recog 2.3.21 → 2.3.22

data/xml/tls_jarm.xml

@@ -14,13 +14,33 @@
     <param pos="0" name="service.cpe23" value="cpe:/a:torproject:tor:-"/>
   </fingerprint>
 
-  <fingerprint pattern="^2ad2ad0002ad2ad0002ad2ad2ad2ada9e96d3ba9f7903758a731e0fa01453d$">
-    <description>Synology NAS</description>
+  <fingerprint pattern="^2ad2ad0002ad2ad0002ad2ad2ad2ada9e96d3ba9f7903758a731e0fa01453d|29d29d15d29d29d21c29d29d29d29d10d7a07cb776562eccb97246005feba5|2ad2ad0002ad2ad0002ad2ad2ad2ad5bf44aec534289dfa8e33148b66cd6c3|29d29d15d29d29d21c29d29d29d29de857600fcd9f89735d87c3704c4e141b$">
+    <description>Synology NAS DSM 6</description>
+    <example>29d29d15d29d29d21c29d29d29d29d10d7a07cb776562eccb97246005feba5</example>
+    <example>29d29d15d29d29d21c29d29d29d29de857600fcd9f89735d87c3704c4e141b</example>
+    <example>2ad2ad0002ad2ad0002ad2ad2ad2ad5bf44aec534289dfa8e33148b66cd6c3</example>
     <example>2ad2ad0002ad2ad0002ad2ad2ad2ada9e96d3ba9f7903758a731e0fa01453d</example>
     <param pos="0" name="os.device" value="NAS"/>
     <param pos="0" name="os.family" value="Linux"/>
     <param pos="0" name="os.product" value="DSM"/>
     <param pos="0" name="os.vendor" value="Synology"/>
+    <param pos="0" name="os.version" value="6"/>
+    <param pos="0" name="hw.vendor" value="Synology"/>
+    <param pos="0" name="hw.device" value="NAS"/>
+  </fingerprint>
+
+  <fingerprint pattern="^00000000000000000042d42d0000009535d5979f591ae8e547c5e5743e5b64|29d29d15d29d29d00042d42d00000068f5dc63852f94da932cd6b61b1cd9e3|29d29d15d29d29d21c42d42d000000bf85d79ff39d9f5079675604a74fc04b|29d29d15d29d29d00042d42d000000038eaaf490bec8dc33757f165ce01762|29d29d15d29d29d21c42d42d000000790cb01ea78cc2a73fe8428d61afc0c8$">
+    <description>Synology NAS DSM 7</description>
+    <example>00000000000000000042d42d0000009535d5979f591ae8e547c5e5743e5b64</example>
+    <example>29d29d15d29d29d00042d42d000000038eaaf490bec8dc33757f165ce01762</example>
+    <example>29d29d15d29d29d00042d42d00000068f5dc63852f94da932cd6b61b1cd9e3</example>
+    <example>29d29d15d29d29d21c42d42d000000790cb01ea78cc2a73fe8428d61afc0c8</example>
+    <example>29d29d15d29d29d21c42d42d000000bf85d79ff39d9f5079675604a74fc04b</example>
+    <param pos="0" name="os.device" value="NAS"/>
+    <param pos="0" name="os.family" value="Linux"/>
+    <param pos="0" name="os.product" value="DSM"/>
+    <param pos="0" name="os.vendor" value="Synology"/>
+    <param pos="0" name="os.version" value="7"/>
     <param pos="0" name="hw.vendor" value="Synology"/>
     <param pos="0" name="hw.device" value="NAS"/>
   </fingerprint>
@@ -118,11 +138,13 @@
     <param pos="0" name="hw.device" value="Media Server"/>
     <param pos="0" name="hw.vendor" value="Google"/>
     <param pos="0" name="hw.product" value="Chromecast"/>
+    <param pos="0" name="hw.cpe23" value="cpe:/h:google:chromecast:-"/>
   </fingerprint>
 
-  <fingerprint pattern="^21d14d00021d21d21c21d14d21d21d3e9a0dda94718e521eb7d1409c9e3601$">
-    <description>VMWare ESXi</description>
+  <fingerprint pattern="^21d14d00021d21d21c21d14d21d21d3e9a0dda94718e521eb7d1409c9e3601|2ad2ad0002ad2ad0002ad2ad2ad2ad755a2cec4b52fb1bce1ac7f1e48c8a7d$">
+    <description>VMware ESXi</description>
     <example>21d14d00021d21d21c21d14d21d21d3e9a0dda94718e521eb7d1409c9e3601</example>
+    <example>2ad2ad0002ad2ad0002ad2ad2ad2ad755a2cec4b52fb1bce1ac7f1e48c8a7d</example>
     <param pos="0" name="os.vendor" value="VMware"/>
     <param pos="0" name="os.family" value="VMware ESX/ESXi"/>
     <param pos="0" name="os.product" value="VMware ESXi Server"/>

data/xml/x509_issuers.xml

@@ -106,6 +106,7 @@
     <param pos="0" name="hw.vendor" value="Google"/>
     <param pos="0" name="hw.product" value="Chromecast"/>
     <param pos="0" name="hw.certainty" value="0.5"/>
+    <param pos="0" name="hw.cpe23" value="cpe:/h:google:chromecast:-"/>
     <param pos="0" name="chromecast.generation" value="1"/>
   </fingerprint>
 
@@ -127,6 +128,7 @@
     <param pos="0" name="hw.vendor" value="Google"/>
     <param pos="0" name="hw.product" value="Chromecast"/>
     <param pos="0" name="hw.certainty" value="0.5"/>
+    <param pos="0" name="hw.cpe23" value="cpe:/h:google:chromecast:-"/>
     <param pos="1" name="chromecast.generation"/>
     <param pos="2" name="chromecast.capabilities"/>
   </fingerprint>
@@ -357,4 +359,38 @@
     <param pos="0" name="service.cpe23" value="cpe:/a:caddyserver:caddy:-"/>
   </fingerprint>
 
+  <fingerprint pattern="^CN=Avaya cu360 (\S+)$">
+    <description>Avaya Video Conferencing Device - CU360</description>
+    <example hw.serial_number="11YT11111111">CN=Avaya cu360 11YT11111111</example>
+    <param pos="0" name="hw.vendor" value="Avaya"/>
+    <param pos="0" name="hw.device" value="Video Conference"/>
+    <param pos="0" name="hw.product" value="CU360"/>
+    <param pos="1" name="hw.serial_number"/>
+  </fingerprint>
+
+  <fingerprint pattern="^CN=Roomba CA,OU=\S+,O=iRobot,L=Bedford,ST=MA,C=US$">
+    <description>Roomba Device</description>
+    <example hw.product="Roomba" hw.vendor="iRobot">CN=Roomba CA,OU=HBU,O=iRobot,L=Bedford,ST=MA,C=US</example>
+    <param pos="0" name="hw.vendor" value="iRobot"/>
+    <param pos="0" name="hw.device" value="Device"/>
+    <param pos="0" name="hw.product" value="Roomba"/>
+  </fingerprint>
+
+  <fingerprint pattern="(?i)^CN=\S+,OU=FreshTomato Team,O=FreshTomato,L=Columbus,ST=Ohio,C=US(?:.*)$">
+    <description>FreshTomato Router Fireware</description>
+    <example>CN=192.168.1.1,OU=FreshTomato Team,O=FreshTomato,L=Columbus,ST=Ohio,C=US</example>
+    <param pos="0" name="os.vendor" value="FreshTomato"/>
+    <param pos="0" name="os.product" value="Linux"/>
+    <param pos="0" name="os.device" value="Router"/>
+  </fingerprint>
+
+  <fingerprint pattern="(?i)^SERIALNUMBER=(\d+),CN=(\S+),OU=ST-VS,O=Bosch Sicherheitssysteme GmbH,L=Grasbrunn,C=DE">
+    <description>Bosch Device</description>
+    <example hw.serial_number="111111111111111111" host.mac="00-07-5f-11-11-11">SERIALNUMBER=111111111111111111,CN=00-07-5f-11-11-11,OU=ST-VS,O=Bosch Sicherheitssysteme GmbH,L=Grasbrunn,C=DE</example>
+    <param pos="0" name="os.vendor" value="Bosch"/>
+    <param pos="0" name="hw.vendor" value="Bosch"/>
+    <param pos="1" name="hw.serial_number"/>
+    <param pos="2" name="host.mac"/>
+  </fingerprint>
+
 </fingerprints>

data/xml/x509_subjects.xml

@@ -69,13 +69,12 @@
 
   <fingerprint pattern="^SERIALNUMBER=PID:([^ ]+) SN:([^,]+),CN=(?:[a-zA-Z0-9\-]+)-SEP([a-fA-F0-9]{12}),OU=[CV]TG,O=Cisco Systems Inc\.$">
     <description>Cisco IP phone with serial number</description>
-    <example host.mac="B07D47D33A1C" hw.product="CP-8851" cisco.serial_number="FCH1924AHCA" hw.serial_number="FCH1924AHCA">SERIALNUMBER=PID:CP-8851 SN:FCH1924AHCA,CN=CP-8851-SEPB07D47D33A1C,OU=CTG,O=Cisco Systems Inc.</example>
-    <example host.mac="64D989000000" hw.product="CP-9951" cisco.serial_number="FCH15200000" hw.serial_number="FCH15200000">SERIALNUMBER=PID:CP-9951 SN:FCH15200000,CN=CP-9951-SEP64D989000000,OU=VTG,O=Cisco Systems Inc.</example>
+    <example host.mac="B07D47D33A1C" hw.product="CP-8851" hw.serial_number="FCH1924AHCA">SERIALNUMBER=PID:CP-8851 SN:FCH1924AHCA,CN=CP-8851-SEPB07D47D33A1C,OU=CTG,O=Cisco Systems Inc.</example>
+    <example host.mac="64D989000000" hw.product="CP-9951" hw.serial_number="FCH15200000">SERIALNUMBER=PID:CP-9951 SN:FCH15200000,CN=CP-9951-SEP64D989000000,OU=VTG,O=Cisco Systems Inc.</example>
     <param pos="0" name="hw.device" value="VoIP"/>
     <param pos="0" name="hw.vendor" value="Cisco"/>
     <param pos="1" name="hw.product"/>
     <param pos="2" name="hw.serial_number"/>
-    <param pos="2" name="cisco.serial_number"/>
     <param pos="3" name="host.mac"/>
   </fingerprint>
 
@@ -217,7 +216,7 @@
 
   <fingerprint pattern="^CN=([A-Za-z0-9\_\-\.]+),OU=ISS,O=Hewlett-Packard Company,L=Houston,ST=Texas,C=US$">
     <description>HP iLO</description>
-    <example>CN=SERVER-1231,OU=ISS,O=Hewlett-Packard Company,L=Houston,ST=Texas,C=US</example>
+    <example host.name="SERVER-1231">CN=SERVER-1231,OU=ISS,O=Hewlett-Packard Company,L=Houston,ST=Texas,C=US</example>
     <param pos="0" name="hw.device" value="Lights Out Management"/>
     <param pos="0" name="hw.vendor" value="HP"/>
     <param pos="0" name="hw.family" value="iLO"/>
@@ -248,7 +247,7 @@
 
   <fingerprint pattern="^CN=OA\-([a-fA-F0-9]+),OU=Onboard Administrator,">
     <description>HP iLO (Onboard Administrator)</description>
-    <example>CN=OA-001F296E21A3,OU=Onboard Administrator,O=Corp.,L=Location,ST=N/A,C=US</example>
+    <example host.mac="001F296E21A3">CN=OA-001F296E21A3,OU=Onboard Administrator,O=Corp.,L=Location,ST=N/A,C=US</example>
     <example>CN=OA-80C16E999999,OU=Onboard Administrator,O=Hewlett-Packard</example>
     <param pos="0" name="hw.device" value="Lights Out Management"/>
     <param pos="0" name="hw.vendor" value="HP"/>
@@ -265,7 +264,7 @@
 
   <fingerprint pattern="^CN=([A-Za-z0-9\_\-\.]+),OU=Hewlett Packard Enterprise Network Management Software \(SMH\),O=Hewlett Packard Enterprise,L=Houston,ST=Texas,C=US$">
     <description>HP iLO - Enterprise Mgmt variant</description>
-    <example>CN=bigsrv99,OU=Hewlett Packard Enterprise Network Management Software (SMH),O=Hewlett Packard Enterprise,L=Houston,ST=Texas,C=US</example>
+    <example host.name="bigsrv99">CN=bigsrv99,OU=Hewlett Packard Enterprise Network Management Software (SMH),O=Hewlett Packard Enterprise,L=Houston,ST=Texas,C=US</example>
     <param pos="0" name="hw.device" value="Lights Out Management"/>
     <param pos="0" name="hw.vendor" value="HP"/>
     <param pos="0" name="hw.family" value="iLO"/>
@@ -309,29 +308,27 @@
 
   <fingerprint pattern="^CN=C-series CIMC,OU=PID:([^ ]+) SERIAL:([^,]+),O=Cisco">
     <description>Cisco Integrated Management Controller</description>
-    <example cisco.serial_number="FCH18999AAA" hw.serial_number="FCH18999AAA" cisco.imc_model="UCSC-C220-M3S">CN=C-series CIMC,OU=PID:UCSC-C220-M3S SERIAL:FCH18999AAA,O=Cisco Self Signed,L=San Jose,ST=California,C=US</example>
+    <example hw.serial_number="FCH18999AAA" cisco.imc_model="UCSC-C220-M3S">CN=C-series CIMC,OU=PID:UCSC-C220-M3S SERIAL:FCH18999AAA,O=Cisco Self Signed,L=San Jose,ST=California,C=US</example>
     <param pos="0" name="hw.device" value="Lights Out Management"/>
     <param pos="0" name="hw.vendor" value="Cisco"/>
     <param pos="0" name="hw.product" value="IMC"/>
-    <param pos="2" name="hw.serial_number"/>
     <param pos="0" name="os.vendor" value="Cisco"/>
     <param pos="0" name="os.family" value="Linux"/>
     <param pos="0" name="os.product" value="IMC"/>
-    <param pos="2" name="cisco.serial_number"/>
+    <param pos="2" name="hw.serial_number"/>
     <param pos="1" name="cisco.imc_model"/>
   </fingerprint>
 
   <fingerprint pattern="^CN=C220-(FCH[^,]+),OU=null,O=Cisco Systems Inc">
     <description>Cisco Integrated Management Controller C220</description>
-    <example cisco.serial_number="FCH17999AAA" hw.serial_number="FCH17999AAA">CN=C220-FCH17999AAA,OU=null,O=Cisco Systems Inc.,L=San Jose,ST=California,C=US</example>
+    <example hw.serial_number="FCH17999AAA">CN=C220-FCH17999AAA,OU=null,O=Cisco Systems Inc.,L=San Jose,ST=California,C=US</example>
     <param pos="0" name="hw.device" value="Lights Out Management"/>
     <param pos="0" name="hw.vendor" value="Cisco"/>
     <param pos="0" name="hw.product" value="IMC"/>
-    <param pos="1" name="hw.serial_number"/>
     <param pos="0" name="os.vendor" value="Cisco"/>
     <param pos="0" name="os.family" value="Linux"/>
     <param pos="0" name="os.product" value="IMC"/>
-    <param pos="1" name="cisco.serial_number"/>
+    <param pos="1" name="hw.serial_number"/>
   </fingerprint>
 
   <fingerprint pattern="^CN=avocent.com,OU=AESS,O=Avocent,L=Sunrise,ST=FL,C=US$">
@@ -411,12 +408,11 @@
 
   <fingerprint pattern="^SERIALNUMBER=([a-zA-Z0-9]+),CN=DEVICE-vWLC,O=Cisco Virtual WLC$">
     <description>Cisco vWLC</description>
-    <example cisco.serial_number="9C89M2088D1" hw.serial_number="9C89M2088D1">SERIALNUMBER=9C89M2088D1,CN=DEVICE-vWLC,O=Cisco Virtual WLC</example>
+    <example hw.serial_number="9C89M2088D1">SERIALNUMBER=9C89M2088D1,CN=DEVICE-vWLC,O=Cisco Virtual WLC</example>
     <param pos="0" name="os.vendor" value="Cisco"/>
     <param pos="0" name="os.device" value="Wireless Controller"/>
     <param pos="0" name="os.product" value="Wireless LAN Controller"/>
     <param pos="0" name="os.cpe23" value="cpe:/o:cisco:wireless_lan_controller_software:-"/>
-    <param pos="1" name="cisco.serial_number"/>
     <param pos="1" name="hw.serial_number"/>
   </fingerprint>
 
@@ -508,7 +504,7 @@
 
   <fingerprint pattern="^CN=([a-zA-Z0-9\.\-\_]+),OU=VMware ESX Server Default Certificate,O=VMware\\, Inc,L=Palo Alto,ST=California,C=US$">
     <description>VMware ESX</description>
-    <example>CN=server99.,OU=VMware ESX Server Default Certificate,O=VMware\, Inc,L=Palo Alto,ST=California,C=US</example>
+    <example host.name="server99.">CN=server99.,OU=VMware ESX Server Default Certificate,O=VMware\, Inc,L=Palo Alto,ST=California,C=US</example>
     <param pos="0" name="service.vendor" value="VMware"/>
     <param pos="0" name="os.vendor" value="VMware"/>
     <param pos="0" name="os.family" value="VMware ESX/ESXi"/>
@@ -619,8 +615,8 @@
 
   <fingerprint pattern="^CN=([a-zA-Z0-9]{5,12}) ([a-zA-Z0-9]{12}),OU=(?:Cast|Google TV),O=Google Inc,L=Mountain View,ST=California,C=US$">
     <description>Google Chromecast</description>
-    <example chromecast.serial_number="LVDZG5" host.mac_local="FA8FCA67413D" hw.serial_number="LVDZG5">CN=LVDZG5 FA8FCA67413D,OU=Cast,O=Google Inc,L=Mountain View,ST=California,C=US</example>
-    <example chromecast.serial_number="YRBLE" host.mac_local="FA8FCA7DE87D" hw.serial_number="YRBLE">CN=YRBLE FA8FCA7DE87D,OU=Google TV,O=Google Inc,L=Mountain View,ST=California,C=US</example>
+    <example host.mac_local="FA8FCA67413D" hw.serial_number="LVDZG5">CN=LVDZG5 FA8FCA67413D,OU=Cast,O=Google Inc,L=Mountain View,ST=California,C=US</example>
+    <example host.mac_local="FA8FCA7DE87D" hw.serial_number="YRBLE">CN=YRBLE FA8FCA7DE87D,OU=Google TV,O=Google Inc,L=Mountain View,ST=California,C=US</example>
     <param pos="0" name="os.vendor" value="Google"/>
     <param pos="0" name="os.product" value="Chrome OS"/>
     <param pos="0" name="os.certainty" value="0.5"/>
@@ -628,9 +624,9 @@
     <param pos="0" name="hw.device" value="Media Server"/>
     <param pos="0" name="hw.vendor" value="Google"/>
     <param pos="0" name="hw.product" value="Chromecast"/>
-    <param pos="1" name="hw.serial_number"/>
     <param pos="0" name="hw.certainty" value="0.5"/>
-    <param pos="1" name="chromecast.serial_number"/>
+    <param pos="1" name="hw.serial_number"/>
+    <param pos="0" name="hw.cpe23" value="cpe:/h:google:chromecast:-"/>
     <!-- This is the hotspot-mode MAC address (clear bit 2) -->
 
     <param pos="2" name="host.mac_local"/>
@@ -638,7 +634,7 @@
 
   <fingerprint pattern="^CN=([a-zA-Z0-9]{5,12}) ([a-zA-Z0-9]{12}),OU=Cast TV \(Vizio\),O=Google Inc,L=Mountain View,ST=California,C=US$">
     <description>Vizio SmartTV (Android) with Google Cast</description>
-    <example chromecast.serial_number="9V039WC9" hw.serial_number="9V039WC9" host.mac_local="FA8FCA697898">CN=9V039WC9 FA8FCA697898,OU=Cast TV (Vizio),O=Google Inc,L=Mountain View,ST=California,C=US</example>
+    <example hw.serial_number="9V039WC9" host.mac_local="FA8FCA697898">CN=9V039WC9 FA8FCA697898,OU=Cast TV (Vizio),O=Google Inc,L=Mountain View,ST=California,C=US</example>
     <param pos="0" name="os.vendor" value="Google"/>
     <param pos="0" name="os.family" value="Linux"/>
     <param pos="0" name="os.product" value="Android"/>
@@ -646,7 +642,6 @@
     <param pos="0" name="hw.device" value="Smart TV"/>
     <param pos="0" name="hw.vendor" value="Vizio"/>
     <param pos="1" name="hw.serial_number"/>
-    <param pos="1" name="chromecast.serial_number"/>
     <!-- This is the hotspot-mode MAC address (clear bit 2) -->
 
     <param pos="2" name="host.mac_local"/>
@@ -885,31 +880,29 @@
 
   <fingerprint pattern="^CN=([A-Za-z0-9]+),OU=FortiGate,O=Fortinet,L=Sunnyvale,ST=California,C=US$">
     <description>Fortinet Gateway</description>
-    <example fortinet.serial_number="FG100ETK1800118" hw.serial_number="FG100ETK1800118">CN=FG100ETK1800118,OU=FortiGate,O=Fortinet,L=Sunnyvale,ST=California,C=US</example>
-    <example fortinet.serial_number="FGT30D3X15038375" hw.serial_number="FGT30D3X15038375">CN=FGT30D3X15038375,OU=FortiGate,O=Fortinet,L=Sunnyvale,ST=California,C=US</example>
+    <example hw.serial_number="FG100ETK1800118">CN=FG100ETK1800118,OU=FortiGate,O=Fortinet,L=Sunnyvale,ST=California,C=US</example>
+    <example hw.serial_number="FGT30D3X15038375">CN=FGT30D3X15038375,OU=FortiGate,O=Fortinet,L=Sunnyvale,ST=California,C=US</example>
     <param pos="0" name="hw.vendor" value="Fortinet"/>
     <param pos="0" name="hw.device" value="Firewall"/>
-    <param pos="1" name="hw.serial_number"/>
     <param pos="0" name="os.vendor" value="Fortinet"/>
     <param pos="0" name="os.family" value="Linux"/>
     <param pos="0" name="os.device" value="Firewall"/>
     <param pos="0" name="os.product" value="FortiOS"/>
     <param pos="0" name="os.cpe23" value="cpe:/o:fortinet:fortios:-"/>
-    <param pos="1" name="fortinet.serial_number"/>
+    <param pos="1" name="hw.serial_number"/>
   </fingerprint>
 
   <fingerprint pattern="^CN=([A-Za-z0-9]+),O=Fortinet Ltd\.$">
     <description>Fortinet Gateway (Older)</description>
-    <example fortinet.serial_number="FG100D3G13803999" hw.serial_number="FG100D3G13803999">CN=FG100D3G13803999,O=Fortinet Ltd.</example>
+    <example hw.serial_number="FG100D3G13803999">CN=FG100D3G13803999,O=Fortinet Ltd.</example>
     <param pos="0" name="hw.vendor" value="Fortinet"/>
     <param pos="0" name="hw.device" value="Firewall"/>
-    <param pos="1" name="hw.serial_number"/>
     <param pos="0" name="os.vendor" value="Fortinet"/>
     <param pos="0" name="os.family" value="Linux"/>
     <param pos="0" name="os.device" value="Firewall"/>
     <param pos="0" name="os.product" value="FortiOS"/>
     <param pos="0" name="os.cpe23" value="cpe:/o:fortinet:fortios:-"/>
-    <param pos="1" name="fortinet.serial_number"/>
+    <param pos="1" name="hw.serial_number"/>
   </fingerprint>
 
   <fingerprint pattern="^CN=FortiMail,OU=FortiMail,O=Fortinet,L=Sunnyvale,ST=California,C=US$">
@@ -1139,10 +1132,11 @@
     <param pos="0" name="os.product" value="Linux"/>
   </fingerprint>
 
-  <fingerprint pattern="^CN=MAC([a-fA-F0-9]{12}),OU=([^,]+),O=Mercury Security Products\\, LLC,L=Long Beach,ST=CA,C=US$">
+  <fingerprint pattern="^CN=MAC([a-fA-F0-9]{12}),OU=([^,]+),O=Mercury Security Products\\, LLC,L=Long Beach,ST=CA,C=US(?:,\S+)?$">
     <description>Mercurity Security (now HID Global)</description>
     <example hw.product="M5IC" host.mac="000FE507A1F1">CN=MAC000FE507A1F1,OU=M5IC,O=Mercury Security Products\, LLC,L=Long Beach,ST=CA,C=US</example>
     <example hw.product="EP-1502" host.mac="000FE508BC71">CN=MAC000FE508BC71,OU=EP-1502,O=Mercury Security Products\, LLC,L=Long Beach,ST=CA,C=US</example>
+    <example hw.product="LP-1501" host.mac="000FE5091111">CN=MAC000FE5091111,OU=LP-1501,O=Mercury Security Products\, LLC,L=Long Beach,ST=CA,C=US,2.5.4.4=#111111111111111111</example>
     <param pos="0" name="hw.vendor" value="Mercury Security"/>
     <param pos="0" name="hw.device" value="Access Control"/>
     <param pos="1" name="host.mac"/>
@@ -1242,7 +1236,7 @@
 
   <fingerprint pattern="^CN=Canon (iR-[a-zA-Z0-9\.\-\_]+)$">
     <description>Canon iR-ADV Printer with product info</description>
-    <example os.product="iR-ADV">CN=Canon iR-ADV</example>
+    <example os.product="iR-ADV" hw.product="iR-ADV">CN=Canon iR-ADV</example>
     <param pos="0" name="hw.device" value="Printer"/>
     <param pos="0" name="hw.vendor" value="Canon"/>
     <param pos="0" name="os.device" value="Printer"/>
@@ -1307,20 +1301,28 @@
 
   <fingerprint pattern="^CN=Ruckus Wireless ZoneDirector SN-(\d+),O=Ruckus Wireless\\, Inc\.,ST=CA,C=US$">
     <description>Ruckus Zone Director</description>
-    <example ruckus.serial_number="221301007591" hw.serial_number="221301007591">CN=Ruckus Wireless ZoneDirector SN-221301007591,O=Ruckus Wireless\, Inc.,ST=CA,C=US</example>
+    <example hw.serial_number="221301007591">CN=Ruckus Wireless ZoneDirector SN-221301007591,O=Ruckus Wireless\, Inc.,ST=CA,C=US</example>
     <param pos="0" name="hw.device" value="Wireless Controller"/>
     <param pos="0" name="hw.vendor" value="Ruckus"/>
     <param pos="0" name="hw.product" value="Zone Director"/>
-    <param pos="1" name="hw.serial_number"/>
     <param pos="0" name="os.device" value="Wireless Controller"/>
     <param pos="0" name="os.vendor" value="Ruckus"/>
     <param pos="0" name="os.product" value="Zone Director"/>
-    <param pos="1" name="ruckus.serial_number"/>
+    <param pos="1" name="hw.serial_number"/>
+  </fingerprint>
+
+  <fingerprint pattern="^CN=SN-(\d+),O=Ruckus Wireless Inc.,L=Sunnyvale,ST=California,C=US$">
+    <description>Ruckus Wireless Access Point</description>
+    <example hw.serial_number="010101010101">CN=SN-010101010101,O=Ruckus Wireless Inc.,L=Sunnyvale,ST=California,C=US</example>
+    <param pos="0" name="hw.device" value="WAP"/>
+    <param pos="0" name="hw.vendor" value="Ruckus"/>
+    <param pos="0" name="hw.product" value="Access Point"/>
+    <param pos="1" name="hw.serial_number"/>
   </fingerprint>
 
   <fingerprint pattern="^CN=DT([^\s]+) Series,O=NEC Corporation,ST=Tokyo,C=JP$">
     <description>NEC DT Series IP Phone</description>
-    <example>CN=DT800 Series,O=NEC Corporation,ST=Tokyo,C=JP</example>
+    <example hw.product="800">CN=DT800 Series,O=NEC Corporation,ST=Tokyo,C=JP</example>
     <param pos="0" name="os.vendor" value="NEC"/>
     <param pos="0" name="os.device" value="VoIP"/>
     <param pos="0" name="hw.vendor" value="NEC"/>
@@ -1469,9 +1471,10 @@
     <param pos="0" name="hw.product" value="Sensor"/>
   </fingerprint>
 
-  <fingerprint pattern="^CN=HiveAP,OU=Default,O=Aerohive,ST=California,C=US$">
+  <fingerprint pattern="^CN=HiveAP,OU=Default,O=Aerohive,(?:L=Sunnyvale,)?ST=California,C=US$">
     <description>Aerohive Access Point</description>
     <example>CN=HiveAP,OU=Default,O=Aerohive,ST=California,C=US</example>
+    <example>CN=HiveAP,OU=Default,O=Aerohive,L=Sunnyvale,ST=California,C=US</example>
     <param pos="0" name="hw.vendor" value="Aerohive"/>
     <param pos="0" name="hw.device" value="WAP"/>
     <param pos="0" name="hw.product" value="Access Point"/>
@@ -1654,4 +1657,102 @@
     <param pos="1" name="host.name"/>
   </fingerprint>
 
+  <fingerprint pattern="^CN=Freebox Intermediate CA,O=Freebox,ST=France,C=FR$">
+    <description>Freebox Device</description>
+    <example>CN=Freebox Intermediate CA,O=Freebox,ST=France,C=FR</example>
+    <param pos="0" name="hw.vendor" value="Freebox"/>
+  </fingerprint>
+
+  <fingerprint pattern="^CN=TP-LINK CA,O=TP-LINK Technologies CO.\\, LTD.,L=Shenzhen,ST=Guangdong,C=CN(?:,\S+)?$">
+    <description>TP-LINK Device</description>
+    <example>CN=TP-LINK CA,O=TP-LINK Technologies CO.\, LTD.,L=Shenzhen,ST=Guangdong,C=CN,1.2.840.113549.1.9.1=#0c16736572766963654074702d6c696e6b2e636f6d2e636e</example>
+    <param pos="0" name="hw.vendor" value="TP-LINK"/>
+  </fingerprint>
+
+  <fingerprint pattern="^CN=BHA-([0-9a-fA-F]{12}),O=Bird Home Automation$">
+    <description>Bird Home Automation</description>
+    <example host.mac="0123456789AB">CN=BHA-0123456789AB,O=Bird Home Automation</example>
+    <param pos="0" name="hw.device" value="Device"/>
+    <param pos="0" name="hw.vendor" value="Bird Home Automation"/>
+    <param pos="1" name="host.mac"/>
+  </fingerprint>
+
+  <fingerprint pattern="^CN=\S+,OU=Media Server,O=Avaya Inc\.,C=US">
+    <description>Avaya Media Server</description>
+    <example>CN=192.168.0.3,OU=Media Server,O=Avaya Inc.,C=US</example>
+    <param pos="0" name="os.vendor" value="Avaya"/>
+    <param pos="0" name="os.device" value="Media Gateway"/>
+    <param pos="0" name="os.product" value="Media Server"/>
+  </fingerprint>
+
+  <fingerprint pattern="^CN=iSTAR Ultra">
+    <description>iSTAR Ultra</description>
+    <example>CN=iSTAR Ultra,OU=Access Control and Video Division,O=Johnson Controls,L=Westford,ST=Massachusetts,C=US</example>
+    <param pos="0" name="os.vendor" value="Software House"/>
+    <param pos="0" name="os.family" value="Linux"/>
+    <param pos="0" name="os.product" value="{hw.product} Firmware"/>
+    <param pos="0" name="hw.vendor" value="Software House"/>
+    <param pos="0" name="hw.device" value="Access Control"/>
+    <param pos="0" name="hw.family" value="iSTAR Door Controllers"/>
+    <param pos="0" name="hw.product" value="iSTAR Ultra"/>
+    <param pos="0" name="hw.cpe23" value="cpe:/h:swhouse:istar_ultra:-"/>
+  </fingerprint>
+
+  <fingerprint pattern="^O=SpotteRF - NetworkedIO$">
+    <description>SpotterRF</description>
+    <example>O=SpotteRF - NetworkedIO</example>
+    <param pos="0" name="os.vendor" value="SpotterRF"/>
+    <param pos="0" name="os.family" value="Linux"/>
+    <param pos="0" name="os.certainty" value="0.90"/>
+    <param pos="0" name="hw.vendor" value="SpotterRF"/>
+    <param pos="0" name="hw.device" value="Sensor"/>
+    <param pos="0" name="hw.product" value="Drone Detector"/>
+  </fingerprint>
+
+  <fingerprint pattern="(?i)^CN=.{0,1000}myboschcam.net,O=Bosch Sicherheitssysteme">
+    <description>Bosch AutoDome IP Camera</description>
+    <example>CN=local.myboschcam.net,O=Bosch Sicherheitssysteme GmbH,L=Grasbrunn,ST=Bayern,C=DE</example>
+    <param pos="0" name="hw.vendor" value="Bosch"/>
+    <param pos="0" name="hw.device" value="Web Cam"/>
+    <param pos="0" name="hw.product" value="AutoDome"/>
+    <param pos="0" name="hw.certainty" value="0.50"/>
+  </fingerprint>
+
+  <fingerprint pattern="(?i)CN=(\w+),OU=BWI,O=Redline Communications Inc">
+    <description>Redline Communication Radios</description>
+    <example hw.product="an80i">CN=an80i,OU=BWI,O=Redline Communications Inc.,C=CA</example>
+    <param pos="0" name="hw.vendor" value="Redline"/>
+    <param pos="0" name="hw.device" value="WAP"/>
+    <param pos="1" name="hw.product"/>
+  </fingerprint>
+
+  <fingerprint pattern="(?i)CN=Vaddio Device,O=Vaddio,L=Minnetonka,ST=MN,C=US">
+    <description>Vadio DocCom</description>
+    <example>CN=Vaddio Device,O=Vaddio,L=Minnetonka,ST=MN,C=US</example>
+    <param pos="0" name="hw.vendor" value="Vaddio"/>
+    <param pos="0" name="hw.device" value="Web Cam"/>
+    <param pos="0" name="hw.product" value="DocCam"/>
+    <param pos="0" name="hw.certainty" value="0.50"/>
+  </fingerprint>
+
+  <fingerprint pattern="(?i)CN=.{0,1000},OU=2N IP Intercoms,O=2N Telekomunikace a.s.,L=Prague,ST=Czech Republic,C=CZ">
+    <description>2N IP Intercoms</description>
+    <example>CN=11111111111d,OU=2N IP Intercoms,O=2N Telekomunikace a.s.,L=Prague,ST=Czech Republic,C=CZ</example>
+    <param pos="0" name="hw.vendor" value="2N Telekomunikace"/>
+    <param pos="0" name="hw.device" value="IP Camera"/>
+    <param pos="0" name="hw.certainty" value="0.50"/>
+  </fingerprint>
+
+  <fingerprint pattern="^CN=(.{1,256}),OU=PVE Cluster Node,O=Proxmox Virtual Environment$">
+    <description>Proxmox open-source virtualization platform</description>
+    <example host.name="pve.example.org">CN=pve.example.org,OU=PVE Cluster Node,O=Proxmox Virtual Environment</example>
+    <param pos="1" name="host.name"/>
+    <param pos="0" name="service.vendor" value="Proxmox"/>
+    <param pos="0" name="service.product" value="Virtual Environment"/>
+    <param pos="0" name="service.cpe23" value="cpe:/a:proxmox:virtual_environment:-"/>
+    <param pos="0" name="os.vendor" value="Proxmox"/>
+    <param pos="0" name="os.family" value="Linux"/>
+    <param pos="0" name="os.product" value="Proxmox"/>
+  </fingerprint>
+
 </fingerprints>

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: recog
 version: !ruby/object:Gem::Version
-  version: 2.3.21
+  version: 2.3.22
 platform: ruby
 authors:
 - Rapid7 Research
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2021-08-02 00:00:00.000000000 Z
+date: 2021-12-14 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: rspec
@@ -128,7 +128,9 @@ files:
 - ".github/ISSUE_TEMPLATE/fingerprint_request.md"
 - ".github/PULL_REQUEST_TEMPLATE"
 - ".github/SECURITY.md"
+- ".github/dependabot.yml"
 - ".github/workflows/ci.yml"
+- ".github/workflows/verify.yml"
 - ".gitignore"
 - ".rspec"
 - ".ruby-gemset"
@@ -207,10 +209,12 @@ files:
 - spec/lib/recog/nizer_spec.rb
 - spec/lib/recog/verify_reporter_spec.rb
 - spec/spec_helper.rb
+- tools/dev/hooks/pre-commit
 - update_cpes.py
 - xml/apache_modules.xml
 - xml/apache_os.xml
 - xml/architecture.xml
+- xml/dhcp_vendor_class.xml
 - xml/dns_versionbind.xml
 - xml/favicons.xml
 - xml/fingerprints.xsd
@@ -275,7 +279,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
-rubygems_version: 3.0.8
+rubygems_version: 3.0.3
 signing_key:
 specification_version: 4
 summary: Network service fingerprint database, classes, and utilities