recog 2.3.21 → 3.0.1
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/LICENSE +1 -1
- data/README.md +42 -16
- data/Rakefile +2 -9
- data/lib/recog/db.rb +2 -1
- data/lib/recog/db_manager.rb +1 -1
- data/lib/recog/fingerprint.rb +33 -6
- data/lib/recog/fingerprint_parse_error.rb +10 -0
- data/lib/recog/verifier.rb +9 -9
- data/lib/recog/verify_reporter.rb +17 -6
- data/lib/recog/version.rb +1 -1
- data/{bin → recog/bin}/recog_match +0 -1
- data/{xml → recog/xml}/apache_modules.xml +0 -0
- data/{xml → recog/xml}/apache_os.xml +98 -56
- data/{xml → recog/xml}/architecture.xml +15 -1
- data/recog/xml/dhcp_vendor_class.xml +206 -0
- data/{xml → recog/xml}/dns_versionbind.xml +16 -13
- data/{xml → recog/xml}/favicons.xml +297 -47
- data/{xml → recog/xml}/fingerprints.xsd +9 -1
- data/{xml → recog/xml}/ftp_banners.xml +160 -156
- data/{xml → recog/xml}/h323_callresp.xml +101 -101
- data/{xml → recog/xml}/hp_pjl_id.xml +84 -84
- data/{xml → recog/xml}/html_title.xml +727 -34
- data/{xml → recog/xml}/http_cookies.xml +160 -77
- data/{xml → recog/xml}/http_servers.xml +556 -283
- data/{xml → recog/xml}/http_wwwauth.xml +190 -75
- data/{xml → recog/xml}/imap_banners.xml +5 -5
- data/{xml → recog/xml}/ldap_searchresult.xml +0 -0
- data/{xml → recog/xml}/mdns_device-info_txt.xml +389 -26
- data/{xml → recog/xml}/mdns_workstation_txt.xml +0 -0
- data/{xml → recog/xml}/mysql_banners.xml +1 -1
- data/{xml → recog/xml}/mysql_error.xml +0 -0
- data/{xml → recog/xml}/nntp_banners.xml +11 -8
- data/{xml → recog/xml}/ntp_banners.xml +97 -97
- data/{xml → recog/xml}/operating_system.xml +95 -80
- data/{xml → recog/xml}/pop_banners.xml +23 -23
- data/{xml → recog/xml}/rsh_resp.xml +3 -3
- data/{xml → recog/xml}/rtsp_servers.xml +0 -0
- data/{xml → recog/xml}/sip_banners.xml +43 -5
- data/{xml → recog/xml}/sip_user_agents.xml +175 -27
- data/{xml → recog/xml}/smb_native_lm.xml +5 -5
- data/{xml → recog/xml}/smb_native_os.xml +25 -25
- data/{xml → recog/xml}/smtp_banners.xml +147 -146
- data/{xml → recog/xml}/smtp_debug.xml +0 -0
- data/{xml → recog/xml}/smtp_ehlo.xml +1 -1
- data/{xml → recog/xml}/smtp_expn.xml +0 -0
- data/{xml → recog/xml}/smtp_help.xml +11 -11
- data/{xml → recog/xml}/smtp_mailfrom.xml +0 -0
- data/{xml → recog/xml}/smtp_noop.xml +2 -2
- data/{xml → recog/xml}/smtp_quit.xml +0 -0
- data/{xml → recog/xml}/smtp_rcptto.xml +0 -0
- data/{xml → recog/xml}/smtp_rset.xml +0 -0
- data/{xml → recog/xml}/smtp_turn.xml +0 -0
- data/{xml → recog/xml}/smtp_vrfy.xml +0 -0
- data/{xml → recog/xml}/snmp_sysdescr.xml +1570 -1430
- data/{xml → recog/xml}/snmp_sysobjid.xml +38 -27
- data/{xml → recog/xml}/ssh_banners.xml +16 -10
- data/{xml → recog/xml}/telnet_banners.xml +238 -21
- data/{xml → recog/xml}/tls_jarm.xml +56 -6
- data/{xml → recog/xml}/x11_banners.xml +3 -3
- data/{xml → recog/xml}/x509_issuers.xml +49 -1
- data/{xml → recog/xml}/x509_subjects.xml +139 -38
- data/recog.gemspec +9 -5
- data/spec/data/external_example_fingerprint/hp_printer_ex_01.txt +1 -0
- data/spec/data/external_example_fingerprint/hp_printer_ex_02.txt +1 -0
- data/spec/data/external_example_fingerprint.xml +8 -0
- data/spec/data/external_example_illegal_path_fingerprint.xml +7 -0
- data/spec/lib/recog/db_spec.rb +84 -61
- data/spec/lib/recog/fingerprint_spec.rb +4 -4
- data/spec/lib/recog/verify_reporter_spec.rb +73 -4
- data/spec/spec_helper.rb +4 -0
- metadata +65 -134
- data/.github/ISSUE_TEMPLATE/bug_report.md +0 -37
- data/.github/ISSUE_TEMPLATE/feature_request.md +0 -17
- data/.github/ISSUE_TEMPLATE/fingerprint_request.md +0 -27
- data/.github/PULL_REQUEST_TEMPLATE +0 -24
- data/.github/SECURITY.md +0 -35
- data/.github/workflows/ci.yml +0 -26
- data/.gitignore +0 -23
- data/.rspec +0 -3
- data/.ruby-gemset +0 -1
- data/.ruby-version +0 -1
- data/.snyk +0 -10
- data/.travis.yml +0 -25
- data/CONTRIBUTING.md +0 -270
- data/bin/recog_cleanup +0 -16
- data/bin/recog_export +0 -81
- data/bin/recog_standardize +0 -148
- data/bin/recog_verify +0 -64
- data/cpe-remap.yaml +0 -343
- data/features/data/failing_banners_fingerprints.xml +0 -20
- data/features/data/matching_banners_fingerprints.xml +0 -23
- data/features/data/multiple_banners_fingerprints.xml +0 -32
- data/features/data/no_tests.xml +0 -3
- data/features/data/sample_banner.txt +0 -2
- data/features/data/successful_tests.xml +0 -18
- data/features/data/tests_with_failures.xml +0 -20
- data/features/data/tests_with_warnings.xml +0 -17
- data/features/match.feature +0 -36
- data/features/support/aruba.rb +0 -3
- data/features/support/env.rb +0 -6
- data/features/verify.feature +0 -48
- data/identifiers/README.md +0 -70
- data/identifiers/fields.txt +0 -104
- data/identifiers/hw_device.txt +0 -78
- data/identifiers/hw_family.txt +0 -113
- data/identifiers/hw_product.txt +0 -410
- data/identifiers/os_architecture.txt +0 -10
- data/identifiers/os_device.txt +0 -75
- data/identifiers/os_family.txt +0 -233
- data/identifiers/os_product.txt +0 -340
- data/identifiers/service_family.txt +0 -249
- data/identifiers/service_product.txt +0 -752
- data/identifiers/vendor.txt +0 -798
- data/lib/recog/verifier_factory.rb +0 -13
- data/misc/convert_mysql_err +0 -61
- data/misc/order.xsl +0 -17
- data/requirements.txt +0 -2
- data/spec/lib/fingerprint_self_test_spec.rb +0 -174
- data/update_cpes.py +0 -250
|
@@ -4,7 +4,7 @@
|
|
|
4
4
|
NTP "banners", taken from a readvar response
|
|
5
5
|
-->
|
|
6
6
|
|
|
7
|
-
<fingerprint pattern="
|
|
7
|
+
<fingerprint pattern="version=Domain Time II (\S+),hostname=([^,]+),.*system=Win2003.*,processor=(\S+)" flags="REG_DOT_NEWLINE,REG_ICASE">
|
|
8
8
|
<description>Greyware Automation Products, Inc. Domain Time II on Windows Server 2003</description>
|
|
9
9
|
<example service.version="5.1.b.20100331R" os.arch="x64" host.name="blah">
|
|
10
10
|
version=Domain Time II 5.1.b.20100331R,hostname=blah,domain=,flat=WORKGROUP,system=Win2003 x64,processor=x64
|
|
@@ -23,7 +23,7 @@
|
|
|
23
23
|
<param pos="0" name="os.cpe23" value="cpe:/o:microsoft:windows_server_2003:-"/>
|
|
24
24
|
</fingerprint>
|
|
25
25
|
|
|
26
|
-
<fingerprint pattern="
|
|
26
|
+
<fingerprint pattern="version=Domain Time II (\S+),hostname=([^,]+),.*system=Win2008R2.*,processor=(\S+)" flags="REG_DOT_NEWLINE,REG_ICASE">
|
|
27
27
|
<description>Greyware Automation Products, Inc. Domain Time II on Windows Server 2008 R2</description>
|
|
28
28
|
<example service.version="5.2.b.20120215R" os.arch="x64" host.name="blah">
|
|
29
29
|
version=Domain Time II 5.2.b.20120215R,hostname=blah,domain=blah,flat=blah,system=Win2008R2 x64,processor=x64
|
|
@@ -39,7 +39,7 @@
|
|
|
39
39
|
<param pos="0" name="os.cpe23" value="cpe:/o:microsoft:windows_server_2008:-"/>
|
|
40
40
|
</fingerprint>
|
|
41
41
|
|
|
42
|
-
<fingerprint pattern="
|
|
42
|
+
<fingerprint pattern="version=Domain Time II (\S+),hostname=([^,]+),.*system=Win2008.*,processor=(\S+)" flags="REG_DOT_NEWLINE,REG_ICASE">
|
|
43
43
|
<description>Greyware Automation Products, Inc. Domain Time II on Windows 2008</description>
|
|
44
44
|
<example service.version="5.2.b.20140303R" os.arch="x86" host.name="blah">
|
|
45
45
|
version=Domain Time II 5.2.b.20140303R,hostname=blah,domain=blah,flat=blah,system=Win2008,processor=x86
|
|
@@ -58,7 +58,7 @@
|
|
|
58
58
|
<param pos="0" name="os.cpe23" value="cpe:/o:microsoft:windows_server_2008:-"/>
|
|
59
59
|
</fingerprint>
|
|
60
60
|
|
|
61
|
-
<fingerprint pattern="
|
|
61
|
+
<fingerprint pattern="version=Domain Time II (\S+),hostname=([^,]+),.*system=Win2012.*,processor=(\S+)" flags="REG_DOT_NEWLINE,REG_ICASE">
|
|
62
62
|
<description>Greyware Automation Products, Inc. Domain Time II on Windows Server 2012</description>
|
|
63
63
|
<example service.version="5.2.b.20140101R" os.arch="x64" host.name="blah">
|
|
64
64
|
version=Domain Time II 5.2.b.20140101R,hostname=blah,domain=blah,flat=blah,system=Win2012 x64,processor=x64
|
|
@@ -74,7 +74,7 @@
|
|
|
74
74
|
<param pos="0" name="os.cpe23" value="cpe:/o:microsoft:windows_server_2012:-"/>
|
|
75
75
|
</fingerprint>
|
|
76
76
|
|
|
77
|
-
<fingerprint pattern="
|
|
77
|
+
<fingerprint pattern="version=Domain Time II (\S+),hostname=([^,]+),.*system=Win7.*,processor=(\S+)" flags="REG_DOT_NEWLINE,REG_ICASE">
|
|
78
78
|
<description>Greyware Automation Products, Inc. Domain Time II on Windows 7</description>
|
|
79
79
|
<example service.version="5.2.b.20130405R" os.arch="x64" host.name="blah">
|
|
80
80
|
version=Domain Time II 5.2.b.20130405R,hostname=blah,domain=,flat=WORKGROUP,system=Win7 x64,processor=x64
|
|
@@ -90,9 +90,9 @@
|
|
|
90
90
|
<param pos="0" name="os.cpe23" value="cpe:/o:microsoft:windows_7:-"/>
|
|
91
91
|
</fingerprint>
|
|
92
92
|
|
|
93
|
-
<fingerprint pattern="
|
|
93
|
+
<fingerprint pattern="version="ntpd (\S+)[^"]+",.*system="Equallogic \(R\) storage array"" flags="REG_DOT_NEWLINE,REG_ICASE">
|
|
94
94
|
<description>ntpd running on an EqualLogic Storage Array that includes the NTP version</description>
|
|
95
|
-
<example>
|
|
95
|
+
<example service.version="4.2.0-r">
|
|
96
96
|
version="ntpd 4.2.0-r Fri Feb 5 15:18:30 EST 2010 (1)",
|
|
97
97
|
processor="Working", system="EqualLogic (R) storage array", leap=0,
|
|
98
98
|
stratum=3, precision=-7, rootdelay=102.894, rootdispersion=245.154,
|
|
@@ -107,7 +107,7 @@
|
|
|
107
107
|
<param pos="0" name="os.product" value="Storage Array"/>
|
|
108
108
|
</fingerprint>
|
|
109
109
|
|
|
110
|
-
<fingerprint pattern="
|
|
110
|
+
<fingerprint pattern="system="Equallogic \(R\) storage array"" flags="REG_DOT_NEWLINE,REG_ICASE">
|
|
111
111
|
<description>ntpd running on an EqualLogic Storage Array that does not include the NTP version</description>
|
|
112
112
|
<example>
|
|
113
113
|
processor="Working", system="Equallogic (R) storage array", leap=3,
|
|
@@ -120,7 +120,7 @@
|
|
|
120
120
|
<param pos="0" name="os.product" value="Storage Array"/>
|
|
121
121
|
</fingerprint>
|
|
122
122
|
|
|
123
|
-
<fingerprint pattern="
|
|
123
|
+
<fingerprint pattern="version="ntpd ([^ ]+)[^"]+",.*processor="([^ ]+)",.*system="Linux/(?:[^ ]+\.ESX)"" flags="REG_DOT_NEWLINE,REG_ICASE">
|
|
124
124
|
<description>ntpd running on VMware ESX</description>
|
|
125
125
|
<example service.version="4.2.2p1@1.1570-o" os.arch="x86_64">
|
|
126
126
|
version="ntpd 4.2.2p1@1.1570-o Thu Nov 26 11:34:34 UTC 2009 (1)",
|
|
@@ -138,9 +138,9 @@
|
|
|
138
138
|
<param pos="0" name="hw.device" value="Hypervisor"/>
|
|
139
139
|
</fingerprint>
|
|
140
140
|
|
|
141
|
-
<fingerprint pattern="
|
|
141
|
+
<fingerprint pattern="version="ntpd ([^ ]+)[^"]+",.*processor="([^ ]+)",.*system="Linux/?([^ ]+)"" flags="REG_DOT_NEWLINE,REG_ICASE">
|
|
142
142
|
<description>ntpd running on Linux</description>
|
|
143
|
-
<example>
|
|
143
|
+
<example service.version="4.2.4p3@1.1502-o" os.arch="i686" os.version="2.4.29">
|
|
144
144
|
version="ntpd 4.2.4p3@1.1502-o Wed Jul 18 11:45:01 UTC 2007 (1)",
|
|
145
145
|
processor="i686", system="Linux/2.4.29", leap=00, stratum=3,
|
|
146
146
|
</example>
|
|
@@ -155,9 +155,9 @@
|
|
|
155
155
|
<param pos="0" name="os.cpe23" value="cpe:/o:linux:linux_kernel:{os.version}"/>
|
|
156
156
|
</fingerprint>
|
|
157
157
|
|
|
158
|
-
<fingerprint pattern="
|
|
158
|
+
<fingerprint pattern="version="ntpd ([^ ]+)[^"]+",.*processor="([^"]+)",.*system="Darwin/?6\.([^"]+)"" flags="REG_DOT_NEWLINE,REG_ICASE">
|
|
159
159
|
<description>ntpd running on Mac OSX 10.2/Jaguar</description>
|
|
160
|
-
<example service.version="4.1.1@1.786" os.version.version="8">
|
|
160
|
+
<example service.version="4.1.1@1.786" os.version.version="8" os.arch="Power Macintosh">
|
|
161
161
|
version="ntpd 4.1.1@1.786 Tue Nov 12 09:30:41 PST 2002 (1)", processor="Power Macintosh", system="Darwin6.8",
|
|
162
162
|
</example>
|
|
163
163
|
<param pos="0" name="service.family" value="NTP"/>
|
|
@@ -173,7 +173,7 @@
|
|
|
173
173
|
<param pos="0" name="os.cpe23" value="cpe:/o:apple:mac_os_x:10.2"/>
|
|
174
174
|
</fingerprint>
|
|
175
175
|
|
|
176
|
-
<fingerprint pattern="
|
|
176
|
+
<fingerprint pattern="version="ntpd ([^ ]+)[^"]+",.*processor="([^"]+)",.*system="Darwin/?7\.([^"]+)"" flags="REG_DOT_NEWLINE,REG_ICASE">
|
|
177
177
|
<description>ntpd running on Mac OSX 10.3/Panther</description>
|
|
178
178
|
<param pos="0" name="service.family" value="NTP"/>
|
|
179
179
|
<param pos="0" name="service.product" value="NTP"/>
|
|
@@ -188,9 +188,9 @@
|
|
|
188
188
|
<param pos="0" name="os.cpe23" value="cpe:/o:apple:mac_os_x:10.3"/>
|
|
189
189
|
</fingerprint>
|
|
190
190
|
|
|
191
|
-
<fingerprint pattern="
|
|
191
|
+
<fingerprint pattern="version="ntpd ([^ ]+)[^"]+",.*processor="([^"]+)",.*system="Darwin/?8\.([^"]+)"" flags="REG_DOT_NEWLINE,REG_ICASE">
|
|
192
192
|
<description>ntpd running on Mac OSX 10.4/Tiger</description>
|
|
193
|
-
<example>
|
|
193
|
+
<example service.version="4.2.0@1.1161-r" os.arch="i386" os.version.version="11.1">
|
|
194
194
|
version="ntpd 4.2.0@1.1161-r Fri Jan 13 11:36:23 PST 2006 (1)",
|
|
195
195
|
processor="i386", system="Darwin/8.11.1", leap=11, stratum=16,
|
|
196
196
|
</example>
|
|
@@ -207,9 +207,9 @@
|
|
|
207
207
|
<param pos="0" name="os.cpe23" value="cpe:/o:apple:mac_os_x:10.4"/>
|
|
208
208
|
</fingerprint>
|
|
209
209
|
|
|
210
|
-
<fingerprint pattern="
|
|
210
|
+
<fingerprint pattern="version="ntpd ([^ ]+)[^"]+",.*processor="([^"]+)",.*system="Darwin/?9\.([^"]+)"" flags="REG_DOT_NEWLINE,REG_ICASE">
|
|
211
211
|
<description>ntpd running on Mac OSX 10.5/Leopard</description>
|
|
212
|
-
<example>
|
|
212
|
+
<example service.version="4.2.2@1.1532-o" os.arch="Power Macintosh" os.version.version="0.0">
|
|
213
213
|
version="ntpd 4.2.2@1.1532-o Mon Sep 24 01:42:27 UTC 2007 (1)",
|
|
214
214
|
processor="Power Macintosh", system="Darwin/9.0.0", leap=3, stratum=16,
|
|
215
215
|
</example>
|
|
@@ -226,9 +226,9 @@
|
|
|
226
226
|
<param pos="0" name="os.cpe23" value="cpe:/o:apple:mac_os_x:10.5"/>
|
|
227
227
|
</fingerprint>
|
|
228
228
|
|
|
229
|
-
<fingerprint pattern="
|
|
229
|
+
<fingerprint pattern="version="ntpd ([^ ]+)[^"]+",.*processor="([^"]+)",.*system="Darwin/?10\.([^"]+)"" flags="REG_DOT_NEWLINE,REG_ICASE">
|
|
230
230
|
<description>ntpd running on Mac OSX 10.6/Snow Leopard</description>
|
|
231
|
-
<example>
|
|
231
|
+
<example service.version="4.2.4p4@1.1520-o" os.arch="i386" os.version.version="8.0">
|
|
232
232
|
version="ntpd 4.2.4p4@1.1520-o Mon May 18 19:38:25 UTC 2009 (1)",
|
|
233
233
|
processor="i386", system="Darwin/10.8.0", leap=0, stratum=3,
|
|
234
234
|
</example>
|
|
@@ -245,7 +245,7 @@
|
|
|
245
245
|
<param pos="0" name="os.cpe23" value="cpe:/o:apple:mac_os_x:10.6"/>
|
|
246
246
|
</fingerprint>
|
|
247
247
|
|
|
248
|
-
<fingerprint pattern="
|
|
248
|
+
<fingerprint pattern="processor="([^"]+)".*system="BSD/OS([\d.]+)"" flags="REG_DOT_NEWLINE,REG_ICASE">
|
|
249
249
|
<description>BSD/OS with a version and arch</description>
|
|
250
250
|
<example os.arch="i386" os.version="4.3.1">
|
|
251
251
|
processor="i386", system="BSD/OS4.3.1", leap=0, stratum=2
|
|
@@ -256,7 +256,7 @@
|
|
|
256
256
|
<param pos="2" name="os.version"/>
|
|
257
257
|
</fingerprint>
|
|
258
258
|
|
|
259
|
-
<fingerprint pattern="
|
|
259
|
+
<fingerprint pattern="system="BSD/OS"" flags="REG_DOT_NEWLINE,REG_ICASE">
|
|
260
260
|
<description>BSD/OS without a version or arch</description>
|
|
261
261
|
<example>
|
|
262
262
|
system="BSD/OS", leap=3, stratum=16, rootdelay=0.00
|
|
@@ -265,9 +265,9 @@
|
|
|
265
265
|
<param pos="0" name="os.product" value="BSD/OS"/>
|
|
266
266
|
</fingerprint>
|
|
267
267
|
|
|
268
|
-
<fingerprint pattern="
|
|
268
|
+
<fingerprint pattern="version="ntpd ([^ ]+)[^"]+",.*processor="([^"]+)",.*system="Darwin/?11\.([^"]+)"" flags="REG_DOT_NEWLINE,REG_ICASE">
|
|
269
269
|
<description>ntpd running on Mac OSX 10.7/Lion</description>
|
|
270
|
-
<example>
|
|
270
|
+
<example service.version="4.2.6@1.2089-o" os.arch="x86_64" os.version.version="2.0">
|
|
271
271
|
version="ntpd 4.2.6@1.2089-o Fri May 28 01:20:53 UTC 2010 (1)",
|
|
272
272
|
processor="x86_64", system="Darwin/11.2.0", leap=11, stratum=16,
|
|
273
273
|
</example>
|
|
@@ -284,7 +284,7 @@
|
|
|
284
284
|
<param pos="0" name="os.cpe23" value="cpe:/o:apple:mac_os_x:10.7"/>
|
|
285
285
|
</fingerprint>
|
|
286
286
|
|
|
287
|
-
<fingerprint pattern="
|
|
287
|
+
<fingerprint pattern="version="ntpd ([^ ]+)[^"]+",.*processor="([^"]+)",.*system="Darwin/?12\.([^"]+)"" flags="REG_DOT_NEWLINE,REG_ICASE">
|
|
288
288
|
<description>ntpd running on Mac OSX 10.8/Mountain Lion</description>
|
|
289
289
|
<example service.version="4.2.6@1.2089-o" os.arch="x86_64" os.version.version="1.0">
|
|
290
290
|
version="ntpd 4.2.6@1.2089-o Fri May 28 01:20:53 UTC 2010 (1)",
|
|
@@ -303,7 +303,7 @@
|
|
|
303
303
|
<param pos="0" name="os.cpe23" value="cpe:/o:apple:mac_os_x:10.8"/>
|
|
304
304
|
</fingerprint>
|
|
305
305
|
|
|
306
|
-
<fingerprint pattern="
|
|
306
|
+
<fingerprint pattern="version="ntpd ([^ ]+)[^"]+",.*processor="([^"]+)",.*system="Darwin/?13\.([^"]+)"" flags="REG_DOT_NEWLINE,REG_ICASE">
|
|
307
307
|
<description>ntpd running on Mac OSX 10.9/Mavericks</description>
|
|
308
308
|
<example service.version="4.2.6@1.2089-o" os.arch="x86_64" os.version.version="4.0">
|
|
309
309
|
version="ntpd 4.2.6@1.2089-o Fri May 28 01:20:53 UTC 2010 (1)",
|
|
@@ -322,7 +322,7 @@
|
|
|
322
322
|
<param pos="0" name="os.cpe23" value="cpe:/o:apple:mac_os_x:10.9"/>
|
|
323
323
|
</fingerprint>
|
|
324
324
|
|
|
325
|
-
<fingerprint pattern="
|
|
325
|
+
<fingerprint pattern="version="ntpd ([^ ]+)[^"]+",.*processor="([^"]+)",.*system="Darwin/?14\.([^"]+)"" flags="REG_DOT_NEWLINE,REG_ICASE">
|
|
326
326
|
<description>ntpd running on Mac OSX 10.10/Yosemite</description>
|
|
327
327
|
<example service.version="4.2.6@1.2089-o" os.arch="x86_64" os.version.version="3.0">
|
|
328
328
|
version="ntpd 4.2.6@1.2089-o Fri May 28 01:20:53 UTC 2010 (1)",
|
|
@@ -341,7 +341,7 @@
|
|
|
341
341
|
<param pos="0" name="os.cpe23" value="cpe:/o:apple:mac_os_x:10.10"/>
|
|
342
342
|
</fingerprint>
|
|
343
343
|
|
|
344
|
-
<fingerprint pattern="
|
|
344
|
+
<fingerprint pattern="version="ntpd ([^ p]+)(p[^ "]+)?[^"]+",.*processor="([^ ]+)",.*system="FreeBSD/?(?:[^ ]+-NETSCALER-([^ ]+))"" flags="REG_DOT_NEWLINE,REG_ICASE">
|
|
345
345
|
<description>ntpd running on Citrix Netscaler, which is based on FreeBSD</description>
|
|
346
346
|
<example service.version="4.2.6" service.version.version="p2@1.2194" os.arch="i386" os.version="9.3">
|
|
347
347
|
version="ntpd 4.2.6p2@1.2194 Wed Nov 24 15:54:11 UTC 2010 (1)",
|
|
@@ -365,9 +365,9 @@
|
|
|
365
365
|
<param pos="0" name="os.cpe23" value="cpe:/o:citrix:netscaler_firmware:{os.version}"/>
|
|
366
366
|
</fingerprint>
|
|
367
367
|
|
|
368
|
-
<fingerprint pattern="
|
|
368
|
+
<fingerprint pattern="version="ntpd ([^ ]+)[^"]+",.*processor="([^ ]+)",.*system="FreeBSD/?([^ ]+)"" flags="REG_DOT_NEWLINE,REG_ICASE">
|
|
369
369
|
<description>ntpd running on FreeBSD</description>
|
|
370
|
-
<example>
|
|
370
|
+
<example service.version="4.2.6p2@1.2194" os.arch="i386" os.version="7.4-PRERELEASE">
|
|
371
371
|
version="ntpd 4.2.6p2@1.2194 Wed Nov 24 15:54:11 UTC 2010 (1)",
|
|
372
372
|
processor="i386", system="FreeBSD/7.4-PRERELEASE", leap=00, stratum=3,
|
|
373
373
|
</example>
|
|
@@ -382,7 +382,7 @@
|
|
|
382
382
|
<param pos="0" name="os.cpe23" value="cpe:/o:freebsd:freebsd:{os.version}"/>
|
|
383
383
|
</fingerprint>
|
|
384
384
|
|
|
385
|
-
<fingerprint pattern="
|
|
385
|
+
<fingerprint pattern="processor="([^ ]+)",.*system="FreeBSD/?([^ ]+)"" flags="REG_DOT_NEWLINE,REG_ICASE">
|
|
386
386
|
<description>ntp without a version on FreeBSD</description>
|
|
387
387
|
<example os.arch="i386" os.version="4.1-RELEASE">
|
|
388
388
|
processor="i386", system="FreeBSD4.1-RELEASE"
|
|
@@ -398,9 +398,9 @@
|
|
|
398
398
|
<param pos="0" name="os.cpe23" value="cpe:/o:freebsd:freebsd:{os.version}"/>
|
|
399
399
|
</fingerprint>
|
|
400
400
|
|
|
401
|
-
<fingerprint pattern="
|
|
401
|
+
<fingerprint pattern="version="ntpd ([^ ]+)[^"]+",.*processor="([^ ]+)",.*system="NetBSD/?([^ ]+)"" flags="REG_DOT_NEWLINE,REG_ICASE">
|
|
402
402
|
<description>ntpd running on NetBSD</description>
|
|
403
|
-
<example>
|
|
403
|
+
<example service.version="4.2.4p6-o" os.arch="sparc64" os.version="5.0_STABLE">
|
|
404
404
|
version="ntpd 4.2.4p6-o Thu Jan 8 21:02:40 MET 2009 (import)",
|
|
405
405
|
processor="sparc64", system="NetBSD/5.0_STABLE", leap=00, stratum=1,
|
|
406
406
|
</example>
|
|
@@ -415,39 +415,39 @@
|
|
|
415
415
|
<param pos="0" name="os.cpe23" value="cpe:/o:netbsd:netbsd:{os.version}"/>
|
|
416
416
|
</fingerprint>
|
|
417
417
|
|
|
418
|
-
<fingerprint pattern="
|
|
418
|
+
<fingerprint pattern="processor="([^ ]+)",.*system="NetBSD/?([^ ]+)"" flags="REG_DOT_NEWLINE,REG_ICASE">
|
|
419
419
|
<description>ntpd running on NetBSD - variant 2</description>
|
|
420
420
|
<example os.arch="i386" os.version="1.5.3">
|
|
421
421
|
processor="i386", system="NetBSD1.5.3"
|
|
422
422
|
</example>
|
|
423
|
-
<example>
|
|
423
|
+
<example os.arch="i386" os.version="1.6">
|
|
424
424
|
processor="i386", system="NetBSD1.6"
|
|
425
425
|
</example>
|
|
426
|
-
<example>
|
|
426
|
+
<example os.arch="i386" os.version="1.6.1">
|
|
427
427
|
processor="i386", system="NetBSD1.6.1"
|
|
428
428
|
</example>
|
|
429
|
-
<example>
|
|
429
|
+
<example os.arch="i386" os.version="1.6.2_STABLE">
|
|
430
430
|
processor="i386", system="NetBSD1.6.2_STABLE"
|
|
431
431
|
</example>
|
|
432
|
-
<example>
|
|
432
|
+
<example os.arch="sbmips" os.version="3.0">
|
|
433
433
|
processor="sbmips", system="NetBSD3.0"
|
|
434
434
|
</example>
|
|
435
|
-
<example>
|
|
435
|
+
<example os.arch="se100" os.version="1.5.3">
|
|
436
436
|
processor="se100", system="NetBSD1.5.3"
|
|
437
437
|
</example>
|
|
438
|
-
<example>
|
|
438
|
+
<example os.arch="seil3" os.version="1.6.1_STABLE">
|
|
439
439
|
processor="seil3", system="NetBSD1.6.1_STABLE"
|
|
440
440
|
</example>
|
|
441
|
-
<example>
|
|
441
|
+
<example os.arch="seil3" os.version="1.6.2_STABLE">
|
|
442
442
|
processor="seil3", system="NetBSD1.6.2_STABLE"
|
|
443
443
|
</example>
|
|
444
|
-
<example>
|
|
444
|
+
<example os.arch="seil4" os.version="1.6.1_STABLE">
|
|
445
445
|
processor="seil4", system="NetBSD1.6.1_STABLE"
|
|
446
446
|
</example>
|
|
447
|
-
<example>
|
|
447
|
+
<example os.arch="seil4" os.version="1.6.2_STABLE">
|
|
448
448
|
processor="seil4", system="NetBSD1.6.2_STABLE"
|
|
449
449
|
</example>
|
|
450
|
-
<example>
|
|
450
|
+
<example os.arch="siara2k" os.version="1.5.3">
|
|
451
451
|
processor="siara2k", system="NetBSD1.5.3"
|
|
452
452
|
</example>
|
|
453
453
|
<param pos="0" name="os.vendor" value="NetBSD"/>
|
|
@@ -458,7 +458,7 @@
|
|
|
458
458
|
<param pos="0" name="os.cpe23" value="cpe:/o:netbsd:netbsd:{os.version}"/>
|
|
459
459
|
</fingerprint>
|
|
460
460
|
|
|
461
|
-
<fingerprint pattern="
|
|
461
|
+
<fingerprint pattern="system="NetWare"" flags="REG_DOT_NEWLINE,REG_ICASE">
|
|
462
462
|
<description>NetWare</description>
|
|
463
463
|
<example>
|
|
464
464
|
system="NetWare", leap=0, stratum=2, rootdelay=0.12
|
|
@@ -469,7 +469,7 @@
|
|
|
469
469
|
<param pos="0" name="os.cpe23" value="cpe:/o:novell:netware:-"/>
|
|
470
470
|
</fingerprint>
|
|
471
471
|
|
|
472
|
-
<fingerprint pattern="
|
|
472
|
+
<fingerprint pattern="version="ntpd ([^ ]+)[^"]+",.*processor="([^ ]+)",.*system="SunOS/?5.0"" flags="REG_DOT_NEWLINE,REG_ICASE">
|
|
473
473
|
<description>ntpd running on Solaris 2.0 (SunOS/5.0) </description>
|
|
474
474
|
<example service.version="4.2.0@1.1161-r" os.arch="sun4u">
|
|
475
475
|
version="ntpd 4.2.0@1.1161-r Wed Apr 20 11:28:05 EDT 2005 (1)",
|
|
@@ -490,7 +490,7 @@
|
|
|
490
490
|
<param pos="0" name="os.cpe23" value="cpe:/o:sun:solaris:2.0"/>
|
|
491
491
|
</fingerprint>
|
|
492
492
|
|
|
493
|
-
<fingerprint pattern="
|
|
493
|
+
<fingerprint pattern="version="ntpd ([^ ]+)[^"]+",.*processor="([^ ]+)",.*system="SunOS/?5.1"" flags="REG_DOT_NEWLINE,REG_ICASE">
|
|
494
494
|
<description> ntpd running on Solaris 2.1 (SunOS/5.1) </description>
|
|
495
495
|
<example service.version="4.2.0@1.1161-r" os.arch="sun4u">
|
|
496
496
|
version="ntpd 4.2.0@1.1161-r Wed Apr 20 11:28:05 EDT 2005 (1)",
|
|
@@ -511,7 +511,7 @@
|
|
|
511
511
|
<param pos="0" name="os.cpe23" value="cpe:/o:sun:solaris:2.1"/>
|
|
512
512
|
</fingerprint>
|
|
513
513
|
|
|
514
|
-
<fingerprint pattern="
|
|
514
|
+
<fingerprint pattern="version="ntpd ([^ ]+)[^"]+",.*processor="([^ ]+)",.*system="SunOS/?5.2"" flags="REG_DOT_NEWLINE,REG_ICASE">
|
|
515
515
|
<description> ntpd running on Solaris 2.2 (SunOS/5.2) </description>
|
|
516
516
|
<example service.version="4.2.0@1.1161-r" os.arch="sun4u">
|
|
517
517
|
version="ntpd 4.2.0@1.1161-r Wed Apr 20 11:28:05 EDT 2005 (1)",
|
|
@@ -532,7 +532,7 @@
|
|
|
532
532
|
<param pos="0" name="os.cpe23" value="cpe:/o:sun:solaris:2.2"/>
|
|
533
533
|
</fingerprint>
|
|
534
534
|
|
|
535
|
-
<fingerprint pattern="
|
|
535
|
+
<fingerprint pattern="version="ntpd ([^ ]+)[^"]+",.*processor="([^ ]+)",.*system="SunOS/?5.3"" flags="REG_DOT_NEWLINE,REG_ICASE">
|
|
536
536
|
<description> ntpd running on Solaris 2.3 (SunOS/5.3) </description>
|
|
537
537
|
<example service.version="4.2.0@1.1161-r" os.arch="sun4u">
|
|
538
538
|
version="ntpd 4.2.0@1.1161-r Wed Apr 20 11:28:05 EDT 2005 (1)",
|
|
@@ -553,7 +553,7 @@
|
|
|
553
553
|
<param pos="0" name="os.cpe23" value="cpe:/o:sun:solaris:2.3"/>
|
|
554
554
|
</fingerprint>
|
|
555
555
|
|
|
556
|
-
<fingerprint pattern="
|
|
556
|
+
<fingerprint pattern="version="ntpd ([^ ]+)[^"]+",.*processor="([^ ]+)",.*system="SunOS/?5.4"" flags="REG_DOT_NEWLINE,REG_ICASE">
|
|
557
557
|
<description>ntpd running on Solaris 2.4 (SunOS/5.4) </description>
|
|
558
558
|
<example service.version="4.2.0@1.1161-r" os.arch="sun4u">
|
|
559
559
|
version="ntpd 4.2.0@1.1161-r Wed Apr 20 11:28:05 EDT 2005 (1)",
|
|
@@ -574,7 +574,7 @@
|
|
|
574
574
|
<param pos="0" name="os.cpe23" value="cpe:/o:sun:solaris:2.4"/>
|
|
575
575
|
</fingerprint>
|
|
576
576
|
|
|
577
|
-
<fingerprint pattern="
|
|
577
|
+
<fingerprint pattern="version="ntpd ([^ ]+)[^"]+",.*processor="([^ ]+)",.*system="SunOS/?5.5"" flags="REG_DOT_NEWLINE,REG_ICASE">
|
|
578
578
|
<description>ntpd running on Solaris 2.5 (SunOS/5.5) </description>
|
|
579
579
|
<example service.version="4.2.0@1.1161-r" os.arch="sun4u">
|
|
580
580
|
version="ntpd 4.2.0@1.1161-r Wed Apr 20 11:28:05 EDT 2005 (1)",
|
|
@@ -595,7 +595,7 @@
|
|
|
595
595
|
<param pos="0" name="os.cpe23" value="cpe:/o:sun:solaris:2.5"/>
|
|
596
596
|
</fingerprint>
|
|
597
597
|
|
|
598
|
-
<fingerprint pattern="
|
|
598
|
+
<fingerprint pattern="version="ntpd ([^ ]+)[^"]+",.*processor="([^ ]+)",.*system="SunOS/?5.6"" flags="REG_DOT_NEWLINE,REG_ICASE">
|
|
599
599
|
<description>ntpd running on Solaris 2.6 (SunOS/5.6) </description>
|
|
600
600
|
<example service.version="4.2.0@1.1161-r" os.arch="sun4u">
|
|
601
601
|
version="ntpd 4.2.0@1.1161-r Wed Apr 20 11:28:05 EDT 2005 (1)",
|
|
@@ -616,7 +616,7 @@
|
|
|
616
616
|
<param pos="0" name="os.cpe23" value="cpe:/o:sun:solaris:2.6"/>
|
|
617
617
|
</fingerprint>
|
|
618
618
|
|
|
619
|
-
<fingerprint pattern="
|
|
619
|
+
<fingerprint pattern="version="ntpd ([^ ]+)[^"]+",.*processor="([^ ]+)",.*system="SunOS/?5.(1[1-9])"" flags="REG_DOT_NEWLINE,REG_ICASE">
|
|
620
620
|
<description>ntpd running on Solaris 11 or above (SunOS/5.11 and above) </description>
|
|
621
621
|
<example service.version="4.2.0@1.1161-r" os.arch="sun4u" os.version="11">
|
|
622
622
|
version="ntpd 4.2.0@1.1161-r Wed Apr 20 11:28:05 EDT 2005 (1)",
|
|
@@ -637,7 +637,7 @@
|
|
|
637
637
|
<param pos="0" name="os.cpe23" value="cpe:/o:oracle:solaris:{os.version}"/>
|
|
638
638
|
</fingerprint>
|
|
639
639
|
|
|
640
|
-
<fingerprint pattern="
|
|
640
|
+
<fingerprint pattern="version="ntpd ([^ ]+)[^"]+",.*processor="([^ ]+)",.*system="SunOS/?5.([789]|10)"" flags="REG_DOT_NEWLINE,REG_ICASE">
|
|
641
641
|
<description>ntpd running on Solaris 7-Solaris 10 (SunOS/5.7 - SunOS/5.10) </description>
|
|
642
642
|
<example service.version="4.2.0@1.1161-r" os.arch="sun4u" os.version="7">
|
|
643
643
|
version="ntpd 4.2.0@1.1161-r Wed Apr 20 11:28:05 EDT 2005 (1)",
|
|
@@ -666,7 +666,7 @@
|
|
|
666
666
|
<param pos="0" name="os.cpe23" value="cpe:/o:sun:solaris:{os.version}"/>
|
|
667
667
|
</fingerprint>
|
|
668
668
|
|
|
669
|
-
<fingerprint pattern="
|
|
669
|
+
<fingerprint pattern="processor="([^ ]+)",.*system="SunOS/?5.0"" flags="REG_DOT_NEWLINE,REG_ICASE">
|
|
670
670
|
<description>Solaris 2.0 (SunOS/5.0) with no ntp version</description>
|
|
671
671
|
<example os.arch="sun4m">
|
|
672
672
|
processor="sun4m", system="SunOS/5.0"
|
|
@@ -682,7 +682,7 @@
|
|
|
682
682
|
<param pos="0" name="os.cpe23" value="cpe:/o:sun:solaris:2.0"/>
|
|
683
683
|
</fingerprint>
|
|
684
684
|
|
|
685
|
-
<fingerprint pattern="
|
|
685
|
+
<fingerprint pattern="processor="([^ ]+)",.*system="SunOS/?5.1"" flags="REG_DOT_NEWLINE,REG_ICASE">
|
|
686
686
|
<description>Solaris 2.1 (SunOS/5.1) with no ntp version</description>
|
|
687
687
|
<example os.arch="sun4m">
|
|
688
688
|
processor="sun4m", system="SunOS/5.1"
|
|
@@ -698,7 +698,7 @@
|
|
|
698
698
|
<param pos="0" name="os.cpe23" value="cpe:/o:sun:solaris:2.1"/>
|
|
699
699
|
</fingerprint>
|
|
700
700
|
|
|
701
|
-
<fingerprint pattern="
|
|
701
|
+
<fingerprint pattern="processor="([^ ]+)",.*system="SunOS/?5.2"" flags="REG_DOT_NEWLINE,REG_ICASE">
|
|
702
702
|
<description>Solaris 2.2 (SunOS/5.2) with no ntp version</description>
|
|
703
703
|
<example os.arch="sun4m">
|
|
704
704
|
processor="sun4m", system="SunOS/5.2"
|
|
@@ -714,7 +714,7 @@
|
|
|
714
714
|
<param pos="0" name="os.cpe23" value="cpe:/o:sun:solaris:2.2"/>
|
|
715
715
|
</fingerprint>
|
|
716
716
|
|
|
717
|
-
<fingerprint pattern="
|
|
717
|
+
<fingerprint pattern="processor="([^ ]+)",.*system="SunOS/?5.3"" flags="REG_DOT_NEWLINE,REG_ICASE">
|
|
718
718
|
<description>Solaris 2.3 (SunOS/5.3) with no ntp version</description>
|
|
719
719
|
<example os.arch="sun4m">
|
|
720
720
|
processor="sun4m", system="SunOS/5.3"
|
|
@@ -730,7 +730,7 @@
|
|
|
730
730
|
<param pos="0" name="os.cpe23" value="cpe:/o:sun:solaris:2.3"/>
|
|
731
731
|
</fingerprint>
|
|
732
732
|
|
|
733
|
-
<fingerprint pattern="
|
|
733
|
+
<fingerprint pattern="processor="([^ ]+)",.*system="SunOS/?5.4"" flags="REG_DOT_NEWLINE,REG_ICASE">
|
|
734
734
|
<description>Solaris 2.4 (SunOS/5.4) with no ntp version</description>
|
|
735
735
|
<example os.arch="sun4m">
|
|
736
736
|
processor="sun4m", system="SunOS/5.4"
|
|
@@ -746,7 +746,7 @@
|
|
|
746
746
|
<param pos="0" name="os.cpe23" value="cpe:/o:sun:solaris:2.4"/>
|
|
747
747
|
</fingerprint>
|
|
748
748
|
|
|
749
|
-
<fingerprint pattern="
|
|
749
|
+
<fingerprint pattern="processor="([^ ]+)",.*system="SunOS/?5.5"" flags="REG_DOT_NEWLINE,REG_ICASE">
|
|
750
750
|
<description>Solaris 2.5 (SunOS/5.5) with no ntp version</description>
|
|
751
751
|
<example os.arch="sun4m">
|
|
752
752
|
processor="sun4m", system="SunOS/5.5"
|
|
@@ -762,7 +762,7 @@
|
|
|
762
762
|
<param pos="0" name="os.cpe23" value="cpe:/o:sun:solaris:2.5"/>
|
|
763
763
|
</fingerprint>
|
|
764
764
|
|
|
765
|
-
<fingerprint pattern="
|
|
765
|
+
<fingerprint pattern="processor="([^ ]+)",.*system="SunOS/?5.6"" flags="REG_DOT_NEWLINE,REG_ICASE">
|
|
766
766
|
<description>Solaris 2.6 (SunOS/5.6) with no ntp version</description>
|
|
767
767
|
<example os.arch="sun4m">
|
|
768
768
|
processor="sun4m", system="SunOS/5.6"
|
|
@@ -778,7 +778,7 @@
|
|
|
778
778
|
<param pos="0" name="os.cpe23" value="cpe:/o:sun:solaris:2.6"/>
|
|
779
779
|
</fingerprint>
|
|
780
780
|
|
|
781
|
-
<fingerprint pattern="
|
|
781
|
+
<fingerprint pattern="processor="([^ ]+)",.*system="SunOS/?5.([789]|10)"" flags="REG_DOT_NEWLINE,REG_ICASE">
|
|
782
782
|
<description>Solaris 7-10 (SunOS/5.7 - SunOS/5.10) with no ntp version</description>
|
|
783
783
|
<example os.arch="sun4m" os.version="7">
|
|
784
784
|
processor="sun4m", system="SunOS/5.7"
|
|
@@ -800,7 +800,7 @@
|
|
|
800
800
|
<param pos="0" name="os.cpe23" value="cpe:/o:sun:solaris:{os.version}"/>
|
|
801
801
|
</fingerprint>
|
|
802
802
|
|
|
803
|
-
<fingerprint pattern="
|
|
803
|
+
<fingerprint pattern="processor="([^ ]+)",.*system="SunOS/?5.(1[1-9])"" flags="REG_DOT_NEWLINE,REG_ICASE">
|
|
804
804
|
<description>Solaris 11 and up with no ntp version</description>
|
|
805
805
|
<example os.arch="sun4m" os.version="11">
|
|
806
806
|
processor="sun4m", system="SunOS/5.11"
|
|
@@ -816,9 +816,9 @@
|
|
|
816
816
|
<param pos="0" name="os.cpe23" value="cpe:/o:oracle:solaris:{os.version}"/>
|
|
817
817
|
</fingerprint>
|
|
818
818
|
|
|
819
|
-
<fingerprint pattern="
|
|
819
|
+
<fingerprint pattern="system="UNIX/SunOS ([^ ]+)"" flags="REG_DOT_NEWLINE,REG_ICASE">
|
|
820
820
|
<description>SunOS with no ntp version</description>
|
|
821
|
-
<example>
|
|
821
|
+
<example os.version="4.x">
|
|
822
822
|
system="UNIX/SunOS 4.x",
|
|
823
823
|
</example>
|
|
824
824
|
<param pos="0" name="os.vendor" value="Sun"/>
|
|
@@ -828,9 +828,9 @@
|
|
|
828
828
|
<param pos="0" name="os.cpe23" value="cpe:/o:sun:solaris:{os.version}"/>
|
|
829
829
|
</fingerprint>
|
|
830
830
|
|
|
831
|
-
<fingerprint pattern="
|
|
831
|
+
<fingerprint pattern="version="ntpd ([^ ]+)[^"]+",.*processor="([^ ]+)",.*system="JUNOS/?([^ ]+)"" flags="REG_DOT_NEWLINE,REG_ICASE">
|
|
832
832
|
<description>ntpd running on Juniper/Netscreen JunOS</description>
|
|
833
|
-
<example>
|
|
833
|
+
<example service.version="4.2.0-a" os.arch="i386" os.version="9.3R4.4">
|
|
834
834
|
version="ntpd 4.2.0-a Wed Aug 12 04:22:47 UTC 2009 (1)",
|
|
835
835
|
processor="i386", system="JUNOS9.3R4.4", leap=11, stratum=16,
|
|
836
836
|
</example>
|
|
@@ -858,13 +858,13 @@
|
|
|
858
858
|
<param pos="0" name="os.cpe23" value="cpe:/o:juniper:junos:{os.version}"/>
|
|
859
859
|
</fingerprint>
|
|
860
860
|
|
|
861
|
-
<fingerprint pattern="
|
|
861
|
+
<fingerprint pattern="version="ntpd ([^ ]+)[^"]+",.*processor="([^ ]+)",.*system="Windows/?([^ ]+)?"" flags="REG_DOT_NEWLINE,REG_ICASE">
|
|
862
862
|
<description>ntpd running on Windows</description>
|
|
863
|
-
<example>
|
|
863
|
+
<example service.version="4.2.4p7@copenhagen-o" os.arch="x86">
|
|
864
864
|
version="ntpd 4.2.4p7@copenhagen-o May 22 11:25:36 (UTC+02:00) 2009 (3)",
|
|
865
865
|
processor="x86", system="Windows", leap=00, stratum=2, precision=-19,
|
|
866
866
|
</example>
|
|
867
|
-
<example>
|
|
867
|
+
<example service.version="4.2.4p4@1.1520-modena-o" os.arch="unknown" os.version="NT">
|
|
868
868
|
version="ntpd 4.2.4p4@1.1520-modena-o Dec 05 9:35:28 (UTC+01:00) 2007 (11)",
|
|
869
869
|
processor="unknown", system="WINDOWS/NT", leap=00, stratum=2,
|
|
870
870
|
</example>
|
|
@@ -879,9 +879,9 @@
|
|
|
879
879
|
<param pos="0" name="os.cpe23" value="cpe:/o:microsoft:windows:{os.version}"/>
|
|
880
880
|
</fingerprint>
|
|
881
881
|
|
|
882
|
-
<fingerprint pattern="
|
|
882
|
+
<fingerprint pattern="version="ntpd ([^ ]+)[^"]+",.*processor="([^ ]+)",.*system="HP-UX/?([^ ]+)?"" flags="REG_DOT_NEWLINE,REG_ICASE">
|
|
883
883
|
<description>ntpd running on HP-UX</description>
|
|
884
|
-
<example>
|
|
884
|
+
<example service.version="4.2.2@1.1532-o" os.arch="9000/800" os.version="B.11.11">
|
|
885
885
|
version="ntpd 4.2.2@1.1532-o Wed Sep 6 16:49:43 EDT 2006 (2)",
|
|
886
886
|
processor="9000/800", system="HP-UX/B.11.11", leap=00, stratum=1,
|
|
887
887
|
</example>
|
|
@@ -896,7 +896,7 @@
|
|
|
896
896
|
<param pos="0" name="os.cpe23" value="cpe:/o:hp:hp-ux:{os.version}"/>
|
|
897
897
|
</fingerprint>
|
|
898
898
|
|
|
899
|
-
<fingerprint pattern="
|
|
899
|
+
<fingerprint pattern="version="ntpd ([^ ]+)[^"]+",.*processor=,.*system="HP-UX/"" flags="REG_DOT_NEWLINE,REG_ICASE">
|
|
900
900
|
<description>ntpd running on HP-UX with an empty processor</description>
|
|
901
901
|
<example service.version="4.2.6">
|
|
902
902
|
version="ntpd 4.2.6 Revision 0.0 Tue Nov 5 14:21:22 UTC 2012",
|
|
@@ -911,9 +911,9 @@
|
|
|
911
911
|
<param pos="0" name="os.cpe23" value="cpe:/o:hp:hp-ux:-"/>
|
|
912
912
|
</fingerprint>
|
|
913
913
|
|
|
914
|
-
<fingerprint pattern="
|
|
914
|
+
<fingerprint pattern="version="ntpd ([^ ]+)[^"]+",.*processor="[^ ]+",.*system="([^ ]+)-hp-hpux([^ ]+)"" flags="REG_DOT_NEWLINE,REG_ICASE">
|
|
915
915
|
<description>ntpd running on HP-UX, where the processor is in the 'system' variable</description>
|
|
916
|
-
<example>
|
|
916
|
+
<example service.version="4.2.5p154@1.1802" os.arch="ia64" os.version="11.31">
|
|
917
917
|
version="ntpd 4.2.5p154@1.1802 Tue Mar 22 22:09:00 UTC 2011 (39)",
|
|
918
918
|
processor="unknown", system="ia64-hp-hpux11.31", leap=00, stratum=1,
|
|
919
919
|
</example>
|
|
@@ -933,9 +933,9 @@
|
|
|
933
933
|
all versions 5.x were ESXi only.
|
|
934
934
|
-->
|
|
935
935
|
|
|
936
|
-
<fingerprint pattern="
|
|
936
|
+
<fingerprint pattern="version="ntpd ([^ ]+)[^"]+",.*processor="([^ ]+)",.*system="VMkernel/?([^ ]+)?"" flags="REG_DOT_NEWLINE,REG_ICASE">
|
|
937
937
|
<description>ntpd running on VMware ESXi</description>
|
|
938
|
-
<example>
|
|
938
|
+
<example service.version="4.2.4p6@1.1495" os.arch="x86_64" os.version="4.1.0">
|
|
939
939
|
version="ntpd 4.2.4p6@1.1495 Wed Sep 22 02:33:15 UTC 2010 (1)",
|
|
940
940
|
processor="x86_64", system="VMkernel/4.1.0", leap=11, stratum=16,
|
|
941
941
|
</example>
|
|
@@ -952,7 +952,7 @@
|
|
|
952
952
|
<param pos="0" name="hw.device" value="Hypervisor"/>
|
|
953
953
|
</fingerprint>
|
|
954
954
|
|
|
955
|
-
<fingerprint pattern="
|
|
955
|
+
<fingerprint pattern="processor="([^ ]+)",.*system="OSF1[/V]?([^ ]+)"" flags="REG_DOT_NEWLINE,REG_ICASE">
|
|
956
956
|
<description>ntpd running on OSF/1</description>
|
|
957
957
|
<example os.arch="alpha" os.version="4.0">
|
|
958
958
|
processor="alpha", system="OSF1V4.0", leap=00, stratum=1, precision=-18,
|
|
@@ -965,7 +965,7 @@
|
|
|
965
965
|
<param pos="1" name="os.arch"/>
|
|
966
966
|
</fingerprint>
|
|
967
967
|
|
|
968
|
-
<fingerprint pattern="
|
|
968
|
+
<fingerprint pattern="system="UNIX/DECOSF1"" flags="REG_DOT_NEWLINE,REG_ICASE">
|
|
969
969
|
<description>DEC OSF/1</description>
|
|
970
970
|
<example>
|
|
971
971
|
system="UNIX/DECOSF1", leap=0, stratum=3, rootdelay=18.14,
|
|
@@ -974,7 +974,7 @@
|
|
|
974
974
|
<param pos="0" name="os.product" value="OSF/1"/>
|
|
975
975
|
</fingerprint>
|
|
976
976
|
|
|
977
|
-
<fingerprint pattern="
|
|
977
|
+
<fingerprint pattern="system="Linux"" flags="REG_DOT_NEWLINE,REG_ICASE">
|
|
978
978
|
<description>Linux with NTP enabled, no processor/version</description>
|
|
979
979
|
<example>
|
|
980
980
|
system="Linux", leap=00, stratum=2, rootdelay=6.480,
|
|
@@ -987,7 +987,7 @@
|
|
|
987
987
|
<param pos="0" name="service.product" value="NTP"/>
|
|
988
988
|
</fingerprint>
|
|
989
989
|
|
|
990
|
-
<fingerprint pattern="
|
|
990
|
+
<fingerprint pattern="system="UNIX/AIX"" flags="REG_DOT_NEWLINE,REG_ICASE">
|
|
991
991
|
<description>AIX with NTP enabled, no processor/version</description>
|
|
992
992
|
<example>
|
|
993
993
|
system="UNIX/AIX", leap=00, stratum=3, rootdelay=2.000,
|
|
@@ -1001,7 +1001,7 @@
|
|
|
1001
1001
|
<param pos="0" name="service.vendor" value="IBM"/>
|
|
1002
1002
|
</fingerprint>
|
|
1003
1003
|
|
|
1004
|
-
<fingerprint pattern="
|
|
1004
|
+
<fingerprint pattern="system="SunOS"" flags="REG_DOT_NEWLINE,REG_ICASE">
|
|
1005
1005
|
<description>Solaris with NTP enabled, no processor/version</description>
|
|
1006
1006
|
<example>
|
|
1007
1007
|
system="SunOS", leap=00, stratum=1, rootdelay=0.000,
|
|
@@ -1015,7 +1015,7 @@
|
|
|
1015
1015
|
<param pos="0" name="service.vendor" value="Sun"/>
|
|
1016
1016
|
</fingerprint>
|
|
1017
1017
|
|
|
1018
|
-
<fingerprint pattern="
|
|
1018
|
+
<fingerprint pattern="system="cisco"" flags="REG_DOT_NEWLINE,REG_ICASE">
|
|
1019
1019
|
<description>Cisco IOS with NTP enabled</description>
|
|
1020
1020
|
<example>
|
|
1021
1021
|
system="cisco", leap=00, stratum=2, rootdelay=39.900,
|
|
@@ -1029,9 +1029,9 @@
|
|
|
1029
1029
|
<param pos="0" name="service.vendor" value="Cisco"/>
|
|
1030
1030
|
</fingerprint>
|
|
1031
1031
|
|
|
1032
|
-
<fingerprint pattern="
|
|
1032
|
+
<fingerprint pattern="system="Data ONTAP/+(\S+)"" flags="REG_DOT_NEWLINE,REG_ICASE">
|
|
1033
1033
|
<description>NetApp file servers</description>
|
|
1034
|
-
<example>
|
|
1034
|
+
<example os.version="8.1RC2">
|
|
1035
1035
|
system="Data ONTAP/8.1RC2"
|
|
1036
1036
|
</example>
|
|
1037
1037
|
<param pos="0" name="os.vendor" value="NetApp"/>
|
|
@@ -1110,7 +1110,7 @@
|
|
|
1110
1110
|
|
|
1111
1111
|
<fingerprint pattern="system="UNIX/Unixware([^ ]+)"" flags="REG_ICASE">
|
|
1112
1112
|
<description>SCO Unixware NTP</description>
|
|
1113
|
-
<example>
|
|
1113
|
+
<example os.product="2">
|
|
1114
1114
|
system="UNIX/Unixware2", leap=3, stratum=16, rootdelay=0.00,
|
|
1115
1115
|
rootdispersion=0.00, peer=0, refid=0.0.0.0, reftime=0x00000000.00000000,
|
|
1116
1116
|
poll=4, clock=0xd1d874b7.051ec000, phase=0.000, freq=0.00, error=0.00
|
|
@@ -1121,7 +1121,7 @@
|
|
|
1121
1121
|
<param pos="1" name="os.product"/>
|
|
1122
1122
|
</fingerprint>
|
|
1123
1123
|
|
|
1124
|
-
<fingerprint pattern="
|
|
1124
|
+
<fingerprint pattern="processor="([^"]+)", system="SCO_SV([\d\.]+)"" flags="REG_DOT_NEWLINE,REG_ICASE">
|
|
1125
1125
|
<description>SCO Unixware NTP - SCO_SV variant</description>
|
|
1126
1126
|
<example os.version="3.2" os.arch="i386">
|
|
1127
1127
|
processor="i386", system="SCO_SV3.2", leap=0, stratum=2, precision=-18
|
|
@@ -1132,9 +1132,9 @@
|
|
|
1132
1132
|
<param pos="2" name="os.version"/>
|
|
1133
1133
|
</fingerprint>
|
|
1134
1134
|
|
|
1135
|
-
<fingerprint pattern="
|
|
1135
|
+
<fingerprint pattern="version="ntpd ([^ ]+)[^"]+",.*\s*processor="([^ ]+)",.*system="SecureOS/([^ ]+)"" flags="REG_DOT_NEWLINE,REG_ICASE">
|
|
1136
1136
|
<description>McAfee Network Firewall Enterprise NTP (SecureOS)</description>
|
|
1137
|
-
<example>
|
|
1137
|
+
<example service.version="4.2.0-r" os.arch="i386" os.version="7.0.1.00">
|
|
1138
1138
|
version="ntpd 4.2.0-r Thu Aug 11 12:41:19 CDT 2005 (1)",
|
|
1139
1139
|
processor="i386", system="SecureOS/7.0.1.00", leap=0, stratum=3,
|
|
1140
1140
|
precision=-19, rootdelay=27.044, rootdispersion=87.845, peer=2357,
|
|
@@ -1142,7 +1142,7 @@
|
|
|
1142
1142
|
clock=0xd2636c8e.d5e2d427, state=4, offset=0.519, frequency=-3.027,
|
|
1143
1143
|
jitter=5.132, stability=0.394
|
|
1144
1144
|
</example>
|
|
1145
|
-
<example>
|
|
1145
|
+
<example service.version="4.2.0-r" os.arch="i386" os.version="7.0.0.04">
|
|
1146
1146
|
version="ntpd 4.2.0-r Thu Aug 11 12:41:19 CDT 2005 (1)",
|
|
1147
1147
|
processor="i386", system="SecureOS/7.0.0.04", leap=0, stratum=2,
|
|
1148
1148
|
precision=-19, rootdelay=56.480, rootdispersion=35.772, peer=8677,
|
|
@@ -1159,16 +1159,16 @@
|
|
|
1159
1159
|
<param pos="3" name="os.version"/>
|
|
1160
1160
|
</fingerprint>
|
|
1161
1161
|
|
|
1162
|
-
<fingerprint pattern="
|
|
1162
|
+
<fingerprint pattern="processor="([^ ]+)".*system="Linux([^ ]+)"" flags="REG_DOT_NEWLINE,REG_ICASE">
|
|
1163
1163
|
<description>ntpd running on linux</description>
|
|
1164
|
-
<example>
|
|
1164
|
+
<example os.arch="i686" os.version="2.6.10">
|
|
1165
1165
|
processor="i686", system="Linux2.6.10", leap=0, stratum=2,
|
|
1166
1166
|
precision=-17, rootdelay=44.644, rootdispersion=29.933, peer=13317,
|
|
1167
1167
|
refid=A.B.C.D, reftime=0xd2c29f69.407570c5, poll=10,
|
|
1168
1168
|
clock=0xd2c2a335.360999dc, state=4, phase=1.037, frequency=55.898,
|
|
1169
1169
|
jitter=0.203, stability=0.004
|
|
1170
1170
|
</example>
|
|
1171
|
-
<example>
|
|
1171
|
+
<example os.arch="i686" os.version="2.6.23.waas">
|
|
1172
1172
|
processor="i686", system="Linux2.6.23.waas", leap=0, stratum=2,
|
|
1173
1173
|
precision=-18, rootdelay=37.550, rootdispersion=427.047, peer=40613,
|
|
1174
1174
|
refid=172.20.62.191, reftime=0xd297a442.8b66c6de, poll=14,
|
|
@@ -1186,9 +1186,9 @@
|
|
|
1186
1186
|
<param pos="0" name="os.cpe23" value="cpe:/o:linux:linux_kernel:{os.version}"/>
|
|
1187
1187
|
</fingerprint>
|
|
1188
1188
|
|
|
1189
|
-
<fingerprint pattern="
|
|
1189
|
+
<fingerprint pattern="version="ntpd (\S+)[^"]+",.*\s*processor="([^ ]+)".*system="Isilon OneFS/v([^ ]+)"" flags="REG_DOT_NEWLINE,REG_ICASE">
|
|
1190
1190
|
<description>Isilon OneFS NTP Server</description>
|
|
1191
|
-
<example>
|
|
1191
|
+
<example service.version="4.2.4p4-o" os.arch="i386" os.version="5.5.4.21">
|
|
1192
1192
|
version="ntpd 4.2.4p4-o Thu Feb 4 20:43:00 UTC 2010 (1)",
|
|
1193
1193
|
processor="i386", system="Isilon OneFS/v5.5.4.21", leap=0, stratum=14,
|
|
1194
1194
|
precision=-19, rootdelay=0.000, rootdispersion=11.260, peer=60044,
|
|
@@ -1289,7 +1289,7 @@
|
|
|
1289
1289
|
<param pos="0" name="os.arch" value="Alpha"/>
|
|
1290
1290
|
</fingerprint>
|
|
1291
1291
|
|
|
1292
|
-
<fingerprint pattern="
|
|
1292
|
+
<fingerprint pattern="version="ntpd ([^ ]+)[^"]+",\s*processor="([^ ]+)",\s*system="BIG-IPBIG-IP\s+([^"]+)"" flags="REG_DOT_NEWLINE,REG_ICASE">
|
|
1293
1293
|
<description>F5 Big-IP Load Balancers NTP</description>
|
|
1294
1294
|
<example service.version="4.1.1a@1.791" os.arch="i386" os.version="4.5PTF-0">
|
|
1295
1295
|
version="ntpd 4.1.1a@1.791 Fri Aug 8 04:08:19 PDT 2003 (1)",
|
|
@@ -1308,7 +1308,7 @@
|
|
|
1308
1308
|
<param pos="3" name="os.version"/>
|
|
1309
1309
|
</fingerprint>
|
|
1310
1310
|
|
|
1311
|
-
<fingerprint pattern="
|
|
1311
|
+
<fingerprint pattern="version="ntpd ([^ ]+)[^"]+",\s*processor,\s*system="/"" flags="REG_DOT_NEWLINE,REG_ICASE">
|
|
1312
1312
|
<description>NTP on an unknown system</description>
|
|
1313
1313
|
<example service.version="4.2.6p2-RC4@1.2180-o">
|
|
1314
1314
|
version="ntpd 4.2.6p2-RC4@1.2180-o Sun Jun 13 02:56:12 UTC 2010 (2)", processor, system="/"
|