recog 2.3.22 → 2.3.23

data/xml/pop_banners.xml

@@ -52,7 +52,7 @@
 
   <fingerprint pattern="^Qpopper \(version (\d+\.\d+\.\d+), modified by Sphera Technologies\) at (.+) starting\.">
     <description>Qpopper with Sphera mods</description>
-    <example>Qpopper (version 4.0.3, modified by Sphera Technologies) at domain starting.  &lt;xxx@domain&gt;</example>
+    <example service.version="4.0.3" host.domain="domain">Qpopper (version 4.0.3, modified by Sphera Technologies) at domain starting.  &lt;xxx@domain&gt;</example>
     <param pos="0" name="service.vendor" value="Sphera"/>
     <param pos="0" name="service.family" value="Qpopper"/>
     <param pos="0" name="service.product" value="Qpopper"/>
@@ -62,7 +62,7 @@
 
   <fingerprint pattern="^Qpopper \(version (\d+\.\d+\.\d+)-mysql-(.+)\) at (.+) starting\.">
     <description>Qpopper with MySQL auth module</description>
-    <example>Qpopper (version 4.0.3-mysql-0.13) at domain starting.  &lt;xxx@domain&gt;</example>
+    <example service.version="4.0.3" service.component.version="0.13" host.domain="domain">Qpopper (version 4.0.3-mysql-0.13) at domain starting.  &lt;xxx@domain&gt;</example>
     <param pos="0" name="service.vendor" value="Qualcomm"/>
     <param pos="0" name="service.family" value="Qpopper"/>
     <param pos="0" name="service.product" value="Qpopper"/>
@@ -73,11 +73,11 @@
     <param pos="3" name="host.domain"/>
   </fingerprint>
 
-  <fingerprint pattern="(?i)^Qpop(?:per)? \(version ([\d\.]+)\) at (.+)(?: starting\.)?">
+  <fingerprint pattern="(?i)^Qpop(?:per)? \(version ([\d\.]+)\) at (\S{1,512})(?: starting\.)?">
     <description>Qpopper missing version info</description>
-    <example>Qpopper (version 4.0.16) at foo.example.com</example>
-    <example>QPOP (version 2.53) at domain starting.  &lt;xxx@domain&gt;</example>
-    <example>Qpopper (version 4.0.3) at domain starting.  &lt;xxx@domain&gt;</example>
+    <example service.version="4.0.16" host.domain="foo.example.com">Qpopper (version 4.0.16) at foo.example.com</example>
+    <example service.version="2.53" host.domain="domain">QPOP (version 2.53) at domain starting.  &lt;xxx@domain&gt;</example>
+    <example service.version="4.0.3" host.domain="domain">Qpopper (version 4.0.3) at domain starting.  &lt;xxx@domain&gt;</example>
     <param pos="0" name="service.vendor" value="Qualcomm"/>
     <param pos="0" name="service.family" value="Qpopper"/>
     <param pos="0" name="service.product" value="Qpopper"/>
@@ -87,7 +87,7 @@
 
   <fingerprint pattern="^QPOP \(version (.*)\) at (.+) starting\.">
     <description>Qpopper with missing version info</description>
-    <example>QPOP (version ?) at domain starting.  &lt;xxx@domain&gt;</example>
+    <example qpopper.version="?" host.domain="domain">QPOP (version ?) at domain starting.  &lt;xxx@domain&gt;</example>
     <param pos="0" name="service.vendor" value="Qualcomm"/>
     <param pos="0" name="service.family" value="Qpopper"/>
     <param pos="0" name="service.product" value="Qpopper"/>
@@ -97,7 +97,7 @@
 
   <fingerprint pattern="^Microsoft Exchange Server 2003 POP3 server version (\d+\.\d+\.\d+\.\d+) (.+) ready.$">
     <description>Microsoft Exchange Server 2003</description>
-    <example>Microsoft Exchange Server 2003 POP3 server version 6.5.6944.0 (host) ready.</example>
+    <example service.version="6.5.6944.0" host.name="(host)">Microsoft Exchange Server 2003 POP3 server version 6.5.6944.0 (host) ready.</example>
     <param pos="0" name="service.vendor" value="Microsoft"/>
     <param pos="0" name="service.family" value="Exchange Server"/>
     <param pos="0" name="service.product" value="Exchange 2003 Server"/>
@@ -110,9 +110,9 @@
     <param pos="0" name="os.cpe23" value="cpe:/o:microsoft:windows:-"/>
   </fingerprint>
 
-  <fingerprint pattern="^Microsoft Exchange 2000 POP3 server version (\d+\.\d+\.\d+\.\d+) (.+) ready.$">
+  <fingerprint pattern="^Microsoft Exchange 2000 POP3 server version (\d+\.\d+\.\d+\.\d+) \((\S{1,512})\) ready\.$">
     <description>Microsoft Exchange Server 2000</description>
-    <example>Microsoft Exchange 2000 POP3 server version 6.0.6603.0 (host) ready.</example>
+    <example service.version="6.0.6603.0" host.name="host">Microsoft Exchange 2000 POP3 server version 6.0.6603.0 (host) ready.</example>
     <param pos="0" name="service.vendor" value="Microsoft"/>
     <param pos="0" name="service.family" value="Exchange Server"/>
     <param pos="0" name="service.product" value="Exchange 2000 Server"/>
@@ -127,7 +127,7 @@
 
   <fingerprint pattern="^Microsoft Exchange POP3 server version (\d+\.\d+\.\d+\.\d+) ready$">
     <description>Microsoft Exchange Server</description>
-    <example>Microsoft Exchange POP3 server version 5.5.2654.50 ready</example>
+    <example service.version="5.5.2654.50">Microsoft Exchange POP3 server version 5.5.2654.50 ready</example>
     <param pos="0" name="service.vendor" value="Microsoft"/>
     <param pos="0" name="service.family" value="Exchange Server"/>
     <param pos="0" name="service.product" value="Exchange Server"/>
@@ -141,7 +141,7 @@
 
   <fingerprint pattern="^Microsoft Windows POP3 Service Version 1.0 &lt;.+@(.+)&gt; ready.$">
     <description>Microsoft POP3 Services on Windows 2003</description>
-    <example>Microsoft Windows POP3 Service Version 1.0 &lt;xxx@host&gt; ready.</example>
+    <example host.name="host">Microsoft Windows POP3 Service Version 1.0 &lt;xxx@host&gt; ready.</example>
     <param pos="0" name="service.vendor" value="Microsoft"/>
     <param pos="0" name="service.family" value="E-mail Services"/>
     <param pos="0" name="service.product" value="E-mail Services"/>
@@ -240,7 +240,7 @@
 
   <fingerprint pattern="^(\S{1,512}) Zimbra (\S+) POP3 server ready\.?$">
     <description>VMware Zimbra POP with version</description>
-    <example host.name="foo.bar">foo.bar Zimbra 7.0.0_GA_3079 POP3 server ready</example>
+    <example host.name="foo.bar" service.version="7.0.0_GA_3079">foo.bar Zimbra 7.0.0_GA_3079 POP3 server ready</example>
     <param pos="0" name="service.vendor" value="VMware"/>
     <param pos="0" name="service.product" value="Zimbra"/>
     <param pos="2" name="service.version"/>
@@ -250,15 +250,15 @@
 
   <fingerprint pattern="^(?:S?POP3? server ready |Hello there.? )?&lt;.*@([^&gt;]+)&gt;$">
     <description>Generic masked POP3 server</description>
-    <example>POP3 server ready &lt;58c29ae4-7316-429e-8109-060444ab1a28@foo.example.com&gt;</example>
-    <example>&lt;84427.1298535083@foo.example.com&gt;</example>
+    <example host.name="foo.example.com">POP3 server ready &lt;58c29ae4-7316-429e-8109-060444ab1a28@foo.example.com&gt;</example>
+    <example host.name="foo.example.com">&lt;84427.1298535083@foo.example.com&gt;</example>
     <param pos="1" name="host.name"/>
   </fingerprint>
 
   <fingerprint pattern="^ApplePasswordServer ([\d\.]+) password">
     <description>Apple Open Directory</description>
-    <example>ApplePasswordServer 10.6.0.0 password server at 10.2.90.228 ready.</example>
-    <example>ApplePasswordServer 10.5.0.1 password serv</example>
+    <example os.version="10.6.0.0">ApplePasswordServer 10.6.0.0 password server at 10.2.90.228 ready.</example>
+    <example os.version="10.5.0.1">ApplePasswordServer 10.5.0.1 password serv</example>
     <param pos="0" name="service.vendor" value="Apple"/>
     <param pos="0" name="service.product" value="Open Directory"/>
     <param pos="0" name="os.vendor" value="Apple"/>

data/xml/sip_banners.xml

@@ -184,7 +184,7 @@
     <description>Cisco/Tandberg TelePresence</description>
     <example os.version="TC7.0.2.aecf2d9" tandberg.model="519" hw.product="TANDBERG/519">TANDBERG/519 (TC7.0.2.aecf2d9)</example>
     <example os.version="X12.5.2" tandberg.model="4137" hw.product="TANDBERG/4137">TANDBERG/4137 (X12.5.2 (TEST SW))</example>
-    <example os.version="X8.2.1" hw.product="TANDBERG/4130">TANDBERG/4130 (X8.2.1)</example>
+    <example os.version="X8.2.1" hw.product="TANDBERG/4130" tandberg.model="4130">TANDBERG/4130 (X8.2.1)</example>
     <example os.version="XC2.2.1-b2bua-1.0" hw.product="TANDBERG/4353" tandberg.model="4353">TANDBERG/4353 (XC2.2.1-b2bua-1.0)</example>
     <example os.version="TC5.1.4.295090" hw.product="TANDBERG/516" tandberg.model="516">TANDBERG/516 (TC5.1.4.295090)</example>
     <example os.version="TCNC5.1.4.295090" hw.product="TANDBERG/517" tandberg.model="517">TANDBERG/517 (TCNC5.1.4.295090)</example>
@@ -312,9 +312,9 @@
 
   <fingerprint pattern="^Grandstream (UCM6\d\d\d)V(\d\.\d\w) ([\d.]+)$">
     <description>Grandstream UCM 6xxx series generic</description>
-    <example hw.product="UCM6102" os.version="1.0.6.10">Grandstream UCM6102V1.5A 1.0.6.10</example>
-    <example hw.product="UCM6302" hw.version="1.2B">Grandstream UCM6302V1.2B 1.0.3.10</example>
-    <example hw.product="UCM6510">Grandstream UCM6510V1.4B 1.0.14.23</example>
+    <example hw.product="UCM6102" os.version="1.0.6.10" hw.version="1.5A">Grandstream UCM6102V1.5A 1.0.6.10</example>
+    <example hw.product="UCM6302" hw.version="1.2B" os.version="1.0.3.10">Grandstream UCM6302V1.2B 1.0.3.10</example>
+    <example hw.product="UCM6510" os.version="1.0.14.23" hw.version="1.4B">Grandstream UCM6510V1.4B 1.0.14.23</example>
     <param pos="0" name="os.vendor" value="Grandstream"/>
     <param pos="3" name="os.version"/>
     <param pos="0" name="os.device" value="SIP Gateway"/>
@@ -668,7 +668,7 @@
     <description>Fortinet FortiVoice</description>
     <example hw.product="200D">FortiVoice-200D</example>
     <example hw.product="VM-Azure">FortiVoice-VM-Azure</example>
-    <example>FortiVoice-1000E</example>
+    <example hw.product="1000E">FortiVoice-1000E</example>
     <param pos="0" name="service.vendor" value="Fortinet"/>
     <param pos="0" name="service.product" value="FortiVoice"/>
     <param pos="0" name="service.device" value="SIP Gateway"/>
@@ -716,4 +716,15 @@
     <param pos="2" name="os.version"/>
   </fingerprint>
 
+  <fingerprint pattern="^Eltex (ESR-\d\w{1,4})$">
+    <description>Eltex ESR model service gateway</description>
+    <example hw.product="ESR-12V">Eltex ESR-12V</example>
+    <param pos="0" name="os.vendor" value="Eltex"/>
+    <param pos="0" name="os.device" value="Router"/>
+    <param pos="0" name="os.product" value="{hw.product} Firmware"/>
+    <param pos="0" name="hw.vendor" value="Eltex"/>
+    <param pos="1" name="hw.product"/>
+    <param pos="0" name="hw.device" value="Router"/>
+  </fingerprint>
+
 </fingerprints>

data/xml/sip_user_agents.xml

@@ -28,7 +28,7 @@
 
   <fingerprint pattern="^Home&amp;Life HUB/([\d.]+)$">
     <description>Zyxel home routers</description>
-    <example>Home&amp;Life HUB/1.1.26.00</example>
+    <example os.version="1.1.26.00">Home&amp;Life HUB/1.1.26.00</example>
     <param pos="0" name="os.vendor" value="Zyxel"/>
     <param pos="1" name="os.version"/>
     <param pos="0" name="os.device" value="Router"/>
@@ -65,11 +65,11 @@
     <description>Technicolor TGxxx Router with build info</description>
     <example hw.product="TG784n" os.version="10.2.1.O">Technicolor TG784n v3 Build 10.2.1.O</example>
     <example hw.product="TG789vn" os.version="10.5.2.Z.EC">Technicolor TG789vn v3 Build 10.5.2.Z.EC</example>
-    <example>MediaAccess TG789vac v2 Build 10.5.8.Y.GX CP1916SAQHD</example>
+    <example os.version="10.5.8.Y.GX" hw.product="TG789vac">MediaAccess TG789vac v2 Build 10.5.8.Y.GX CP1916SAQHD</example>
     <example hw.product="TG799vn" os.version="10.5.2.T.JF">Technicolor TG799vn v2 Build 10.5.2.T.JF</example>
     <example hw.product="TG788vn" os.version="10.5.2.S.GD">MediaAccess TG788vn v2 Build 10.5.2.S.GD</example>
     <example hw.product="TG799vac" os.version="17.2.0405-1021">MediaAccess TG799vac Build 17.2.0405-1021</example>
-    <example hw.product="TG389">MediaAccess TG389 Build 10.5.2.T.AQ</example>
+    <example hw.product="TG389" os.version="10.5.2.T.AQ">MediaAccess TG389 Build 10.5.2.T.AQ</example>
     <param pos="0" name="os.vendor" value="Technicolor"/>
     <param pos="0" name="os.device" value="Router"/>
     <param pos="2" name="os.version"/>
@@ -122,7 +122,7 @@
 
   <fingerprint pattern="^Cisco-SIPGateway/IOS-([\d\.x]+)$">
     <description>Cisco SIPGateway</description>
-    <example>Cisco-SIPGateway/IOS-12.x</example>
+    <example os.version="12.x">Cisco-SIPGateway/IOS-12.x</example>
     <param pos="0" name="os.vendor" value="Cisco"/>
     <param pos="0" name="os.product" value="IOS"/>
     <param pos="1" name="os.version"/>
@@ -171,18 +171,18 @@
 
   <fingerprint pattern="^(?:AVM )?(FRITZ!Box .*) +(\d+\.\d+\.\d+)">
     <description>AVM FritzBox</description>
-    <example>AVM FRITZ!Box Fon 06.03.13</example>
-    <example>AVM FRITZ!Box Fon 06.03.65 (Jun  7 2005)</example>
-    <example>AVM FRITZ!Box Fon 5010 Annex A (ITA) 48.04.46 (Sep 14 2007)</example>
-    <example>AVM FRITZ!Box Fon 5012 (UI) 25.03.90 (3.01.03 tested by accredited T-Com test lab) (Oct 28 2005)</example>
-    <example>AVM FRITZ!Box Fon 5113 Annex A 83.04.69 (Dec  2 2008)</example>
-    <example>AVM FRITZ!Box Fon 5124 56.04.77 (Feb 14 2014)</example>
-    <example>AVM FRITZ!Box Fon 7170 Annex A.B ML Speedport W701V 58.04.67 (Dec 18 2008)</example>
-    <example>AVM FRITZ!Box 3272 126.05.50 (Feb 27 2013)</example>
-    <example>AVM FRITZ!Box 7170 Annex A 58.04.85 (Apr  4 2011)</example>
-    <example>AVM FRITZ!Box 7312 117.05.23 TAL (Jun  1 2012)</example>
-    <example>AVM FRITZ!Box WLAN 3270 v3 Edition Italia 125.05.52 (Feb  7 2014)</example>
-    <example>AVM FRITZ!Box Speedport W701V Annex A 58.04.82 (May 12 2010)</example>
+    <example os.product="FRITZ!Box Fon" os.version="06.03.13">AVM FRITZ!Box Fon 06.03.13</example>
+    <example os.product="FRITZ!Box Fon" os.version="06.03.65">AVM FRITZ!Box Fon 06.03.65 (Jun  7 2005)</example>
+    <example os.product="FRITZ!Box Fon 5010 Annex A (ITA)" os.version="48.04.46">AVM FRITZ!Box Fon 5010 Annex A (ITA) 48.04.46 (Sep 14 2007)</example>
+    <example os.product="FRITZ!Box Fon 5012 (UI)" os.version="25.03.90">AVM FRITZ!Box Fon 5012 (UI) 25.03.90 (3.01.03 tested by accredited T-Com test lab) (Oct 28 2005)</example>
+    <example os.product="FRITZ!Box Fon 5113 Annex A" os.version="83.04.69">AVM FRITZ!Box Fon 5113 Annex A 83.04.69 (Dec  2 2008)</example>
+    <example os.product="FRITZ!Box Fon 5124" os.version="56.04.77">AVM FRITZ!Box Fon 5124 56.04.77 (Feb 14 2014)</example>
+    <example os.product="FRITZ!Box Fon 7170 Annex A.B ML Speedport W701V" os.version="58.04.67">AVM FRITZ!Box Fon 7170 Annex A.B ML Speedport W701V 58.04.67 (Dec 18 2008)</example>
+    <example os.product="FRITZ!Box 3272" os.version="126.05.50">AVM FRITZ!Box 3272 126.05.50 (Feb 27 2013)</example>
+    <example os.product="FRITZ!Box 7170 Annex A" os.version="58.04.85">AVM FRITZ!Box 7170 Annex A 58.04.85 (Apr  4 2011)</example>
+    <example os.product="FRITZ!Box 7312" os.version="117.05.23">AVM FRITZ!Box 7312 117.05.23 TAL (Jun  1 2012)</example>
+    <example os.product="FRITZ!Box WLAN 3270 v3 Edition Italia" os.version="125.05.52">AVM FRITZ!Box WLAN 3270 v3 Edition Italia 125.05.52 (Feb  7 2014)</example>
+    <example os.product="FRITZ!Box Speedport W701V Annex A" os.version="58.04.82">AVM FRITZ!Box Speedport W701V Annex A 58.04.82 (May 12 2010)</example>
     <param pos="0" name="os.vendor" value="AVM"/>
     <param pos="0" name="os.family" value="FRITZ!Box"/>
     <param pos="1" name="os.product"/>
@@ -193,8 +193,8 @@
 
   <fingerprint pattern="^(?:AVM )?(FRITZ!Fon .*) +(\d+\.\d+\.\d+)">
     <description>AVM FritzFon</description>
-    <example>AVM FRITZ!Fon 7150 (fs) 38.04.56 (Mar 31 2008)</example>
-    <example>AVM FRITZ!Fon WLAN 7150 Annex A 58.04.84 (Apr  4 2011)</example>
+    <example os.product="FRITZ!Fon 7150 (fs)" os.version="38.04.56">AVM FRITZ!Fon 7150 (fs) 38.04.56 (Mar 31 2008)</example>
+    <example os.product="FRITZ!Fon WLAN 7150 Annex A" os.version="58.04.84">AVM FRITZ!Fon WLAN 7150 Annex A 58.04.84 (Apr  4 2011)</example>
     <param pos="0" name="os.vendor" value="AVM"/>
     <param pos="0" name="os.family" value="FRITZ!Fon"/>
     <param pos="1" name="os.product"/>
@@ -205,7 +205,7 @@
 
   <fingerprint pattern="^(?:AVM )?(Multibox .*) +(\d+\.\d+\.\d+)">
     <description>AVM Multibox - Generic</description>
-    <example>AVM Multibox 7390 NGN 84.05.09 (Jan 13 2012)</example>
+    <example os.product="Multibox 7390 NGN" os.version="84.05.09" hw.product="Multibox 7390 NGN">AVM Multibox 7390 NGN 84.05.09 (Jan 13 2012)</example>
     <param pos="0" name="os.vendor" value="AVM"/>
     <param pos="0" name="os.family" value="Multibox"/>
     <param pos="1" name="os.product"/>
@@ -269,10 +269,10 @@
 
   <fingerprint pattern="^(?:Polycom/[\d\.]+ )?Polycom(SoundPoint|VVX|SoundStation)\S+_(\d+)-UA/([\d\.]+)(?:_(.{12}))?$">
     <description>Polycom SoundPoint, SountdStation, VVX VoIP phones</description>
-    <example hw.version="5.8.0.13337" hw.family="VVX" hw.product="VVX 350">PolycomVVX-VVX_350-UA/5.8.0.13337</example>
-    <example hw.version="4.1.4.7430" hw.family="VVX" hw.product="VVX 400" host.mac="010203040506">PolycomVVX-VVX_400-UA/4.1.4.7430_010203040506</example>
-    <example hw.version="5.5.0.23866" hw.family="VVX" hw.product="VVX 501">Polycom/5.5.0.23866 PolycomVVX-VVX_501-UA/5.5.0.23866</example>
-    <example hw.version="4.0.7.2514" hw.family="SoundPoint" hw.product="SoundPoint 670">PolycomSoundPointIP-SPIP_670-UA/4.0.7.2514</example>
+    <example hw.version="5.8.0.13337" hw.family="VVX" hw.product="VVX 350" hw.model="350">PolycomVVX-VVX_350-UA/5.8.0.13337</example>
+    <example hw.version="4.1.4.7430" hw.family="VVX" hw.product="VVX 400" host.mac="010203040506" hw.model="400">PolycomVVX-VVX_400-UA/4.1.4.7430_010203040506</example>
+    <example hw.version="5.5.0.23866" hw.family="VVX" hw.product="VVX 501" hw.model="501">Polycom/5.5.0.23866 PolycomVVX-VVX_501-UA/5.5.0.23866</example>
+    <example hw.version="4.0.7.2514" hw.family="SoundPoint" hw.product="SoundPoint 670" hw.model="670">PolycomSoundPointIP-SPIP_670-UA/4.0.7.2514</example>
     <example hw.version="4.0.8.1608" hw.model="7000" hw.family="SoundStation" hw.product="SoundStation 7000">PolycomSoundStationIP-SSIP_7000-UA/4.0.8.1608</example>
     <param pos="0" name="hw.vendor" value="Polycom"/>
     <param pos="0" name="hw.device" value="VoIP"/>
@@ -285,9 +285,10 @@
 
   <fingerprint pattern="^(?:Polycom/[\d\.]+ )?Polycom(?:RealPresenceTrio)-Trio_(\S+)-UA/([\d\.]+)(?:_(.{12}))?$">
     <description>Polycom RealPresence Trio Phones</description>
-    <example hw.version="5.4.0.12197" hw.product="RealPresence Trio 8800">PolycomRealPresenceTrio-Trio_8800-UA/5.4.0.12197</example>
-    <example hw.version="5.7.2.3123" hw.product="RealPresence Trio Visual+">PolycomRealPresenceTrio-Trio_Visual+-UA/5.7.2.3123</example>
-    <example hw.version="5.4.3.2389" hw.product="RealPresence Trio 8800">Polycom/5.4.3.2389 PolycomRealPresenceTrio-Trio_8800-UA/5.4.3.2389</example>
+    <example hw.version="5.4.0.12197" hw.product="RealPresence Trio 8800" hw.model="8800">PolycomRealPresenceTrio-Trio_8800-UA/5.4.0.12197</example>
+    <example hw.version="5.7.2.3123" hw.product="RealPresence Trio Visual+" hw.model="Visual+">PolycomRealPresenceTrio-Trio_Visual+-UA/5.7.2.3123</example>
+    <example hw.version="5.4.3.2389" hw.product="RealPresence Trio 8800" hw.model="8800">Polycom/5.4.3.2389 PolycomRealPresenceTrio-Trio_8800-UA/5.4.3.2389</example>
+    <example hw.version="5.4.3.2389" hw.product="RealPresence Trio 8800" hw.model="8800" host.mac="DEADBEEF0000">Polycom/5.4.3.2389 PolycomRealPresenceTrio-Trio_8800-UA/5.4.3.2389_DEADBEEF0000</example>
     <param pos="0" name="hw.vendor" value="Polycom"/>
     <param pos="0" name="hw.device" value="VoIP"/>
     <param pos="0" name="hw.family" value="RealPresence"/>
@@ -596,7 +597,7 @@
 
   <fingerprint pattern="^Valcom (VIP-\w+) sw([\d.]+)">
     <description>Valcom SIP device with version</description>
-    <example os.version="1.50.28">Valcom VIP-204 sw1.50.28</example>
+    <example os.version="1.50.28" hw.product="VIP-204">Valcom VIP-204 sw1.50.28</example>
     <param pos="0" name="os.vendor" value="Valcom"/>
     <param pos="0" name="os.product" value="{hw.product} Firmware"/>
     <param pos="2" name="os.version"/>
@@ -617,4 +618,98 @@
     <param pos="1" name="os.version"/>
   </fingerprint>
 
+  <fingerprint pattern="^(TAU-\d+[A-Z]*(?:\.IP)?)/([\d.]+) SN/(VI[0-9A-Z]+)$">
+    <description>Eltex TAU model VoIP gateway - with serial number</description>
+    <example hw.product="TAU-8.IP" os.version="2.6.3">TAU-8.IP/2.6.3 SN/VI12345678</example>
+    <example os.version="2.0.0.229" hw.serial_number="VI4D012345">TAU-4M.IP/2.0.0.229 SN/VI4D012345</example>
+    <example hw.product="TAU-2M.IP" os.version="2.3.1.11" hw.serial_number="VI12345678">TAU-2M.IP/2.3.1.11 SN/VI12345678</example>
+    <example hw.product="TAU-1M.IP" os.version="2.0.0.229" hw.serial_number="VI3A012345">TAU-1M.IP/2.0.0.229 SN/VI3A012345</example>
+    <param pos="0" name="os.vendor" value="Eltex"/>
+    <param pos="0" name="os.product" value="{hw.product} Firmware"/>
+    <param pos="2" name="os.version"/>
+    <param pos="0" name="os.device" value="VoIP Gateway"/>
+    <param pos="0" name="hw.vendor" value="Eltex"/>
+    <param pos="1" name="hw.product"/>
+    <param pos="3" name="hw.serial_number"/>
+    <param pos="0" name="hw.device" value="VoIP Gateway"/>
+  </fingerprint>
+
+  <fingerprint pattern="^(TAU-\d+[A-Z]*(?:\.IP)?)/([\d.]+) SN/(VI[0-9A-Z]+) (?:SHA/[0-9a-f]+ )?sofia-sip/([\d.]+)$">
+    <description>Eltex TAU model VoIP gateway - with serial number and sofia version</description>
+    <example hw.product="TAU-8.IP" hw.serial_number="VI12345678">TAU-8.IP/2.3.0 SN/VI12345678 sofia-sip/1.12.10</example>
+    <example os.version="1.9.1" service.component.version="1.12.10">TAU-8.IP/1.9.1 SN/VI12345678 SHA/7404bd4 sofia-sip/1.12.10</example>
+    <example hw.product="TAU-2M.IP" os.version="1.13.3.5" hw.serial_number="VI12345678" service.component.version="1.12.10">TAU-2M.IP/1.13.3.5 SN/VI12345678 sofia-sip/1.12.10</example>
+    <example hw.product="TAU-1M.IP" os.version="1.9.3" hw.serial_number="VI3A012345" service.component.version="1.12.10">TAU-1M.IP/1.9.3 SN/VI3A012345 sofia-sip/1.12.10</example>
+    <param pos="0" name="service.vendor" value="FreeSWITCH"/>
+    <param pos="0" name="service.product" value="FreeSWITCH"/>
+    <param pos="0" name="service.device" value="SIP Gateway"/>
+    <param pos="0" name="service.cpe23" value="cpe:/a:freeswitch:freeswitch:-"/>
+    <param pos="0" name="service.component.vendor" value="FreeSWITCH"/>
+    <param pos="0" name="service.component.product" value="sofia-sip"/>
+    <param pos="4" name="service.component.version"/>
+    <param pos="0" name="os.vendor" value="Eltex"/>
+    <param pos="0" name="os.product" value="{hw.product} Firmware"/>
+    <param pos="2" name="os.version"/>
+    <param pos="0" name="os.device" value="VoIP Gateway"/>
+    <param pos="0" name="hw.vendor" value="Eltex"/>
+    <param pos="1" name="hw.product"/>
+    <param pos="3" name="hw.serial_number"/>
+    <param pos="0" name="hw.device" value="VoIP Gateway"/>
+  </fingerprint>
+
+  <fingerprint pattern="^(TAU-\d{1,2}) (?:build |v)([\d.]+) (?:with )?sofia-sip/([\d.]+)$">
+    <description>Eltex TAU model VoIP gateway - build variant with sofia version</description>
+    <example hw.product="TAU-72" os.version="2.18.0.35">TAU-72 build 2.18.0.35 sofia-sip/1.12.10</example>
+    <example service.component.version="1.12.10">TAU-1 v1.2 with sofia-sip/1.12.10</example>
+    <param pos="0" name="service.vendor" value="FreeSWITCH"/>
+    <param pos="0" name="service.product" value="FreeSWITCH"/>
+    <param pos="0" name="service.device" value="SIP Gateway"/>
+    <param pos="0" name="service.cpe23" value="cpe:/a:freeswitch:freeswitch:-"/>
+    <param pos="0" name="service.component.vendor" value="FreeSWITCH"/>
+    <param pos="0" name="service.component.product" value="sofia-sip"/>
+    <param pos="3" name="service.component.version"/>
+    <param pos="0" name="os.vendor" value="Eltex"/>
+    <param pos="0" name="os.product" value="{hw.product} Firmware"/>
+    <param pos="2" name="os.version"/>
+    <param pos="0" name="os.device" value="VoIP Gateway"/>
+    <param pos="0" name="hw.vendor" value="Eltex"/>
+    <param pos="1" name="hw.product"/>
+    <param pos="0" name="hw.device" value="VoIP Gateway"/>
+  </fingerprint>
+
+  <fingerprint pattern="^(?:Eltex )?(?:smg_pa_sip[ -]){1,2}([\d.]+)$">
+    <description>Eltex SMG model VoIP gateway - no model number</description>
+    <example os.version="3.9.1.50">Eltex smg_pa_sip smg_pa_sip-3.9.1.50</example>
+    <example os.version="3.10.1.22">smg_pa_sip smg_pa_sip-3.10.1.22</example>
+    <example os.version="3.18.0.67">smg_pa_sip 3.18.0.67</example>
+    <param pos="0" name="os.vendor" value="Eltex"/>
+    <param pos="0" name="os.product" value="SMG Firmware"/>
+    <param pos="1" name="os.version"/>
+    <param pos="0" name="os.device" value="VoIP Gateway"/>
+    <param pos="0" name="hw.vendor" value="Eltex"/>
+    <param pos="0" name="hw.device" value="VoIP Gateway"/>
+  </fingerprint>
+
+  <fingerprint pattern="^(RG-\d[\w-]+)/([\d.]+) SN/(VI\w+) (?:SHA/[0-9a-f]+ )?sofia-sip/([\d.]+)$">
+    <description>Eltex - NTP / NTU model broadband router - with serial number and sofia version</description>
+    <example hw.product="RG-5421G-Wac" hw.serial_number="VI12E45678">RG-5421G-Wac/2.4.2.87 SN/VI12E45678 sofia-sip/1.12.10</example>
+    <example os.version="1.11.0">RG-1404GF/1.11.0 SN/VI12E45678 sofia-sip/1.12.10</example>
+    <example service.component.version="1.12.1">RG-1404GF/1.8.0 SN/VI12E45678 SHA/0270864 sofia-sip/1.12.1</example>
+    <param pos="0" name="service.vendor" value="FreeSWITCH"/>
+    <param pos="0" name="service.product" value="FreeSWITCH"/>
+    <param pos="0" name="service.device" value="SIP Gateway"/>
+    <param pos="0" name="service.cpe23" value="cpe:/a:freeswitch:freeswitch:-"/>
+    <param pos="0" name="service.component.vendor" value="FreeSWITCH"/>
+    <param pos="0" name="service.component.product" value="sofia-sip"/>
+    <param pos="4" name="service.component.version"/>
+    <param pos="0" name="os.vendor" value="Eltex"/>
+    <param pos="0" name="os.product" value="{hw.product} Firmware"/>
+    <param pos="2" name="os.version"/>
+    <param pos="0" name="os.device" value="Broadband Router"/>
+    <param pos="0" name="hw.vendor" value="Eltex"/>
+    <param pos="1" name="hw.product"/>
+    <param pos="3" name="hw.serial_number"/>
+    <param pos="0" name="hw.device" value="Broadband Router"/>
+  </fingerprint>
+
 </fingerprints>

data/xml/smb_native_lm.xml

@@ -39,12 +39,12 @@
 
   <fingerprint pattern="^Samba (\d\.\d+.\d+\w*)">
     <description>Samba</description>
-    <example>Samba 3.0.24</example>
+    <example service.version="3.0.24">Samba 3.0.24</example>
     <example service.version="3.0.28a">Samba 3.0.28a</example>
-    <example>Samba 3.0.32-0.2-2210-SUSE-SL10.3</example>
-    <example>Samba 3.6.3</example>
-    <example>Samba 3.6.6</example>
-    <example>Samba 3.6.9-151.el6_4.1</example>
+    <example service.version="3.0.32">Samba 3.0.32-0.2-2210-SUSE-SL10.3</example>
+    <example service.version="3.6.3">Samba 3.6.3</example>
+    <example service.version="3.6.6">Samba 3.6.6</example>
+    <example service.version="3.6.9">Samba 3.6.9-151.el6_4.1</example>
     <param pos="0" name="service.vendor" value="Samba"/>
     <param pos="0" name="service.product" value="Samba"/>
     <param pos="1" name="service.version"/>

data/xml/smb_native_os.xml

@@ -156,8 +156,8 @@
 
   <fingerprint pattern="^Windows Server \(R\) 2008 (\w+|\w+ \w+|\w+ \w+ \w+)(?: (?:with|without) Hyper-V|) (\d+) (Service Pack \d+)(?:, v\.\d+)?$">
     <description>Windows Server 2008</description>
-    <example os.edition="Enterprise" os.version="Service Pack 1">Windows Server (R) 2008 Enterprise without Hyper-V 6001 Service Pack 1</example>
-    <example os.edition="Enterprise" os.version="Service Pack 2">Windows Server (R) 2008 Enterprise 6002 Service Pack 2, v.275</example>
+    <example os.edition="Enterprise" os.version="Service Pack 1" os.build="6001">Windows Server (R) 2008 Enterprise without Hyper-V 6001 Service Pack 1</example>
+    <example os.edition="Enterprise" os.version="Service Pack 2" os.build="6002">Windows Server (R) 2008 Enterprise 6002 Service Pack 2, v.275</example>
     <param pos="0" name="os.certainty" value="1.0"/>
     <param pos="0" name="os.vendor" value="Microsoft"/>
     <param pos="0" name="os.product" value="Windows Server 2008"/>
@@ -169,7 +169,7 @@
 
   <fingerprint pattern="^Windows \(R\) Web Server 2008 (\d+) (Service Pack \d+)$">
     <description>Windows Web Server 2008 (SP)</description>
-    <example os.edition="Web" os.version="Service Pack 2">Windows (R) Web Server 2008 6002 Service Pack 2</example>
+    <example os.edition="Web" os.version="Service Pack 2" os.build="6002">Windows (R) Web Server 2008 6002 Service Pack 2</example>
     <param pos="0" name="os.certainty" value="1.0"/>
     <param pos="0" name="os.vendor" value="Microsoft"/>
     <param pos="0" name="os.product" value="Windows Server 2008"/>
@@ -181,7 +181,7 @@
 
   <fingerprint pattern="^Windows \(R\) Web Server 2008 (\d+)$">
     <description>Windows Web Server 2008</description>
-    <example>Windows (R) Web Server 2008 6002</example>
+    <example os.build="6002">Windows (R) Web Server 2008 6002</example>
     <param pos="0" name="os.certainty" value="1.0"/>
     <param pos="0" name="os.vendor" value="Microsoft"/>
     <param pos="0" name="os.product" value="Windows Server 2008"/>
@@ -217,7 +217,7 @@
 
   <fingerprint pattern="^Windows Server 2008 HPC Edition (\d+) (Service Pack \d+)$">
     <description>Windows Server 2008 HPC</description>
-    <example>Windows Server 2008 HPC Edition 7601 Service Pack 1</example>
+    <example os.build="7601" os.version="Service Pack 1">Windows Server 2008 HPC Edition 7601 Service Pack 1</example>
     <param pos="0" name="os.certainty" value="1.0"/>
     <param pos="0" name="os.vendor" value="Microsoft"/>
     <param pos="0" name="os.product" value="Windows Server 2008"/>
@@ -229,7 +229,7 @@
 
   <fingerprint pattern="^Windows Server 2008 HPC Edition (\d+)$">
     <description>Windows Web Server 2008 HPC</description>
-    <example>Windows Server 2008 HPC Edition 7600</example>
+    <example os.build="7600">Windows Server 2008 HPC Edition 7600</example>
     <param pos="0" name="os.certainty" value="1.0"/>
     <param pos="0" name="os.vendor" value="Microsoft"/>
     <param pos="0" name="os.product" value="Windows Server 2008"/>
@@ -242,8 +242,8 @@
 
   <fingerprint pattern="^Windows Server 2008 R2 (\w+|\w+ \w+|\w+ \w+ \w+) (\d+) (Service Pack \d+)(?:, v\.\d+)?$">
     <description>Windows Server 2008 R2</description>
-    <example>Windows Server 2008 R2 Enterprise 7601 Service Pack 1</example>
-    <example>Windows Server 2008 R2 Standard 7601 Service Pack 1</example>
+    <example os.edition="Enterprise" os.build="7601" os.version="Service Pack 1">Windows Server 2008 R2 Enterprise 7601 Service Pack 1</example>
+    <example os.edition="Standard" os.build="7601" os.version="Service Pack 1">Windows Server 2008 R2 Standard 7601 Service Pack 1</example>
     <param pos="0" name="os.certainty" value="1.0"/>
     <param pos="0" name="os.vendor" value="Microsoft"/>
     <param pos="0" name="os.product" value="Windows Server 2008 R2"/>
@@ -255,9 +255,9 @@
 
   <fingerprint pattern="^Windows Server 2008 R2 (\w+|\w+ \w+|\w+ \w+ \w+) (\d+)$">
     <description>Windows Server 2008 R2 without Service Pack</description>
-    <example os.edition="Enterprise">Windows Server 2008 R2 Enterprise 7600</example>
-    <example os.edition="Standard">Windows Server 2008 R2 Standard 7600</example>
-    <example os.edition="Datacenter">Windows Server 2008 R2 Datacenter 7600</example>
+    <example os.edition="Enterprise" os.build="7600">Windows Server 2008 R2 Enterprise 7600</example>
+    <example os.edition="Standard" os.build="7600">Windows Server 2008 R2 Standard 7600</example>
+    <example os.edition="Datacenter" os.build="7600">Windows Server 2008 R2 Datacenter 7600</example>
     <param pos="0" name="os.certainty" value="1.0"/>
     <param pos="0" name="os.vendor" value="Microsoft"/>
     <param pos="0" name="os.product" value="Windows Server 2008 R2"/>
@@ -268,7 +268,7 @@
 
   <fingerprint pattern="^Windows Web Server 2008 R2 (\d+) (Service Pack \d+)$">
     <description>Windows Server 2008 R2 Web</description>
-    <example os.version="Service Pack 1">Windows Web Server 2008 R2 7601 Service Pack 1</example>
+    <example os.version="Service Pack 1" os.build="7601">Windows Web Server 2008 R2 7601 Service Pack 1</example>
     <param pos="0" name="os.certainty" value="1.0"/>
     <param pos="0" name="os.vendor" value="Microsoft"/>
     <param pos="0" name="os.product" value="Windows Server 2008 R2"/>
@@ -280,7 +280,7 @@
 
   <fingerprint pattern="^Windows Web Server 2008 R2 (\d+)$">
     <description>Windows Web Server 2008 R2 Web</description>
-    <example>Windows Web Server 2008 R2 7600</example>
+    <example os.build="7600">Windows Web Server 2008 R2 7600</example>
     <param pos="0" name="os.certainty" value="1.0"/>
     <param pos="0" name="os.vendor" value="Microsoft"/>
     <param pos="0" name="os.product" value="Windows Server 2008 R2"/>
@@ -378,7 +378,7 @@
 
   <fingerprint pattern="^Windows Vista \(TM\) (\w+|\w+ \w+|\w+ \w+ \w+) (\d+) (Service Pack \d+)$">
     <description>Windows Vista (SP)</description>
-    <example os.edition="Home Premium" os.version="Service Pack 2">Windows Vista (TM) Home Premium 6002 Service Pack 2</example>
+    <example os.edition="Home Premium" os.version="Service Pack 2" os.build="6002">Windows Vista (TM) Home Premium 6002 Service Pack 2</example>
     <param pos="0" name="os.certainty" value="1.0"/>
     <param pos="0" name="os.vendor" value="Microsoft"/>
     <param pos="0" name="os.product" value="Windows Vista"/>
@@ -390,7 +390,7 @@
 
   <fingerprint pattern="^Windows Vista \(TM\) (\w+|\w+ \w+|\w+ \w+ \w+) (\d+)$">
     <description>Windows Vista</description>
-    <example os.edition="Home Premium">Windows Vista (TM) Home Premium 6000</example>
+    <example os.edition="Home Premium" os.build="6000">Windows Vista (TM) Home Premium 6000</example>
     <param pos="0" name="os.certainty" value="1.0"/>
     <param pos="0" name="os.vendor" value="Microsoft"/>
     <param pos="0" name="os.product" value="Windows Vista"/>
@@ -401,9 +401,9 @@
 
   <fingerprint pattern="^(Windows (?:7|8|8\.1)(?:| RT)) (\w+|\w+ \w+|\w+ \w+ \w+) (\d+) (Service Pack \d+)(?:, v\.\d+)?$">
     <description>Windows 7/8 (SP + Edition)</description>
-    <example os.edition="Enterprise" os.version="Service Pack 1">Windows 7 Enterprise 7601 Service Pack 1</example>
-    <example os.edition="Starter" os.version="Service Pack 1">Windows 7 Starter 7601 Service Pack 1</example>
-    <example os.edition="Ultimate" os.build="7601" os.version="Service Pack 1">Windows 7 Ultimate 7601 Service Pack 1, v.178</example>
+    <example os.edition="Enterprise" os.version="Service Pack 1" os.product="Windows 7" os.build="7601">Windows 7 Enterprise 7601 Service Pack 1</example>
+    <example os.edition="Starter" os.version="Service Pack 1" os.product="Windows 7" os.build="7601">Windows 7 Starter 7601 Service Pack 1</example>
+    <example os.edition="Ultimate" os.build="7601" os.version="Service Pack 1" os.product="Windows 7">Windows 7 Ultimate 7601 Service Pack 1, v.178</example>
     <param pos="0" name="os.certainty" value="1.0"/>
     <param pos="0" name="os.vendor" value="Microsoft"/>
     <param pos="1" name="os.product"/>
@@ -414,7 +414,7 @@
 
   <fingerprint pattern="^(Windows (?:7|8|8\.1)(?:| RT)) (\d+) (Service Pack \d+)$">
     <description>Windows 7/8 (SP)</description>
-    <example os.version="Service Pack 1">Windows 7 7601 Service Pack 1</example>
+    <example os.version="Service Pack 1" os.product="Windows 7" os.build="7601">Windows 7 7601 Service Pack 1</example>
     <param pos="0" name="os.certainty" value="1.0"/>
     <param pos="0" name="os.vendor" value="Microsoft"/>
     <param pos="1" name="os.product"/>
@@ -424,9 +424,9 @@
 
   <fingerprint pattern="^(Windows (?:7|8|8\.1)(?:| RT)) (\w+|\w+ \w+|\w+ \w+ \w+) (\d+)$">
     <description>Windows 7/8 (Edition)</description>
-    <example os.edition="Enterprise">Windows 7 Enterprise 7600</example>
-    <example os.edition="Enterprise">Windows 8.1 Enterprise 9600</example>
-    <example os.edition="Enterprise">Windows 8 Enterprise 9200</example>
+    <example os.edition="Enterprise" os.product="Windows 7" os.build="7600">Windows 7 Enterprise 7600</example>
+    <example os.edition="Enterprise" os.product="Windows 8.1" os.build="9600">Windows 8.1 Enterprise 9600</example>
+    <example os.edition="Enterprise" os.product="Windows 8" os.build="9200">Windows 8 Enterprise 9200</example>
     <param pos="0" name="os.certainty" value="1.0"/>
     <param pos="0" name="os.vendor" value="Microsoft"/>
     <param pos="1" name="os.product"/>
@@ -436,7 +436,7 @@
 
   <fingerprint pattern="^(Windows (?:7|8|8\.1)(?:| RT)) (\d+)$">
     <description>Windows 7/8</description>
-    <example>Windows 8 9200</example>
+    <example os.product="Windows 8" os.build="9200">Windows 8 9200</example>
     <param pos="0" name="os.certainty" value="1.0"/>
     <param pos="0" name="os.vendor" value="Microsoft"/>
     <param pos="1" name="os.product"/>
@@ -508,7 +508,7 @@
 
   <fingerprint pattern="^Windows Server 2012 (\w+|\w+ \w+|\w+ \w+ \w+) (\d+)$">
     <description>Windows Server 2012</description>
-    <example>Windows Server 2012 Standard 9200</example>
+    <example os.edition="Standard" os.build="9200">Windows Server 2012 Standard 9200</example>
     <param pos="0" name="os.certainty" value="1.0"/>
     <param pos="0" name="os.vendor" value="Microsoft"/>
     <param pos="0" name="os.product" value="Windows Server 2012"/>
@@ -637,7 +637,7 @@
 
   <fingerprint pattern="^EMC-SNAS:T([\d\.]+)?$">
     <description>EMC Celerra</description>
-    <example service.version="7.1.80.7">EMC-SNAS:T7.1.80.7</example>
+    <example service.version="7.1.80.7" os.version="7.1.80.7">EMC-SNAS:T7.1.80.7</example>
     <param pos="0" name="service.vendor" value="EMC"/>
     <param pos="0" name="service.product" value="Celerra"/>
     <param pos="1" name="service.version"/>