @@
     <param pos="0" name="hw.product" value="Sensor"/>
   </fingerprint>
 
-  <fingerprint pattern="^CN=HiveAP,OU=Default,O=Aerohive,ST=California,C=US$">
+  <fingerprint pattern="^CN=HiveAP,OU=Default,O=Aerohive,(?:L=Sunnyvale,)?ST=California,C=US$">
     <description>Aerohive Access Point</description>
     <example>CN=HiveAP,OU=Default,O=Aerohive,ST=California,C=US</example>
+    <example>CN=HiveAP,OU=Default,O=Aerohive,L=Sunnyvale,ST=California,C=US</example>
     <param pos="0" name="hw.vendor" value="Aerohive"/>
     <param pos="0" name="hw.device" value="WAP"/>
     <param pos="0" name="hw.product" value="Access Point"/>
@@ -1644,4 +1657,102 @@
     <param pos="1" name="host.name"/>
   </fingerprint>
 
+  <fingerprint pattern="^CN=Freebox Intermediate CA,O=Freebox,ST=France,C=FR$">
+    <description>Freebox Device</description>
+    <example>CN=Freebox Intermediate CA,O=Freebox,ST=France,C=FR</example>
+    <param pos="0" name="hw.vendor" value="Freebox"/>
+  </fingerprint>
+
+  <fingerprint pattern="^CN=TP-LINK CA,O=TP-LINK Technologies CO.\\, LTD.,L=Shenzhen,ST=Guangdong,C=CN(?:,\S+)?$">
+    <description>TP-LINK Device</description>
+    <example>CN=TP-LINK CA,O=TP-LINK Technologies CO.\, LTD.,L=Shenzhen,ST=Guangdong,C=CN,1.2.840.113549.1.9.1=#0c16736572766963654074702d6c696e6b2e636f6d2e636e</example>
+    <param pos="0" name="hw.vendor" value="TP-LINK"/>
+  </fingerprint>
+
+  <fingerprint pattern="^CN=BHA-([0-9a-fA-F]{12}),O=Bird Home Automation$">
+    <description>Bird Home Automation</description>
+    <example host.mac="0123456789AB">CN=BHA-0123456789AB,O=Bird Home Automation</example>
+    <param pos="0" name="hw.device" value="Device"/>
+    <param pos="0" name="hw.vendor" value="Bird Home Automation"/>
+    <param pos="1" name="host.mac"/>
+  </fingerprint>
+
+  <fingerprint pattern="^CN=\S+,OU=Media Server,O=Avaya Inc\.,C=US">
+    <description>Avaya Media Server</description>
+    <example>CN=192.168.0.3,OU=Media Server,O=Avaya Inc.,C=US</example>
+    <param pos="0" name="os.vendor" value="Avaya"/>
+    <param pos="0" name="os.device" value="Media Gateway"/>
+    <param pos="0" name="os.product" value="Media Server"/>
+  </fingerprint>
+
+  <fingerprint pattern="^CN=iSTAR Ultra">
+    <description>iSTAR Ultra</description>
+    <example>CN=iSTAR Ultra,OU=Access Control and Video Division,O=Johnson Controls,L=Westford,ST=Massachusetts,C=US</example>
+    <param pos="0" name="os.vendor" value="Software House"/>
+    <param pos="0" name="os.family" value="Linux"/>
+    <param pos="0" name="os.product" value="{hw.product} Firmware"/>
+    <param pos="0" name="hw.vendor" value="Software House"/>
+    <param pos="0" name="hw.device" value="Access Control"/>
+    <param pos="0" name="hw.family" value="iSTAR Door Controllers"/>
+    <param pos="0" name="hw.product" value="iSTAR Ultra"/>
+    <param pos="0" name="hw.cpe23" value="cpe:/h:swhouse:istar_ultra:-"/>
+  </fingerprint>
+
+  <fingerprint pattern="^O=SpotteRF - NetworkedIO$">
+    <description>SpotterRF</description>
+    <example>O=SpotteRF - NetworkedIO</example>
+    <param pos="0" name="os.vendor" value="SpotterRF"/>
+    <param pos="0" name="os.family" value="Linux"/>
+    <param pos="0" name="os.certainty" value="0.90"/>
+    <param pos="0" name="hw.vendor" value="SpotterRF"/>
+    <param pos="0" name="hw.device" value="Sensor"/>
+    <param pos="0" name="hw.product" value="Drone Detector"/>
+  </fingerprint>
+
+  <fingerprint pattern="(?i)^CN=.{0,1000}myboschcam.net,O=Bosch Sicherheitssysteme">
+    <description>Bosch AutoDome IP Camera</description>
+    <example>CN=local.myboschcam.net,O=Bosch Sicherheitssysteme GmbH,L=Grasbrunn,ST=Bayern,C=DE</example>
+    <param pos="0" name="hw.vendor" value="Bosch"/>
+    <param pos="0" name="hw.device" value="Web Cam"/>
+    <param pos="0" name="hw.product" value="AutoDome"/>
+    <param pos="0" name="hw.certainty" value="0.50"/>
+  </fingerprint>
+
+  <fingerprint pattern="(?i)CN=(\w+),OU=BWI,O=Redline Communications Inc">
+    <description>Redline Communication Radios</description>
+    <example hw.product="an80i">CN=an80i,OU=BWI,O=Redline Communications Inc.,C=CA</example>
+    <param pos="0" name="hw.vendor" value="Redline"/>
+    <param pos="0" name="hw.device" value="WAP"/>
+    <param pos="1" name="hw.product"/>
+  </fingerprint>
+
+  <fingerprint pattern="(?i)CN=Vaddio Device,O=Vaddio,L=Minnetonka,ST=MN,C=US">
+    <description>Vadio DocCom</description>
+    <example>CN=Vaddio Device,O=Vaddio,L=Minnetonka,ST=MN,C=US</example>
+    <param pos="0" name="hw.vendor" value="Vaddio"/>
+    <param pos="0" name="hw.device" value="Web Cam"/>
+    <param pos="0" name="hw.product" value="DocCam"/>
+    <param pos="0" name="hw.certainty" value="0.50"/>
+  </fingerprint>
+
+  <fingerprint pattern="(?i)CN=.{0,1000},OU=2N IP Intercoms,O=2N Telekomunikace a.s.,L=Prague,ST=Czech Republic,C=CZ">
+    <description>2N IP Intercoms</description>
+    <example>CN=11111111111d,OU=2N IP Intercoms,O=2N Telekomunikace a.s.,L=Prague,ST=Czech Republic,C=CZ</example>
+    <param pos="0" name="hw.vendor" value="2N Telekomunikace"/>
+    <param pos="0" name="hw.device" value="IP Camera"/>
+    <param pos="0" name="hw.certainty" value="0.50"/>
+  </fingerprint>
+
+  <fingerprint pattern="^CN=(.{1,256}),OU=PVE Cluster Node,O=Proxmox Virtual Environment$">
+    <description>Proxmox open-source virtualization platform</description>
+    <example host.name="pve.example.org">CN=pve.example.org,OU=PVE Cluster Node,O=Proxmox Virtual Environment</example>
+    <param pos="1" name="host.name"/>
+    <param pos="0" name="service.vendor" value="Proxmox"/>
+    <param pos="0" name="service.product" value="Virtual Environment"/>
+    <param pos="0" name="service.cpe23" value="cpe:/a:proxmox:virtual_environment:-"/>
+    <param pos="0" name="os.vendor" value="Proxmox"/>
+    <param pos="0" name="os.family" value="Linux"/>
+    <param pos="0" name="os.product" value="Proxmox"/>
+  </fingerprint>
+
 </fingerprints>

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: recog
 version: !ruby/object:Gem::Version
-  version: 2.3.20
+  version: 2.3.23
 platform: ruby
 authors:
 - Rapid7 Research
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2021-05-13 00:00:00.000000000 Z
+date: 2022-03-30 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: rspec
@@ -128,13 +128,19 @@ files:
 - ".github/ISSUE_TEMPLATE/fingerprint_request.md"
 - ".github/PULL_REQUEST_TEMPLATE"
 - ".github/SECURITY.md"
+- ".github/dependabot.yml"
 - ".github/workflows/ci.yml"
+- ".github/workflows/verify.yml"
 - ".gitignore"
 - ".rspec"
 - ".ruby-gemset"
 - ".ruby-version"
 - ".snyk"
 - ".travis.yml"
+- ".vscode/bin/monitor-recog-fingerprints.sh"
+- ".vscode/extensions.json"
+- ".vscode/settings.json"
+- ".vscode/tasks.json"
 - ".yardopts"
 - CONTRIBUTING.md
 - COPYING
@@ -153,12 +159,14 @@ files:
 - features/data/multiple_banners_fingerprints.xml
 - features/data/no_tests.xml
 - features/data/sample_banner.txt
+- features/data/schema_failure.xml
 - features/data/successful_tests.xml
 - features/data/tests_with_failures.xml
 - features/data/tests_with_warnings.xml
 - features/match.feature
 - features/support/aruba.rb
 - features/support/env.rb
+- features/support/hooks.rb
 - features/verify.feature
 - identifiers/README.md
 - identifiers/fields.txt
@@ -178,13 +186,13 @@ files:
 - lib/recog/fingerprint.rb
 - lib/recog/fingerprint/regexp_factory.rb
 - lib/recog/fingerprint/test.rb
+- lib/recog/fingerprint_parse_error.rb
 - lib/recog/formatter.rb
 - lib/recog/match_reporter.rb
 - lib/recog/matcher.rb
 - lib/recog/matcher_factory.rb
 - lib/recog/nizer.rb
 - lib/recog/verifier.rb
-- lib/recog/verifier_factory.rb
 - lib/recog/verify_reporter.rb
 - lib/recog/version.rb
 - misc/convert_mysql_err
@@ -194,6 +202,10 @@ files:
 - spec/data/best_os_match_1.yml
 - spec/data/best_os_match_2.yml
 - spec/data/best_service_match_1.yml
+- spec/data/external_example_fingerprint.xml
+- spec/data/external_example_fingerprint/hp_printer_ex_01.txt
+- spec/data/external_example_fingerprint/hp_printer_ex_02.txt
+- spec/data/external_example_illegal_path_fingerprint.xml
 - spec/data/smb_native_os.txt
 - spec/data/test_fingerprints.xml
 - spec/data/verification_fingerprints.xml
@@ -207,10 +219,12 @@ files:
 - spec/lib/recog/nizer_spec.rb
 - spec/lib/recog/verify_reporter_spec.rb
 - spec/spec_helper.rb
+- tools/dev/hooks/pre-commit
 - update_cpes.py
 - xml/apache_modules.xml
 - xml/apache_os.xml
 - xml/architecture.xml
+- xml/dhcp_vendor_class.xml
 - xml/dns_versionbind.xml
 - xml/favicons.xml
 - xml/fingerprints.xsd
@@ -275,7 +289,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
-rubygems_version: 3.0.8
+rubygems_version: 3.0.3
 signing_key:
 specification_version: 4
 summary: Network service fingerprint database, classes, and utilities
@@ -285,16 +299,22 @@ test_files:
 - features/data/multiple_banners_fingerprints.xml
 - features/data/no_tests.xml
 - features/data/sample_banner.txt
+- features/data/schema_failure.xml
 - features/data/successful_tests.xml
 - features/data/tests_with_failures.xml
 - features/data/tests_with_warnings.xml
 - features/match.feature
 - features/support/aruba.rb
 - features/support/env.rb
+- features/support/hooks.rb
 - features/verify.feature
 - spec/data/best_os_match_1.yml
 - spec/data/best_os_match_2.yml
 - spec/data/best_service_match_1.yml
+- spec/data/external_example_fingerprint.xml
+- spec/data/external_example_fingerprint/hp_printer_ex_01.txt
+- spec/data/external_example_fingerprint/hp_printer_ex_02.txt
+- spec/data/external_example_illegal_path_fingerprint.xml
 - spec/data/smb_native_os.txt
 - spec/data/test_fingerprints.xml
 - spec/data/verification_fingerprints.xml

data/lib/recog/verifier_factory.rb

@@ -1,13 +0,0 @@
-require 'recog/verifier'
-require 'recog/formatter'
-require 'recog/verify_reporter'
-
-module Recog
-module VerifierFactory
-  def self.build(options)
-    formatter = Formatter.new(options, $stdout)
-    reporter  = VerifyReporter.new(options, formatter)
-    Verifier.new(options.fingerprints, reporter)
-  end
-end
-end