recog 2.3.21 → 3.0.1

data/cpe-remap.yaml

@@ -1,343 +0,0 @@
-mappings:
-  # The following section contains CPE application or 'a' remappings. These will
-  # ONLY be used for mapping Recog 'service' attributes.
-  a:
-    akamai:
-      products:
-        ghost: akamaighost
-    amazon:
-      products:
-        s3: amazon_simple_storage_service
-        cloudfront_load_balancer: amazon_cloudfront
-    apache:
-      products:
-        httpd: http_server
-    aprelium_technologies:
-      vendor: aprelium
-    alt-n:
-      vendor: altn
-    aruba_networks:
-      vendor: arubanetworks
-    bea:
-      products:
-        weblogic: weblogic_server
-    blue_coat:
-      vendor: bluecoat
-    carnegie_mellon_university:
-      vendor: cmu
-      products:
-        cyrus_imap: cyrus_imap_server
-    centos_webpanel:
-      vendor: centos-webpanel
-    check_point:
-      vendor: checkpoint
-    cherokee_project:
-      vendor: cherokee-project
-    cisco:
-      products:
-        apic: application_policy_infrastructure_controller
-    cloudflare:
-      products:
-        cloudflare_load_balancer: load_balancing
-    cpanel:
-      products:
-        cpanel_service_daemon: cpanel
-    crushftp:
-      products:
-        crushftp_web_interface: crushftp
-    cz.nic:
-      vendor: knot-dns
-    drupal:
-      products:
-        cms: drupal
-    embedthis:
-      products:
-        goahead_webserver: goahead
-    envoy_proxy:
-      vendor: envoyproxy
-    f5:
-      products:
-        big-ip: big-ip_local_traffic_manager
-        big-ip_ltm: big-ip_local_traffic_manager
-    fedora_project:
-      vendor: fedoraproject
-    google:
-      products:
-        google_web_services: web_server
-    ibm:
-      products:
-        lotus_domino: lotus_domino_server
-        ibm_domino: lotus_domino
-    ignite_realtime:
-      vendor: igniterealtime
-    intel:
-      products:
-        intel(r)_active_management_technology: active_management_technology
-        intel(r)_standard_manageability: standard_manageability
-    jamf:
-      products:
-        jamf_pro: jamf
-    kibana:
-      vendor: elasticsearch
-    kubernetes:
-      products:
-        nginx_ingress_controller: ingress-nginx
-    kodi:
-      products:
-        media_server: kodi
-    kong:
-      vendor: konghq
-      products:
-        gateway: kong_gateway
-    litespeed_technologies:
-      vendor: litespeedtech
-    lotus:
-      vendor: ibm
-    lynx_technology:
-      vendor: lynxtechnology
-      products:
-        twonky_media_server: twonky_server
-    mailenable:
-      products:
-        mail_server: mailenable
-    manageengine:
-      vendor: zohocorp
-      products:
-        adaudit_plus: manageengine_adaudit_plus
-        desktop_central: manageengine_desktop_central
-        opmanager: manageengine_opmanager
-    microsoft:
-      products:
-        active_directory_controller: active_directory
-        exchange_server_5.5: exchange_server
-        exchange_2000_server: exchange_server
-        exchange_2003_server: exchange_server
-        exchange_2007_server: exchange_server
-        lightweight_directory_server: active_directory_lightweight_directory_service
-        pws: personal_web_server
-    mod_ssl:
-      vendor: modssl
-    mod_wsgi:
-      vendor: modwsgi
-    # NIST took the vendor name from the website but apparently missed the `.in`
-    # in moinmo.in was part of the name
-    moinmoin:
-      vendor: moinmo
-    mort_bay:
-      vendor: mortbay
-    munin:
-      vendor: munin-monitoring
-    nlnet_labs:
-      vendor: nlnetlabs
-      products:
-        dnsd: name_server_daemon
-    net-snmp:
-      products:
-        snmp_agent: net-snmp
-    owncloud:
-      products:
-        owncloud_server: owncloud
-    parallels:
-      products:
-        plesk: parallels_plesk_panel
-    plesk:
-      vendor: parallels
-    proftpd_project:
-      vendor: proftpd
-    progress:
-      products:
-        openedge_explorer: openedge
-    pulse_secure:
-      vendor: pulsesecure
-    realvnc_ltd.:
-      vendor: realvnc
-    red_hat:
-      vendor: redhat
-      products:
-        cygwin_x_server_project: cygwin
-        jboss_as: jboss_wildfly_application_server
-        jboss_eap: jboss_enterprise_application_platform
-        jbossweb: jboss_web_framework_kit
-        red_hat_directory_server: directory_server
-    serv-u:
-      vendor: solarwinds
-    squid_cache:
-      vendor: squid-cache
-    ssh_communications_security:
-      vendor: ssh
-      products:
-        ssh_tectia_server: tectia_server
-    standard_networks:
-      vendor: ipswitch
-    swagger:
-      vendor: smartbear
-    synology:
-      products:
-        dsm: diskstation_manager
-    tightvnc:
-      products:
-        desktop: tightvnc
-    tor_project:
-      vendor: torproject
-    traefik_labs:
-      vendor: traefik
-      products:
-        traefik_proxy: traefik
-    twistedmatrix:
-      products:
-        twisted_web: twistedweb
-    ubiquiti:
-      vendor: ui
-    vandyke_software:
-      vendor: vandyke
-    vmware:
-      products:
-        zimbra: zimbra_desktop
-        vcenter: vcenter_server
-    x.org:
-      products:
-        x.org_x11: x11
-
-  # The following section contains CPE operating system or 'o' remappings. These will
-  # ONLY be used for mapping Recog 'os' attributes.
-  o:
-    alpine:
-      vendor: alpinelinux
-      products:
-        linux: alpine_linux
-    apple:
-      products:
-        ios: iphone_os
-    brocade:
-      vendor: broadcom
-      products:
-        fabric_os: fabric_operating_system
-    centos:
-      products:
-        linux: centos
-    check_point:
-      vendor: checkpoint
-    cisco:
-      products:
-        adaptive_security_appliance: adaptive_security_appliance_software
-        nam: network_analysis_module_software
-        pix: pix_firewall_software
-        telepresence: telepresence_video_communication_server_software
-        vpn_3000_concentrator: vpn_3000_concentrator_series_software
-        wireless_lan_controller: wireless_lan_controller_software
-    citrix:
-      products:
-        netscaler: netscaler_firmware
-        netscaler_gateway: netscaler_gateway_firmware
-    cumulus:
-      vendor: cumulusnetworks
-    data_domain:
-      vendor: dell
-      products:
-        dd_os: emc_data_domain_os
-    debian:
-      products:
-        linux: debian_linux
-    hp:
-      products:
-        ilo: integrated_lights-out_firmware
-        ilo_firmware: integrated_lights-out_firmware
-        ilo_2: integrated_lights-out_2_firmware
-        ilo_3: integrated_lights-out_3_firmware
-        ilo_4: integrated_lights-out_4_firmware
-        ilo_5: integrated_lights-out_5_firmware
-        tru64_unix: tru64
-    ibm:
-      products:
-        os/400: os_400
-        i5/os: i5os
-    juniper:
-      products:
-        junos_os: junos
-    linux:
-      products:
-        linux: linux_kernel
-    microsoft:
-      products:
-        windows_server_2003_datacenter_edition: windows_server_2003
-        windows_server_2003_r2: windows_server_2003
-        windows_2008_r2: windows_server_2008
-        windows_server_2008_datacenter_edition: windows_server_2008
-        windows_server_2008_r2: windows_server_2008
-        windows_server_2008_r2_datacenter_edition: windows_server_2008
-        windows_server_2012_r2: windows_server_2012
-        nt: windows_nt
-        windows_nt_desktop: windows_nt
-        windows_nt_server: windows_nt
-        windows_server_2000: windows_2000
-        windows_2000_server: windows_2000
-        windows_2000_datacenter_server: windows_2000
-    oracle:
-      products:
-        ilom: integrated_lights_out_manager_firmware
-    palo_alto_networks:
-      vendor: paloaltonetworks
-    red_hat:
-      vendor: redhat
-      products:
-        fedora_core_linux: fedora_core
-    sun:
-      products:
-        solaris: sunos
-    ubiquiti:
-      vendor: ui
-    ubuntu:
-      vendor: canonical
-      products:
-        linux: ubuntu_linux
-    vmware:
-      products:
-        photon_linux: photon_os
-        vmware_esx_server: esx
-        vmware_esxi_server: esxi
-    wind_river:
-      vendor: windriver
-
-  # The following section contains CPE hardware or 'h' remappings. These will
-  # ONLY be used for mapping Recog 'hw' attributes.
-  h:
-    apple:
-      products:
-        imac_(retina_4k_21.5-inch_2019): imac
-        imac_(retina_5k_27-inch_2017): imac
-        imac_(retina_5k_27-inch_2019): imac
-        imac_(retina_5k_27-inch_2020): imac
-        macbook_air_(13-inch_2017): macbook_air
-        macbook_air_(m1_2020): macbook_air
-        macbook_air_(retina_13-inch_2018): macbook_air
-        macbook_air_(retina_13-inch_2019): macbook_air
-        macbook_air_(retina_13-inch_2020): macbook_air
-        macbook_pro_(13-inch_2018_four_thunderbolt_3_ports): macbook_pro
-        macbook_pro_(13-inch_2019_two_thunderbolt_3_ports): macbook_pro
-        macbook_pro_(13-inch_2020): macbook_pro
-        macbook_pro_(13-inch_m1_2020): macbook_pro
-        macbook_pro_(15-inch_2018): macbook_pro
-        macbook_pro_(15-inch_2019): macbook_pro
-        macbook_pro_(16-inch_2019): macbook_pro
-        macbook_pro_(retina_13-inch_early_2015): macbook_pro
-        macbook_pro_(retina_15-inch_mid_2015): macbook_pro
-    cisco:
-      products:
-        nam: network_analysis_module
-    citrix:
-      products:
-        netscaler_sdx_gateway: netscaler_sdx
-    emc:
-      products:
-        celerra: celerra_network_attached_storage
-    hp:
-      products:
-        ilo: integrated_lights-out
-    kace:
-      vendor: dell
-      products:
-        k1000: kace_k1000_systems_management_appliance
-    tandberg:
-      vendor: cisco
-    ubiquiti:
-      vendor: ui

data/features/data/failing_banners_fingerprints.xml

@@ -1,20 +0,0 @@
-<?xml version="1.0"?>
-<fingerprints>
-  <fingerprint pattern="^=\(.\*.\)=-\.:\. \(\( Welcome to PureFTPd (\d+\..+) \)\) \.:\.-=\(.\*.\)=-$">
-    <example>=(&lt;*&gt;)=-.:. (( Welcome to PureFTPd 1.1.0 )) .:.-=(&lt;*&gt;)=-</example>
-    <description>Older Pure-FTPd versions</description>
-    <param pos="0" name="service.family" value="Pure-FTPd"/>
-    <param pos="0" name="service.product" value="Pure-FTPd"/>
-    <param pos="1" name="service.version"/>
-  </fingerprint>
-  <fingerprint pattern="^(\S+) FTP Server \(Solaris (\S+)\) ready\.?$" flags="REG_ICASE">
-    <description>SunOS/Solaris</description>
-    <example>example.com FTP server (Solaris 5.7) ready.</example>
-    <param pos="0" name="os.vendor" value="Sun"/>
-    <param pos="0" name="os.family" value="Solaris"/>
-    <param pos="0" name="os.product" value="Solaris"/>
-    <param pos="0" name="os.device" value="General"/>
-    <param pos="1" name="host.name"/>
-    <param pos="2" name="os.version"/>
-  </fingerprint>
-</fingerprints>

data/features/data/matching_banners_fingerprints.xml

@@ -1,23 +0,0 @@
-<?xml version="1.0"?>
-<fingerprints protocol="ftp" database_type="service">
-  <fingerprint pattern="^-{10} Welcome to Pure-FTPd (.*)-{10}$">
-    <example>---------- Welcome to Pure-FTPd ----------</example>
-    <description>Pure-FTPd
-      Config data can be zero or more of: [privsep] [TLS]
-      </description>
-    <param pos="1" name="pureftpd.config"/>
-    <param pos="0" name="service.family" value="Pure-FTPd"/>
-    <param pos="0" name="service.product" value="Pure-FTPd"/>
-    <param pos="0" name="service.protocol" value="ftp"/>
-  </fingerprint>
-  <fingerprint pattern="^(\S+) FTP Server \(SunOS (\S+)\) ready\.?$" flags="REG_ICASE">
-    <description>SunOS/Solaris</description>
-    <example>example.com FTP server (SunOS 5.7) ready.</example>
-    <param pos="0" name="os.vendor" value="Sun"/>
-    <param pos="0" name="os.family" value="Solaris"/>
-    <param pos="0" name="os.product" value="Solaris"/>
-    <param pos="0" name="os.device" value="General"/>
-    <param pos="1" name="host.name"/>
-    <param pos="2" name="os.version"/>
-  </fingerprint>
-</fingerprints>

data/features/data/multiple_banners_fingerprints.xml

@@ -1,32 +0,0 @@
-<?xml version="1.0"?>
-<fingerprints>
-  <fingerprint pattern="FTP">
-    <example>---- FTP Stuff ----</example>
-    <example>FTP server</example>
-    <description>Generic FTP,
-      Checks for the existence of the word FTP in the line
-    </description>
-    <!-- Asserting nothing -->
-  </fingerprint>
-  <fingerprint pattern="^-{10} Welcome to Pure-FTPd (.*)-{10}$">
-    <example>---------- Welcome to Pure-FTPd ----------</example>
-    <description>Pure-FTPd
-      Config data can be zero or more of: [privsep] [TLS]
-    </description>
-    <param pos="1" name="pureftpd.config"/>
-    <param pos="0" name="service.family" value="Pure-FTPd"/>
-    <param pos="0" name="service.product" value="Pure-FTPd"/>
-    <param pos="0" name="service.protocol" value="ftp"/>
-  </fingerprint>
-  <fingerprint pattern="^(\S+) FTP Server \(SunOS (\S+)\) ready\.?$" flags="REG_ICASE">
-    <description>SunOS/Solaris</description>
-    <example>example.com FTP server (SunOS 5.7) ready.</example>
-    <param pos="0" name="service.protocol" value="ftp"/>
-    <param pos="0" name="os.vendor" value="Sun"/>
-    <param pos="0" name="os.family" value="Solaris"/>
-    <param pos="0" name="os.product" value="Solaris"/>
-    <param pos="0" name="os.device" value="General"/>
-    <param pos="1" name="host.name"/>
-    <param pos="2" name="os.version"/>
-  </fingerprint>
-</fingerprints>

data/features/data/no_tests.xml

@@ -1,3 +0,0 @@
-<?xml version="1.0"?>
-<fingerprints>
-</fingerprints>

data/features/data/sample_banner.txt

@@ -1,2 +0,0 @@
----------- Welcome to Pure-FTPd [privsep] [TLS] ----------
-polaris FTP server (SunOS 5.8) ready.

data/features/data/successful_tests.xml

@@ -1,18 +0,0 @@
-<?xml version="1.0"?>
-<fingerprints>
-   <fingerprint pattern="^Cisco-SIPGateway/IOS-([\d\.x]+)$">
-      <description>Cisco SIPGateway</description>
-      <example os.version="12.x">Cisco-SIPGateway/IOS-12.x</example>
-      <param pos="0" name="os.vendor" value="Cisco"/>
-      <param pos="0" name="os.product" value="IOS"/>
-      <param pos="1" name="os.version"/>
-   </fingerprint>
-   <fingerprint pattern="^bar ([\d.]+)$">
-     <description>bar test</description>
-     <example os.version="1.0" >bar 1.0</example>
-     <example os.version="2.0" >bar 2.0</example>
-     <example os.version="2.1" >bar 2.1</example>
-     <param pos="1" name="os.version" />
-     <param pos="0" name="os.name" value="Bar" />
-   </fingerprint>
-</fingerprints>

data/features/data/tests_with_failures.xml

@@ -1,20 +0,0 @@
-<?xml version="1.0"?>
-<fingerprints>
-   <fingerprint pattern="^foo$">
-     <description>foo test</description>
-     <!-- Fail: doesn't match -->
-     <example>bar</example>
-   </fingerprint>
-   <fingerprint pattern="^This matches$">
-     <!-- Warn: no name -->
-     <!-- Fail: doesn't match -->
-     <example>This almost matches</example>
-   </fingerprint>
-   <fingerprint pattern="^(\S+) ([\d.]+)$">
-     <description>bar test</description>
-     <!-- Fail: expected os.version doesn't match the capture group -->
-     <example os.version="5.0" >bar 1.0</example>
-     <param pos="2" name="os.version" />
-     <param pos="1" name="os.name" value="Bar" />
-   </fingerprint>
-</fingerprints>

data/features/data/tests_with_warnings.xml

@@ -1,17 +0,0 @@
-<?xml version="1.0"?>
-<fingerprints>
-  <fingerprint pattern="^-{10} Welcome to Pure-FTPd (.*)-{10}$">
-    <example pureftpd.config="">---------- Welcome to Pure-FTPd ----------</example>
-    <description>Pure-FTPd</description>
-    <param pos="1" name="pureftpd.config"/>
-    <param pos="0" name="service.family" value="Pure-FTPd"/>
-    <param pos="0" name="service.product" value="Pure-FTPd"/>
-  </fingerprint>
-  <fingerprint pattern="^-{10} Welcome to Pure-FTPd (.*)-{10}$">
-    <!-- should warn with no examples -->
-    <description>Pure-FTPd</description>
-    <param pos="1" name="pureftpd.config"/>
-    <param pos="0" name="service.family" value="Pure-FTPd"/>
-    <param pos="0" name="service.product" value="Pure-FTPd"/>
-  </fingerprint>
-</fingerprints>

data/features/match.feature

@@ -1,36 +0,0 @@
-Feature: Match
-  @no-clobber
-  Scenario: Finds matches
-    When I run `recog_match matching_banners_fingerprints.xml sample_banner.txt`
-    Then it should pass with:
-      """
-      MATCH: {"matched"=>"Pure-FTPd Config data can be zero or more of: [privsep] [TLS]", "pureftpd.config"=>"[privsep] [TLS] ", "service.family"=>"Pure-FTPd", "service.product"=>"Pure-FTPd", "service.protocol"=>"ftp", "fingerprint_db"=>"matching_banners_fingerprints", "data"=>"---------- Welcome to Pure-FTPd [privsep] [TLS] ----------"}
-      MATCH: {"matched"=>"SunOS/Solaris", "os.vendor"=>"Sun", "os.family"=>"Solaris", "os.product"=>"Solaris", "os.device"=>"General", "host.name"=>"polaris", "os.version"=>"5.8", "service.protocol"=>"ftp", "fingerprint_db"=>"matching_banners_fingerprints", "data"=>"polaris FTP server (SunOS 5.8) ready."}
-      """
-
-  @no-clobber
-  Scenario: Fails at finding matches
-    When I run `recog_match failing_banners_fingerprints.xml sample_banner.txt`
-    Then it should pass with:
-      """
-      FAIL: ---------- Welcome to Pure-FTPd [privsep] [TLS] ----------
-      FAIL: polaris FTP server (SunOS 5.8) ready
-      """
-
-  @no-clobber
-  Scenario: Finds multiple matches
-    When I run `recog_match multiple_banners_fingerprints.xml sample_banner.txt --multi-match`
-    Then it should pass with:
-      """
-      MATCHES: {"matched"=>"Generic FTP, Checks for the existence of the word FTP in the line", "service.protocol"=>"", "fingerprint_db"=>"multiple_banners_fingerprints", "data"=>"---------- Welcome to Pure-FTPd [privsep] [TLS] ----------"},{"matched"=>"Pure-FTPd Config data can be zero or more of: [privsep] [TLS]", "pureftpd.config"=>"[privsep] [TLS] ", "service.family"=>"Pure-FTPd", "service.product"=>"Pure-FTPd", "service.protocol"=>"ftp", "fingerprint_db"=>"multiple_banners_fingerprints", "data"=>"---------- Welcome to Pure-FTPd [privsep] [TLS] ----------"}
-      MATCHES: {"matched"=>"Generic FTP, Checks for the existence of the word FTP in the line", "service.protocol"=>"", "fingerprint_db"=>"multiple_banners_fingerprints", "data"=>"polaris FTP server (SunOS 5.8) ready."},{"matched"=>"SunOS/Solaris", "service.protocol"=>"ftp", "os.vendor"=>"Sun", "os.family"=>"Solaris", "os.product"=>"Solaris", "os.device"=>"General", "host.name"=>"polaris", "os.version"=>"5.8", "fingerprint_db"=>"multiple_banners_fingerprints", "data"=>"polaris FTP server (SunOS 5.8) ready."}
-      """
-
-  @no-clobber
-  Scenario: Finds first matches using no-multi-match flag
-    When I run `recog_match multiple_banners_fingerprints.xml sample_banner.txt --no-multi-match`
-    Then it should pass with:
-    """
-    MATCH: {"matched"=>"Generic FTP, Checks for the existence of the word FTP in the line", "service.protocol"=>"", "fingerprint_db"=>"multiple_banners_fingerprints", "data"=>"---------- Welcome to Pure-FTPd [privsep] [TLS] ----------"}
-    MATCH: {"matched"=>"Generic FTP, Checks for the existence of the word FTP in the line", "service.protocol"=>"", "fingerprint_db"=>"multiple_banners_fingerprints", "data"=>"polaris FTP server (SunOS 5.8) ready."}
-    """

data/features/support/aruba.rb

@@ -1,3 +0,0 @@
-Aruba.configure do |config|
-  config.working_directory = 'features/data'
-end

data/features/support/env.rb

@@ -1,6 +0,0 @@
-require 'aruba/cucumber'
-
-Before do
-  @dirs = ["features/data"]
-  @aruba_timeout_seconds = 30
-end

data/features/verify.feature

@@ -1,48 +0,0 @@
-Feature: Verify
-  @no-clobber
-  Scenario: No tests
-    When I run `recog_verify no_tests.xml`
-    Then it should pass with:
-      """
-      SUMMARY: Test completed with 0 successful, 0 warnings, and 0 failures
-      """
-
-  @no-clobber
-  Scenario: Successful tests
-    When I run `recog_verify successful_tests.xml`
-    Then it should pass with:
-      """
-      SUMMARY: Test completed with 4 successful, 0 warnings, and 0 failures
-      """
-
-  @no-clobber
-  Scenario: Tests with warnings, warnings enabled
-    When I run `recog_verify tests_with_warnings.xml`
-    Then it should fail with:
-      """
-      WARN: 'Pure-FTPd' has no test cases
-      WARN: 'Pure-FTPd' is missing an example that checks for parameter 'pureftpd.config' messsage which is derived from a capture group
-      SUMMARY: Test completed with 1 successful, 2 warnings, and 0 failures
-      """
-    And the exit status should be 2
-
-  @no-clobber
-  Scenario: Tests with warnings, warnings disabled
-    When I run `recog_verify --no-warnings tests_with_warnings.xml`
-    Then it should pass with:
-      """
-      SUMMARY: Test completed with 1 successful, 0 warnings, and 0 failures
-      """
-
-  @no-clobber
-  Scenario: Tests with failures
-    When I run `recog_verify tests_with_failures.xml`
-    Then it should fail with:
-      """
-      FAIL: 'foo test' failed to match "bar" with (?-mix:^foo$)'
-      FAIL: '' failed to match "This almost matches" with (?-mix:^This matches$)'
-      FAIL: 'bar test's os.name is a non-zero pos but specifies a value of 'Bar'
-      FAIL: 'bar test' failed to find expected capture group os.version '5.0'. Result was 1.0
-      SUMMARY: Test completed with 0 successful, 0 warnings, and 4 failures
-      """
-    And the exit status should be 4

data/identifiers/README.md

@@ -1,70 +0,0 @@
-# Recog: Identifiers
-
-This directory contains lists of standard identifiers for mapping Recog matches.
-The goal is define a standard set of constants to represent known software,
-hardware, vendors, and categories.
-
-This is currently incomplete and will be updated as standardization work moves
-forward.
-
-Fingerprints should use these identifiers whenever possible; if a different name
-or syntax for a given identifier is preferred, this should be implemented in the
-application through a mapping function.
-
-## Lists
-
-### Fields
-
-`fields.txt` defines the various fields (`os.vendor`, etc.) used to assert
-information about a match.
-
-### Vendors
-
-`vendor.txt` defines known vendor names, covering services, operating systems,
-and hardware.
-
-### Operating Systems
-
-`os_architecture.txt` defines known CPU types.
-
-`os_product.txt` defines known operating system names.
-
-`os_family.txt` defines known operating system families.
-
-`os_device.txt` defines known types of devices by function or purpose.
-
-### Hardware
-
-`hw_product.txt` defines known hardware product names.
-
-`hw_family.txt` defines known hardware product families.
-
-`hw_device.txt` defines known types of devices by function or purpose (overlaps
-with `os_device.txt`).
-
-### Services
-
-`service_product.txt` defines known service product names.
-
-`service_family.txt` defines known service product families.
-
-### Software
-
-`software_product.txt` defines known software product names.
-
-`software_family.txt` defines known software product families.
-
-`software_class.txt` defines known types of software by function or purpose.
-
-## Pending Work
-
-* All existing fingerprints should be correlated against these lists to
-  identify mismatches and updated accordingly.
-
-* All net new identifiers from the existing fingerprints should be merged into
-these lists.
-
-* All fingerprint assertions should be enumerated, documented, and standardized
-where possible (`host.mac`, etc).
-
-* Hardware identifiers should be enumerated, consolidated, and standardized.