recog 2.3.5 → 2.3.10

data/xml/snmp_sysobjid.xml

@@ -1,15 +1,18 @@
-<?xml version="1.0" encoding="UTF-8"?>
+<?xml version='1.0' encoding='UTF-8'?>
 <fingerprints matches="snmp.sys_object_id" protocol="snmp" database_type="service">
   <!--
     SNMP fingerprint definitions for SysObjectIDs. These are matched against the value of the
     'sysObjectID' (OID 1.3.6.1.2.1.1.2) variable.
   -->
+
   <!--======================================================================
                               MICROSOFT
    =======================================================================-->
+
   <!--
       These are baseline patterns that map to sysObjectID with their associated sysDescr.
    -->
+
   <fingerprint pattern="^1\.3\.6\.1\.4\.1\.311\.1\.1\.3\.1\.[23] Hardware: x86.*Software: Windows NT Version 4\.0.*$">
     <description>Windows NT 4 on x86</description>
     <example>1.3.6.1.4.1.311.1.1.3.1.2 Hardware: x86 Family 6 Model 8 Stepping 3 AT/AT COMPATIBLE  - Software: Windows NT Version 4.0  (Build Number: 1381 Uniprocessor Free )</example>
@@ -21,6 +24,7 @@
     <param pos="0" name="os.arch" value="x86"/>
     <param pos="0" name="os.cpe23" value="cpe:/o:microsoft:windows_nt:4.0"/>
   </fingerprint>
+
   <fingerprint pattern="^1\.3\.6\.1\.4\.1\.311\.1\.1\.3\.1\.2 Hardware: x86.*Software: Windows 2000 Version 5\.0.*$">
     <description>Windows 2000 on x86</description>
     <example>1.3.6.1.4.1.311.1.1.3.1.2 Hardware: x86 Family 15 Model 4 Stepping 8 AT/AT COMPATIBLE - Software: Windows 2000 Version 5.0 (Build 2195 Uniprocessor Free)</example>
@@ -30,6 +34,7 @@
     <param pos="0" name="os.arch" value="x86"/>
     <param pos="0" name="os.cpe23" value="cpe:/o:microsoft:windows_2000:-"/>
   </fingerprint>
+
   <fingerprint pattern="^1\.3\.6\.1\.4\.1\.311\.1\.1\.3\.1\.3 Hardware: x86.*Software: Windows 2000 Version 5\.0.*$">
     <description>Windows 2000 Datacenter on x86</description>
     <example>1.3.6.1.4.1.311.1.1.3.1.3 Hardware: x86 Family 15 Model 4 Stepping 8 AT/AT COMPATIBLE - Software: Windows 2000 Version 5.0 (Build 2195 Uniprocessor Free)</example>
@@ -39,6 +44,7 @@
     <param pos="0" name="os.arch" value="x86"/>
     <param pos="0" name="os.cpe23" value="cpe:/o:microsoft:windows_2000:-"/>
   </fingerprint>
+
   <fingerprint pattern="^1\.3\.6\.1\.4\.1\.311\.1\.1\.3\.1\.2 Hardware: x86.*Software: Windows Version 5\.2.*$">
     <description>Windows Server 2003 on x86</description>
     <example>1.3.6.1.4.1.311.1.1.3.1.2 Hardware: x86 Family 15 Model 4 Stepping 3 AT/AT COMPATIBLE - Software: Windows Version 5.2 (Build 3790 Multiprocessor Free)</example>
@@ -48,6 +54,7 @@
     <param pos="0" name="os.arch" value="x86"/>
     <param pos="0" name="os.cpe23" value="cpe:/o:microsoft:windows_server_2003:-"/>
   </fingerprint>
+
   <fingerprint pattern="^1\.3\.6\.1\.4\.1\.311\.1\.1\.3\.1\.3 Hardware: x86.*Software: Windows Version 5\.2.*$">
     <description>Windows Server 2003 Datacenter on x86</description>
     <example>1.3.6.1.4.1.311.1.1.3.1.3 Hardware: x86 Family 15 Model 4 Stepping 3 AT/AT COMPATIBLE - Software: Windows Version 5.2 (Build 3790 Multiprocessor Free)</example>
@@ -57,6 +64,7 @@
     <param pos="0" name="os.arch" value="x86"/>
     <param pos="0" name="os.cpe23" value="cpe:/o:microsoft:windows_server_2003:-"/>
   </fingerprint>
+
   <fingerprint pattern="^1\.3\.6\.1\.4\.1\.311\.1\.1\.3\.1\.2 Hardware: \S+64.*Software: Windows Version 5\.2.*$">
     <description>Windows Server 2003 on x86_64</description>
     <example>1.3.6.1.4.1.311.1.1.3.1.2 Hardware: AMD64 Family 15 Model 4 Stepping 3 AT/AT COMPATIBLE - Software: Windows Version 5.2 (Build 3790 Multiprocessor Free)</example>
@@ -67,6 +75,7 @@
     <param pos="0" name="os.arch" value="x86_64"/>
     <param pos="0" name="os.cpe23" value="cpe:/o:microsoft:windows_server_2003:-"/>
   </fingerprint>
+
   <fingerprint pattern="^1\.3\.6\.1\.4\.1\.311\.1\.1\.3\.1\.3 Hardware: \S+64.*Software: Windows Version 5\.2.*$">
     <description>Windows Server 2003 Datacenter on x86_64</description>
     <example>1.3.6.1.4.1.311.1.1.3.1.3 Hardware: AMD64 Family 15 Model 4 Stepping 3 AT/AT COMPATIBLE - Software: Windows Version 5.2 (Build 3790 Multiprocessor Free)</example>
@@ -77,6 +86,7 @@
     <param pos="0" name="os.arch" value="x86_64"/>
     <param pos="0" name="os.cpe23" value="cpe:/o:microsoft:windows_server_2003:-"/>
   </fingerprint>
+
   <fingerprint pattern="^Microsoft Windows CE Version ([\d.]+).*$">
     <description>Windows CE</description>
     <example>Microsoft Windows CE Version 4.20 (Build 0)</example>
@@ -87,6 +97,7 @@
     <param pos="1" name="os.version"/>
     <param pos="0" name="os.cpe23" value="cpe:/o:microsoft:windows_ce:{os.version}"/>
   </fingerprint>
+
   <fingerprint pattern="^1\.3\.6\.1\.4\.1\.311\.1\.1\.3\.1\.2 Hardware: x86.*Software: Windows Version 6\.0 \(Build 6001.*$">
     <description>Windows Server 2008 on x86</description>
     <example>1.3.6.1.4.1.311.1.1.3.1.2 Hardware: x86 Family 15 Model 2 Stepping 5 AT/AT COMPATIBLE - Software: Windows Version 6.0 (Build 6001 Multiprocessor Free)</example>
@@ -96,6 +107,7 @@
     <param pos="0" name="os.arch" value="x86"/>
     <param pos="0" name="os.cpe23" value="cpe:/o:microsoft:windows_server_2008:-"/>
   </fingerprint>
+
   <fingerprint pattern="^1\.3\.6\.1\.4\.1\.311\.1\.1\.3\.1\.3 Hardware: x86.*Software: Windows Version 6\.0 \(Build 6001.*$">
     <description>Windows Server 2008 Datacenter on x86</description>
     <example>1.3.6.1.4.1.311.1.1.3.1.3 Hardware: x86 Family 15 Model 2 Stepping 5 AT/AT COMPATIBLE - Software: Windows Version 6.0 (Build 6001 Multiprocessor Free)</example>
@@ -105,6 +117,7 @@
     <param pos="0" name="os.arch" value="x86"/>
     <param pos="0" name="os.cpe23" value="cpe:/o:microsoft:windows_server_2008:-"/>
   </fingerprint>
+
   <fingerprint pattern="^1\.3\.6\.1\.4\.1\.311\.1\.1\.3\.1\.2 Hardware: \S+64.*Software: Windows Version 6\.0 \(Build 6001.*$">
     <description>Windows Server 2008 on x86_64</description>
     <example>1.3.6.1.4.1.311.1.1.3.1.2 Hardware: AMD64 Family 16 Model 2 Stepping 3 AT/AT COMPATIBLE - Software: Windows Version 6.0 (Build 6001 Multiprocessor Free)</example>
@@ -115,6 +128,7 @@
     <param pos="0" name="os.arch" value="x86_64"/>
     <param pos="0" name="os.cpe23" value="cpe:/o:microsoft:windows_server_2008:-"/>
   </fingerprint>
+
   <fingerprint pattern="^1\.3\.6\.1\.4\.1\.311\.1\.1\.3\.1\.3 Hardware: \S+64.*Software: Windows Version 6\.0 \(Build 6001.*$">
     <description>Windows Server 2008 Datacenter on x86_64</description>
     <example>1.3.6.1.4.1.311.1.1.3.1.3 Hardware: AMD64 Family 16 Model 2 Stepping 3 AT/AT COMPATIBLE - Software: Windows Version 6.0 (Build 6001 Multiprocessor Free)</example>
@@ -125,6 +139,7 @@
     <param pos="0" name="os.arch" value="x86_64"/>
     <param pos="0" name="os.cpe23" value="cpe:/o:microsoft:windows_server_2008:-"/>
   </fingerprint>
+
   <fingerprint pattern="^1\.3\.6\.1\.4\.1\.311\.1\.1\.3\.1\.2 Hardware: x86.*Software: Windows Version 6\.0 \(Build 6002.*$">
     <description>Windows Server 2008 SP2 on x86</description>
     <example>1.3.6.1.4.1.311.1.1.3.1.2 Hardware: x86 Family 16 Model 2 Stepping 3 AT/AT COMPATIBLE - Software: Windows Version 6.0 (Build 6002 Multiprocessor Free)</example>
@@ -135,6 +150,7 @@
     <param pos="0" name="os.arch" value="x86"/>
     <param pos="0" name="os.cpe23" value="cpe:/o:microsoft:windows_server_2008:SP2"/>
   </fingerprint>
+
   <fingerprint pattern="^1\.3\.6\.1\.4\.1\.311\.1\.1\.3\.1\.3 Hardware: x86.*Software: Windows Version 6\.0 \(Build 6002.*$">
     <description>Windows Server 2008 Datacenter SP2 on x86</description>
     <example>1.3.6.1.4.1.311.1.1.3.1.3 Hardware: x86 Family 16 Model 2 Stepping 3 AT/AT COMPATIBLE - Software: Windows Version 6.0 (Build 6002 Multiprocessor Free)</example>
@@ -145,6 +161,7 @@
     <param pos="0" name="os.arch" value="x86"/>
     <param pos="0" name="os.cpe23" value="cpe:/o:microsoft:windows_server_2008:SP2"/>
   </fingerprint>
+
   <fingerprint pattern="^1\.3\.6\.1\.4\.1\.311\.1\.1\.3\.1\.2 Hardware: \S+64.*Software: Windows Version 6\.0 \(Build 6002.*$">
     <description>Windows Server 2008 SP2 on x86_64</description>
     <example>1.3.6.1.4.1.311.1.1.3.1.2 Hardware: AMD64 Family 16 Model 2 Stepping 3 AT/AT COMPATIBLE - Software: Windows Version 6.0 (Build 6002 Multiprocessor Free)</example>
@@ -156,6 +173,7 @@
     <param pos="0" name="os.arch" value="x86_64"/>
     <param pos="0" name="os.cpe23" value="cpe:/o:microsoft:windows_server_2008:SP2"/>
   </fingerprint>
+
   <fingerprint pattern="^1\.3\.6\.1\.4\.1\.311\.1\.1\.3\.1\.3 Hardware: \S+64.*Software: Windows Version 6\.0 \(Build 6002.*$">
     <description>Windows Server 2008 Datacenter SP2 on x86_64</description>
     <example>1.3.6.1.4.1.311.1.1.3.1.3 Hardware: AMD64 Family 16 Model 2 Stepping 3 AT/AT COMPATIBLE - Software: Windows Version 6.0 (Build 6002 Multiprocessor Free)</example>
@@ -167,6 +185,7 @@
     <param pos="0" name="os.arch" value="x86_64"/>
     <param pos="0" name="os.cpe23" value="cpe:/o:microsoft:windows_server_2008:SP2"/>
   </fingerprint>
+
   <fingerprint pattern="^1\.3\.6\.1\.4\.1\.311\.1\.1\.3\.1\.2 Hardware: x86.*Software: Windows Version 6\.1 \(Build 7600.*$">
     <description>Windows Server 2008 R2 on x86</description>
     <example>1.3.6.1.4.1.311.1.1.3.1.2 Hardware: x86 Family 15 Model 2 Stepping 5 AT/AT COMPATIBLE - Software: Windows Version 6.1 (Build 7600 Multiprocessor Free)</example>
@@ -176,6 +195,7 @@
     <param pos="0" name="os.arch" value="x86"/>
     <param pos="0" name="os.cpe23" value="cpe:/o:microsoft:windows_server_2008:-"/>
   </fingerprint>
+
   <fingerprint pattern="^1\.3\.6\.1\.4\.1\.311\.1\.1\.3\.1\.3 Hardware: x86.*Software: Windows Version 6\.1 \(Build 7600.*$">
     <description>Windows Server 2008 Datacenter R2 on x86</description>
     <example>1.3.6.1.4.1.311.1.1.3.1.3 Hardware: x86 Family 15 Model 2 Stepping 5 AT/AT COMPATIBLE - Software: Windows Version 6.1 (Build 7600 Multiprocessor Free)</example>
@@ -185,6 +205,7 @@
     <param pos="0" name="os.arch" value="x86"/>
     <param pos="0" name="os.cpe23" value="cpe:/o:microsoft:windows_server_2008:-"/>
   </fingerprint>
+
   <fingerprint pattern="^1\.3\.6\.1\.4\.1\.311\.1\.1\.3\.1\.2 Hardware: \S+64.*Software: Windows Version 6\.1 \(Build 7600.*$">
     <description>Windows Server 2008 R2 on x86_64</description>
     <example>1.3.6.1.4.1.311.1.1.3.1.2 Hardware: AMD64 Family 16 Model 2 Stepping 3 AT/AT COMPATIBLE - Software: Windows Version 6.1 (Build 7600 Multiprocessor Free)</example>
@@ -195,6 +216,7 @@
     <param pos="0" name="os.arch" value="x86_64"/>
     <param pos="0" name="os.cpe23" value="cpe:/o:microsoft:windows_server_2008:-"/>
   </fingerprint>
+
   <fingerprint pattern="^1\.3\.6\.1\.4\.1\.311\.1\.1\.3\.1\.3 Hardware: \S+64.*Software: Windows Version 6\.1 \(Build 7600.*$">
     <description>Windows Server 2008 Datacenter R2 on x86_64</description>
     <example>1.3.6.1.4.1.311.1.1.3.1.3 Hardware: AMD64 Family 16 Model 2 Stepping 3 AT/AT COMPATIBLE - Software: Windows Version 6.1 (Build 7600 Multiprocessor Free)</example>
@@ -205,6 +227,7 @@
     <param pos="0" name="os.arch" value="x86_64"/>
     <param pos="0" name="os.cpe23" value="cpe:/o:microsoft:windows_server_2008:-"/>
   </fingerprint>
+
   <fingerprint pattern="^1\.3\.6\.1\.4\.1\.311\.1\.1\.3\.1\.2 Hardware: x86.*Software: Windows Version 6\.1 \(Build 7601.*$">
     <description>Windows Server 2008 R2 SP1 on x86</description>
     <example>1.3.6.1.4.1.311.1.1.3.1.2 Hardware: x86 Family 15 Model 2 Stepping 5 AT/AT COMPATIBLE - Software: Windows Version 6.1 (Build 7601 Multiprocessor Free)</example>
@@ -215,6 +238,7 @@
     <param pos="0" name="os.arch" value="x86"/>
     <param pos="0" name="os.cpe23" value="cpe:/o:microsoft:windows_server_2008:SP1"/>
   </fingerprint>
+
   <fingerprint pattern="^1\.3\.6\.1\.4\.1\.311\.1\.1\.3\.1\.3 Hardware: x86.*Software: Windows Version 6\.1 \(Build 7601.*$">
     <description>Windows Server 2008 Datacenter R2 SP1 on x86</description>
     <example>1.3.6.1.4.1.311.1.1.3.1.3 Hardware: x86 Family 15 Model 2 Stepping 5 AT/AT COMPATIBLE - Software: Windows Version 6.1 (Build 7601 Multiprocessor Free)</example>
@@ -225,6 +249,7 @@
     <param pos="0" name="os.arch" value="x86"/>
     <param pos="0" name="os.cpe23" value="cpe:/o:microsoft:windows_server_2008:SP1"/>
   </fingerprint>
+
   <fingerprint pattern="^1\.3\.6\.1\.4\.1\.311\.1\.1\.3\.1\.2 Hardware: \S+64.*Software: Windows Version 6\.1 \(Build 7601.*$">
     <description>Windows Server 2008 R2 SP1 on x86_64</description>
     <example>1.3.6.1.4.1.311.1.1.3.1.2 Hardware: AMD64 Family 16 Model 2 Stepping 3 AT/AT COMPATIBLE - Software: Windows Version 6.1 (Build 7601 Multiprocessor Free)</example>
@@ -236,6 +261,7 @@
     <param pos="0" name="os.arch" value="x86_64"/>
     <param pos="0" name="os.cpe23" value="cpe:/o:microsoft:windows_server_2008:SP1"/>
   </fingerprint>
+
   <fingerprint pattern="^1\.3\.6\.1\.4\.1\.311\.1\.1\.3\.1\.3 Hardware: \S+64.*Software: Windows Version 6\.1 \(Build 7601.*$">
     <description>Windows Server 2008 Datacenter R2 SP1 on x86_64</description>
     <example>1.3.6.1.4.1.311.1.1.3.1.3 Hardware: AMD64 Family 16 Model 2 Stepping 3 AT/AT COMPATIBLE - Software: Windows Version 6.1 (Build 7601 Multiprocessor Free)</example>
@@ -247,6 +273,7 @@
     <param pos="0" name="os.arch" value="x86_64"/>
     <param pos="0" name="os.cpe23" value="cpe:/o:microsoft:windows_server_2008:SP1"/>
   </fingerprint>
+
   <fingerprint pattern="^1\.3\.6\.1\.4\.1\.311\.1\.1\.3\.1\.2 Hardware: \S+64.*Software: Windows Version 6\.2 \(Build 9200.*$">
     <description>Windows Server 2012 on x86_64</description>
     <example>1.3.6.1.4.1.311.1.1.3.1.2 Hardware: Intel64 Family 6 Model 2 Stepping 3 AT/AT COMPATIBLE - Software: Windows Version 6.2 (Build 9200 Multiprocessor Free)</example>
@@ -256,7 +283,9 @@
     <param pos="0" name="os.arch" value="x86_64"/>
     <param pos="0" name="os.cpe23" value="cpe:/o:microsoft:windows_server_2012:-"/>
   </fingerprint>
+
   <!-- Various OIDs for Net-SNMP agents which are OS specific -->
+
   <fingerprint pattern="^1\.3\.6\.1\.4\.1\.8072\.3\.2\.1$">
     <description>Net-SNMP on hpux9</description>
     <example>1.3.6.1.4.1.8072.3.2.1</example>
@@ -269,6 +298,7 @@
     <param pos="0" name="service.product" value="SNMP Agent"/>
     <param pos="0" name="service.cpe23" value="cpe:/a:net-snmp:net-snmp:-"/>
   </fingerprint>
+
   <fingerprint pattern="^1\.3\.6\.1\.4\.1\.8072\.3\.2\.2$">
     <description>Net-SNMP on sunos4</description>
     <example>1.3.6.1.4.1.8072.3.2.2</example>
@@ -280,6 +310,7 @@
     <param pos="0" name="service.product" value="SNMP Agent"/>
     <param pos="0" name="service.cpe23" value="cpe:/a:net-snmp:net-snmp:-"/>
   </fingerprint>
+
   <fingerprint pattern="^1\.3\.6\.1\.4\.1\.8072\.3\.2\.3$">
     <description>Net-SNMP on solaris</description>
     <example>1.3.6.1.4.1.8072.3.2.3</example>
@@ -291,6 +322,7 @@
     <param pos="0" name="service.product" value="SNMP Agent"/>
     <param pos="0" name="service.cpe23" value="cpe:/a:net-snmp:net-snmp:-"/>
   </fingerprint>
+
   <fingerprint pattern="^1\.3\.6\.1\.4\.1\.8072\.3\.2\.4$">
     <description>Net-SNMP on osf</description>
     <example>1.3.6.1.4.1.8072.3.2.4</example>
@@ -300,6 +332,7 @@
     <param pos="0" name="service.product" value="SNMP Agent"/>
     <param pos="0" name="service.cpe23" value="cpe:/a:net-snmp:net-snmp:-"/>
   </fingerprint>
+
   <fingerprint pattern="^1\.3\.6\.1\.4\.1\.8072\.3\.2\.5$">
     <description>Net-SNMP on ultrix</description>
     <example>1.3.6.1.4.1.8072.3.2.5</example>
@@ -309,6 +342,7 @@
     <param pos="0" name="service.product" value="SNMP Agent"/>
     <param pos="0" name="service.cpe23" value="cpe:/a:net-snmp:net-snmp:-"/>
   </fingerprint>
+
   <fingerprint pattern="^1\.3\.6\.1\.4\.1\.8072\.3\.2\.6$">
     <description>Net-SNMP on hpux10</description>
     <example>1.3.6.1.4.1.8072.3.2.6</example>
@@ -321,6 +355,7 @@
     <param pos="0" name="service.product" value="SNMP Agent"/>
     <param pos="0" name="service.cpe23" value="cpe:/a:net-snmp:net-snmp:-"/>
   </fingerprint>
+
   <fingerprint pattern="^1\.3\.6\.1\.4\.1\.8072\.3\.2\.7$">
     <description>Net-SNMP on netbsd</description>
     <example>1.3.6.1.4.1.8072.3.2.7</example>
@@ -332,6 +367,7 @@
     <param pos="0" name="service.product" value="SNMP Agent"/>
     <param pos="0" name="service.cpe23" value="cpe:/a:net-snmp:net-snmp:-"/>
   </fingerprint>
+
   <fingerprint pattern="^1\.3\.6\.1\.4\.1\.8072\.3\.2\.8$">
     <description>Net-SNMP on freebsd</description>
     <example>1.3.6.1.4.1.8072.3.2.8</example>
@@ -343,6 +379,7 @@
     <param pos="0" name="service.product" value="SNMP Agent"/>
     <param pos="0" name="service.cpe23" value="cpe:/a:net-snmp:net-snmp:-"/>
   </fingerprint>
+
   <fingerprint pattern="^1\.3\.6\.1\.4\.1\.8072\.3\.2\.9$">
     <description>Net-SNMP on irix</description>
     <example>1.3.6.1.4.1.8072.3.2.9</example>
@@ -354,6 +391,7 @@
     <param pos="0" name="service.product" value="SNMP Agent"/>
     <param pos="0" name="service.cpe23" value="cpe:/a:net-snmp:net-snmp:-"/>
   </fingerprint>
+
   <fingerprint pattern="^1\.3\.6\.1\.4\.1\.8072\.3\.2\.10$">
     <description>Net-SNMP on linux</description>
     <example>1.3.6.1.4.1.8072.3.2.10</example>
@@ -363,6 +401,7 @@
     <param pos="0" name="service.product" value="SNMP Agent"/>
     <param pos="0" name="service.cpe23" value="cpe:/a:net-snmp:net-snmp:-"/>
   </fingerprint>
+
   <fingerprint pattern="^1\.3\.6\.1\.4\.1\.8072\.3\.2\.11$">
     <description>Net-SNMP on bsdi</description>
     <example>1.3.6.1.4.1.8072.3.2.11</example>
@@ -372,6 +411,7 @@
     <param pos="0" name="service.product" value="SNMP Agent"/>
     <param pos="0" name="service.cpe23" value="cpe:/a:net-snmp:net-snmp:-"/>
   </fingerprint>
+
   <fingerprint pattern="^1\.3\.6\.1\.4\.1\.8072\.3\.2\.12$">
     <description>Net-SNMP on openbsd</description>
     <example>1.3.6.1.4.1.8072.3.2.12</example>
@@ -383,6 +423,7 @@
     <param pos="0" name="service.product" value="SNMP Agent"/>
     <param pos="0" name="service.cpe23" value="cpe:/a:net-snmp:net-snmp:-"/>
   </fingerprint>
+
   <fingerprint pattern="^1\.3\.6\.1\.4\.1\.8072\.3\.2\.13$">
     <description>Net-SNMP on win32</description>
     <example>1.3.6.1.4.1.8072.3.2.13</example>
@@ -394,6 +435,7 @@
     <param pos="0" name="service.product" value="SNMP Agent"/>
     <param pos="0" name="service.cpe23" value="cpe:/a:net-snmp:net-snmp:-"/>
   </fingerprint>
+
   <fingerprint pattern="^1\.3\.6\.1\.4\.1\.8072\.3\.2\.14$">
     <description>Net-SNMP on hpux11</description>
     <example>1.3.6.1.4.1.8072.3.2.14</example>
@@ -406,6 +448,7 @@
     <param pos="0" name="service.product" value="SNMP Agent"/>
     <param pos="0" name="service.cpe23" value="cpe:/a:net-snmp:net-snmp:-"/>
   </fingerprint>
+
   <fingerprint pattern="^1\.3\.6\.1\.4\.1\.8072\.3\.2\.15$">
     <description>Net-SNMP on aix</description>
     <example>1.3.6.1.4.1.8072.3.2.15</example>
@@ -417,6 +460,7 @@
     <param pos="0" name="service.product" value="SNMP Agent"/>
     <param pos="0" name="service.cpe23" value="cpe:/a:net-snmp:net-snmp:-"/>
   </fingerprint>
+
   <fingerprint pattern="^1\.3\.6\.1\.4\.1\.8072\.3\.2\.16$">
     <description>Net-SNMP on macosx</description>
     <example>1.3.6.1.4.1.8072.3.2.16</example>
@@ -427,4 +471,5 @@
     <param pos="0" name="service.product" value="SNMP Agent"/>
     <param pos="0" name="service.cpe23" value="cpe:/a:net-snmp:net-snmp:-"/>
   </fingerprint>
-</fingerprints>
+
+</fingerprints>

data/xml/ssh_banners.xml

@@ -1,15 +1,17 @@
-<?xml version="1.0" encoding="UTF-8"?>
+<?xml version='1.0' encoding='UTF-8'?>
 <fingerprints matches="ssh.banner" protocol="ssh" database_type="service" preference="0.90">
   <!--
   SSH "software revision and comment" strings (official RFC nomenclature for the part of
   the identification string after "SSH-x.x-") are matched against these patterns to
   fingerprint SSH servers.
   -->
+
   <fingerprint pattern="^ArrayOS$">
     <description>Array Networks device</description>
     <example>ArrayOS</example>
     <param pos="0" name="service.vendor" value="Array Networks"/>
   </fingerprint>
+
   <fingerprint pattern="^RomSShell_([\d\.]+)$">
     <description>Allegro RomSShell SSH</description>
     <example service.version="4.62">RomSShell_4.62</example>
@@ -17,14 +19,16 @@
     <param pos="0" name="service.product" value="RomSShell"/>
     <param pos="1" name="service.version"/>
   </fingerprint>
+
   <fingerprint pattern="(?i)^DraySSH_\S+$">
     <description>DrayTek generic</description>
     <example>DraySSH_2.0</example>
     <param pos="0" name="hw.vendor" value="DrayTek"/>
   </fingerprint>
+
   <fingerprint pattern="^mpSSH_([\d\.]+)$">
     <description>HP Integrated Lights Out (iLO) usually bundled with HP servers</description>
-    <example>mpSSH_0.0.1</example>
+    <example service.version="0.0.1">mpSSH_0.0.1</example>
     <param pos="0" name="service.vendor" value="HP"/>
     <param pos="0" name="service.product" value="iLO"/>
     <param pos="0" name="service.family" value="iLO"/>
@@ -36,6 +40,7 @@
     <param pos="0" name="os.family" value="iLO"/>
     <param pos="0" name="os.device" value="Lights Out Management"/>
   </fingerprint>
+
   <fingerprint pattern="^Serv-U_([\d\.]+)$">
     <description>Serv-U SSH</description>
     <example service.version="7.4.0.1">Serv-U_7.4.0.1</example>
@@ -43,6 +48,7 @@
     <param pos="0" name="service.product" value="Serv-U"/>
     <param pos="1" name="service.version"/>
   </fingerprint>
+
   <fingerprint pattern="WS_FTP-SSH_([\d\.]+)$">
     <description>WS_FTP Server with SSH</description>
     <example service.version="6.1.1">WS_FTP-SSH_6.1.1</example>
@@ -52,6 +58,7 @@
     <param pos="1" name="service.version"/>
     <param pos="0" name="service.cpe23" value="cpe:/a:ipswitch:ws_ftp:{service.version}"/>
   </fingerprint>
+
   <fingerprint pattern="IPSSH[-_]([\d\.p]+).*$">
     <description>VxWorks with version information</description>
     <example os.version="6.9.0">IPSSH-6.9.0</example>
@@ -60,8 +67,427 @@
     <param pos="1" name="os.version"/>
     <param pos="0" name="os.cpe23" value="cpe:/o:windriver:vxworks:{os.version}"/>
   </fingerprint>
-  <fingerprint pattern="^OpenSSH_([^\s]+)\s+(FreeBSD[ -].*)$">
-    <description>OpenSSH running on FreeBSD</description>
+
+  <!-- FreeBSD -->
+
+  <fingerprint pattern="^OpenSSH_(2\.3\.0) (green@FreeBSD.org 20010321)$">
+    <description>OpenSSH running on FreeBSD 4.3</description>
+    <example service.version="2.3.0" openssh.comment="green@FreeBSD.org 20010321">OpenSSH_2.3.0 green@FreeBSD.org 20010321</example>
+    <param pos="1" name="service.version"/>
+    <param pos="2" name="openssh.comment"/>
+    <param pos="0" name="service.vendor" value="OpenBSD"/>
+    <param pos="0" name="service.family" value="OpenSSH"/>
+    <param pos="0" name="service.product" value="OpenSSH"/>
+    <param pos="0" name="service.cpe23" value="cpe:/a:openbsd:openssh:{service.version}"/>
+    <param pos="0" name="os.vendor" value="FreeBSD"/>
+    <param pos="0" name="os.family" value="FreeBSD"/>
+    <param pos="0" name="os.product" value="FreeBSD"/>
+    <param pos="0" name="os.version" value="4.3"/>
+    <param pos="0" name="os.cpe23" value="cpe:/o:freebsd:freebsd:4.3"/>
+  </fingerprint>
+
+  <fingerprint pattern="^OpenSSH_(2\.3\.0) (FreeBSD localisations 20010713)$">
+    <description>OpenSSH running on FreeBSD 4.4</description>
+    <example service.version="2.3.0" openssh.comment="FreeBSD localisations 20010713">OpenSSH_2.3.0 FreeBSD localisations 20010713</example>
+    <param pos="1" name="service.version"/>
+    <param pos="2" name="openssh.comment"/>
+    <param pos="0" name="service.vendor" value="OpenBSD"/>
+    <param pos="0" name="service.family" value="OpenSSH"/>
+    <param pos="0" name="service.product" value="OpenSSH"/>
+    <param pos="0" name="service.cpe23" value="cpe:/a:openbsd:openssh:{service.version}"/>
+    <param pos="0" name="os.vendor" value="FreeBSD"/>
+    <param pos="0" name="os.family" value="FreeBSD"/>
+    <param pos="0" name="os.product" value="FreeBSD"/>
+    <param pos="0" name="os.version" value="4.4"/>
+    <param pos="0" name="os.cpe23" value="cpe:/o:freebsd:freebsd:4.4"/>
+  </fingerprint>
+
+  <fingerprint pattern="^OpenSSH_(2\.9) (FreeBSD localisations 20011202)$">
+    <description>OpenSSH running on FreeBSD 4.5</description>
+    <example service.version="2.9" openssh.comment="FreeBSD localisations 20011202">OpenSSH_2.9 FreeBSD localisations 20011202</example>
+    <param pos="1" name="service.version"/>
+    <param pos="2" name="openssh.comment"/>
+    <param pos="0" name="service.vendor" value="OpenBSD"/>
+    <param pos="0" name="service.family" value="OpenSSH"/>
+    <param pos="0" name="service.product" value="OpenSSH"/>
+    <param pos="0" name="service.cpe23" value="cpe:/a:openbsd:openssh:{service.version}"/>
+    <param pos="0" name="os.vendor" value="FreeBSD"/>
+    <param pos="0" name="os.family" value="FreeBSD"/>
+    <param pos="0" name="os.product" value="FreeBSD"/>
+    <param pos="0" name="os.version" value="4.5"/>
+    <param pos="0" name="os.cpe23" value="cpe:/o:freebsd:freebsd:4.5"/>
+  </fingerprint>
+
+  <fingerprint pattern="^OpenSSH_(3\.4p1) (FreeBSD 20020702)$">
+    <description>OpenSSH running on FreeBSD 4.6.2</description>
+    <example service.version="3.4p1" openssh.comment="FreeBSD 20020702">OpenSSH_3.4p1 FreeBSD 20020702</example>
+    <param pos="1" name="service.version"/>
+    <param pos="2" name="openssh.comment"/>
+    <param pos="0" name="service.vendor" value="OpenBSD"/>
+    <param pos="0" name="service.family" value="OpenSSH"/>
+    <param pos="0" name="service.product" value="OpenSSH"/>
+    <param pos="0" name="service.cpe23" value="cpe:/a:openbsd:openssh:{service.version}"/>
+    <param pos="0" name="os.vendor" value="FreeBSD"/>
+    <param pos="0" name="os.family" value="FreeBSD"/>
+    <param pos="0" name="os.product" value="FreeBSD"/>
+    <param pos="0" name="os.version" value="4.6.2"/>
+    <param pos="0" name="os.cpe23" value="cpe:/o:freebsd:freebsd:4.6.2"/>
+  </fingerprint>
+
+  <fingerprint pattern="^OpenSSH_(2\.9) (FreeBSD localisations 20020307)$">
+    <description>OpenSSH running on FreeBSD 4.6</description>
+    <example service.version="2.9" openssh.comment="FreeBSD localisations 20020307">OpenSSH_2.9 FreeBSD localisations 20020307</example>
+    <param pos="1" name="service.version"/>
+    <param pos="2" name="openssh.comment"/>
+    <param pos="0" name="service.vendor" value="OpenBSD"/>
+    <param pos="0" name="service.family" value="OpenSSH"/>
+    <param pos="0" name="service.product" value="OpenSSH"/>
+    <param pos="0" name="service.cpe23" value="cpe:/a:openbsd:openssh:{service.version}"/>
+    <param pos="0" name="os.vendor" value="FreeBSD"/>
+    <param pos="0" name="os.family" value="FreeBSD"/>
+    <param pos="0" name="os.product" value="FreeBSD"/>
+    <param pos="0" name="os.version" value="4.6"/>
+    <param pos="0" name="os.cpe23" value="cpe:/o:freebsd:freebsd:4.6"/>
+  </fingerprint>
+
+  <fingerprint pattern="^OpenSSH_(3\.4p1) (FreeBSD-20020702)$">
+    <description>OpenSSH running on FreeBSD 4.7</description>
+    <example service.version="3.4p1" openssh.comment="FreeBSD-20020702">OpenSSH_3.4p1 FreeBSD-20020702</example>
+    <param pos="1" name="service.version"/>
+    <param pos="2" name="openssh.comment"/>
+    <param pos="0" name="service.vendor" value="OpenBSD"/>
+    <param pos="0" name="service.family" value="OpenSSH"/>
+    <param pos="0" name="service.product" value="OpenSSH"/>
+    <param pos="0" name="service.cpe23" value="cpe:/a:openbsd:openssh:{service.version}"/>
+    <param pos="0" name="os.vendor" value="FreeBSD"/>
+    <param pos="0" name="os.family" value="FreeBSD"/>
+    <param pos="0" name="os.product" value="FreeBSD"/>
+    <param pos="0" name="os.version" value="4.7"/>
+    <param pos="0" name="os.cpe23" value="cpe:/o:freebsd:freebsd:4.7"/>
+  </fingerprint>
+
+  <fingerprint pattern="^OpenSSH_(3\.5p1) (FreeBSD-20030201)$">
+    <description>OpenSSH running on FreeBSD 4.8</description>
+    <example service.version="3.5p1" openssh.comment="FreeBSD-20030201">OpenSSH_3.5p1 FreeBSD-20030201</example>
+    <param pos="1" name="service.version"/>
+    <param pos="2" name="openssh.comment"/>
+    <param pos="0" name="service.vendor" value="OpenBSD"/>
+    <param pos="0" name="service.family" value="OpenSSH"/>
+    <param pos="0" name="service.product" value="OpenSSH"/>
+    <param pos="0" name="service.cpe23" value="cpe:/a:openbsd:openssh:{service.version}"/>
+    <param pos="0" name="os.vendor" value="FreeBSD"/>
+    <param pos="0" name="os.family" value="FreeBSD"/>
+    <param pos="0" name="os.product" value="FreeBSD"/>
+    <param pos="0" name="os.version" value="4.8"/>
+    <param pos="0" name="os.cpe23" value="cpe:/o:freebsd:freebsd:4.8"/>
+  </fingerprint>
+
+  <!-- Multiple minor version match, assert the oldest version -->
+
+  <fingerprint pattern="^OpenSSH_(3\.5p1) (FreeBSD-20030924)$">
+    <description>OpenSSH running on FreeBSD 4.9/4.10 (sometimes 4.11)</description>
+    <example service.version="3.5p1" openssh.comment="FreeBSD-20030924">OpenSSH_3.5p1 FreeBSD-20030924</example>
+    <param pos="1" name="service.version"/>
+    <param pos="2" name="openssh.comment"/>
+    <param pos="0" name="service.vendor" value="OpenBSD"/>
+    <param pos="0" name="service.family" value="OpenSSH"/>
+    <param pos="0" name="service.product" value="OpenSSH"/>
+    <param pos="0" name="service.cpe23" value="cpe:/a:openbsd:openssh:{service.version}"/>
+    <param pos="0" name="os.vendor" value="FreeBSD"/>
+    <param pos="0" name="os.family" value="FreeBSD"/>
+    <param pos="0" name="os.product" value="FreeBSD"/>
+    <param pos="0" name="os.version" value="4.9"/>
+    <param pos="0" name="os.cpe23" value="cpe:/o:freebsd:freebsd:4.9"/>
+  </fingerprint>
+
+  <fingerprint pattern="^OpenSSH_(3\.5p1) (FreeBSD-20060930)$">
+    <description>OpenSSH running on FreeBSD 4.11</description>
+    <example service.version="3.5p1" openssh.comment="FreeBSD-20060930">OpenSSH_3.5p1 FreeBSD-20060930</example>
+    <param pos="1" name="service.version"/>
+    <param pos="2" name="openssh.comment"/>
+    <param pos="0" name="service.vendor" value="OpenBSD"/>
+    <param pos="0" name="service.family" value="OpenSSH"/>
+    <param pos="0" name="service.product" value="OpenSSH"/>
+    <param pos="0" name="service.cpe23" value="cpe:/a:openbsd:openssh:{service.version}"/>
+    <param pos="0" name="os.vendor" value="FreeBSD"/>
+    <param pos="0" name="os.family" value="FreeBSD"/>
+    <param pos="0" name="os.product" value="FreeBSD"/>
+    <param pos="0" name="os.version" value="4.11"/>
+    <param pos="0" name="os.cpe23" value="cpe:/o:freebsd:freebsd:4.11"/>
+  </fingerprint>
+
+  <fingerprint pattern="^OpenSSH_(3\.5p1) (FreeBSD-20021029)$">
+    <description>OpenSSH running on FreeBSD 5.0</description>
+    <example service.version="3.5p1" openssh.comment="FreeBSD-20021029">OpenSSH_3.5p1 FreeBSD-20021029</example>
+    <param pos="1" name="service.version"/>
+    <param pos="2" name="openssh.comment"/>
+    <param pos="0" name="service.vendor" value="OpenBSD"/>
+    <param pos="0" name="service.family" value="OpenSSH"/>
+    <param pos="0" name="service.product" value="OpenSSH"/>
+    <param pos="0" name="service.cpe23" value="cpe:/a:openbsd:openssh:{service.version}"/>
+    <param pos="0" name="os.vendor" value="FreeBSD"/>
+    <param pos="0" name="os.family" value="FreeBSD"/>
+    <param pos="0" name="os.product" value="FreeBSD"/>
+    <param pos="0" name="os.version" value="5.0"/>
+    <param pos="0" name="os.cpe23" value="cpe:/o:freebsd:freebsd:5.0"/>
+  </fingerprint>
+
+  <fingerprint pattern="^OpenSSH_(3\.6\.1p1) (FreeBSD-20030423)$">
+    <description>OpenSSH running on FreeBSD 5.1</description>
+    <example service.version="3.6.1p1" openssh.comment="FreeBSD-20030423">OpenSSH_3.6.1p1 FreeBSD-20030423</example>
+    <param pos="1" name="service.version"/>
+    <param pos="2" name="openssh.comment"/>
+    <param pos="0" name="service.vendor" value="OpenBSD"/>
+    <param pos="0" name="service.family" value="OpenSSH"/>
+    <param pos="0" name="service.product" value="OpenSSH"/>
+    <param pos="0" name="service.cpe23" value="cpe:/a:openbsd:openssh:{service.version}"/>
+    <param pos="0" name="os.vendor" value="FreeBSD"/>
+    <param pos="0" name="os.family" value="FreeBSD"/>
+    <param pos="0" name="os.product" value="FreeBSD"/>
+    <param pos="0" name="os.version" value="5.1"/>
+    <param pos="0" name="os.cpe23" value="cpe:/o:freebsd:freebsd:5.1"/>
+  </fingerprint>
+
+  <fingerprint pattern="^OpenSSH_(3\.6\.1p1) (FreeBSD-20030924)$">
+    <description>OpenSSH running on FreeBSD 5.2</description>
+    <example service.version="3.6.1p1" openssh.comment="FreeBSD-20030924">OpenSSH_3.6.1p1 FreeBSD-20030924</example>
+    <param pos="1" name="service.version"/>
+    <param pos="2" name="openssh.comment"/>
+    <param pos="0" name="service.vendor" value="OpenBSD"/>
+    <param pos="0" name="service.family" value="OpenSSH"/>
+    <param pos="0" name="service.product" value="OpenSSH"/>
+    <param pos="0" name="service.cpe23" value="cpe:/a:openbsd:openssh:{service.version}"/>
+    <param pos="0" name="os.vendor" value="FreeBSD"/>
+    <param pos="0" name="os.family" value="FreeBSD"/>
+    <param pos="0" name="os.product" value="FreeBSD"/>
+    <param pos="0" name="os.version" value="5.2"/>
+    <param pos="0" name="os.cpe23" value="cpe:/o:freebsd:freebsd:5.2"/>
+  </fingerprint>
+
+  <!-- Multiple minor version match, assert the oldest version -->
+
+  <fingerprint pattern="^OpenSSH_(3\.8\.1p1) (FreeBSD-20040419)$">
+    <description>OpenSSH running on FreeBSD 5.3/5.4</description>
+    <example service.version="3.8.1p1" openssh.comment="FreeBSD-20040419">OpenSSH_3.8.1p1 FreeBSD-20040419</example>
+    <param pos="1" name="service.version"/>
+    <param pos="2" name="openssh.comment"/>
+    <param pos="0" name="service.vendor" value="OpenBSD"/>
+    <param pos="0" name="service.family" value="OpenSSH"/>
+    <param pos="0" name="service.product" value="OpenSSH"/>
+    <param pos="0" name="service.cpe23" value="cpe:/a:openbsd:openssh:{service.version}"/>
+    <param pos="0" name="os.vendor" value="FreeBSD"/>
+    <param pos="0" name="os.family" value="FreeBSD"/>
+    <param pos="0" name="os.product" value="FreeBSD"/>
+    <param pos="0" name="os.version" value="5.3"/>
+    <param pos="0" name="os.cpe23" value="cpe:/o:freebsd:freebsd:5.3"/>
+  </fingerprint>
+
+  <fingerprint pattern="^OpenSSH_(3\.8\.1p1) (FreeBSD-20060123)$">
+    <description>OpenSSH running on FreeBSD 5.5</description>
+    <example service.version="3.8.1p1" openssh.comment="FreeBSD-20060123">OpenSSH_3.8.1p1 FreeBSD-20060123</example>
+    <param pos="1" name="service.version"/>
+    <param pos="2" name="openssh.comment"/>
+    <param pos="0" name="service.vendor" value="OpenBSD"/>
+    <param pos="0" name="service.family" value="OpenSSH"/>
+    <param pos="0" name="service.product" value="OpenSSH"/>
+    <param pos="0" name="service.cpe23" value="cpe:/a:openbsd:openssh:{service.version}"/>
+    <param pos="0" name="os.vendor" value="FreeBSD"/>
+    <param pos="0" name="os.family" value="FreeBSD"/>
+    <param pos="0" name="os.product" value="FreeBSD"/>
+    <param pos="0" name="os.version" value="5.5"/>
+    <param pos="0" name="os.cpe23" value="cpe:/o:freebsd:freebsd:5.5"/>
+  </fingerprint>
+
+  <!-- Multiple minor version match, assert the oldest version -->
+
+  <fingerprint pattern="^OpenSSH_(4\.2p1) (FreeBSD-20050903)$">
+    <description>OpenSSH running on FreeBSD 6.0/6.1</description>
+    <example service.version="4.2p1" openssh.comment="FreeBSD-20050903">OpenSSH_4.2p1 FreeBSD-20050903</example>
+    <param pos="1" name="service.version"/>
+    <param pos="2" name="openssh.comment"/>
+    <param pos="0" name="service.vendor" value="OpenBSD"/>
+    <param pos="0" name="service.family" value="OpenSSH"/>
+    <param pos="0" name="service.product" value="OpenSSH"/>
+    <param pos="0" name="service.cpe23" value="cpe:/a:openbsd:openssh:{service.version}"/>
+    <param pos="0" name="os.vendor" value="FreeBSD"/>
+    <param pos="0" name="os.family" value="FreeBSD"/>
+    <param pos="0" name="os.product" value="FreeBSD"/>
+    <param pos="0" name="os.version" value="6.0"/>
+    <param pos="0" name="os.cpe23" value="cpe:/o:freebsd:freebsd:6.0"/>
+  </fingerprint>
+
+  <!-- Spans major versions, do not assert a version number -->
+
+  <fingerprint pattern="^OpenSSH_(4\.5p1) (FreeBSD-20061110)$">
+    <description>OpenSSH running on FreeBSD 6.2/6.3/6.4/7.0</description>
+    <example service.version="4.5p1" openssh.comment="FreeBSD-20061110">OpenSSH_4.5p1 FreeBSD-20061110</example>
+    <param pos="1" name="service.version"/>
+    <param pos="2" name="openssh.comment"/>
+    <param pos="0" name="service.vendor" value="OpenBSD"/>
+    <param pos="0" name="service.family" value="OpenSSH"/>
+    <param pos="0" name="service.product" value="OpenSSH"/>
+    <param pos="0" name="service.cpe23" value="cpe:/a:openbsd:openssh:{service.version}"/>
+    <param pos="0" name="os.vendor" value="FreeBSD"/>
+    <param pos="0" name="os.family" value="FreeBSD"/>
+    <param pos="0" name="os.product" value="FreeBSD"/>
+    <param pos="0" name="os.cpe23" value="cpe:/o:freebsd:freebsd:-"/>
+  </fingerprint>
+
+  <!-- Multiple minor version match, assert the oldest version -->
+
+  <fingerprint pattern="^OpenSSH_(5\.1p1) (FreeBSD-20080901)$">
+    <description>OpenSSH running on FreeBSD 7.1/7.2/7.3/7.4</description>
+    <example service.version="5.1p1" openssh.comment="FreeBSD-20080901">OpenSSH_5.1p1 FreeBSD-20080901</example>
+    <param pos="1" name="service.version"/>
+    <param pos="2" name="openssh.comment"/>
+    <param pos="0" name="service.vendor" value="OpenBSD"/>
+    <param pos="0" name="service.family" value="OpenSSH"/>
+    <param pos="0" name="service.product" value="OpenSSH"/>
+    <param pos="0" name="service.cpe23" value="cpe:/a:openbsd:openssh:{service.version}"/>
+    <param pos="0" name="os.vendor" value="FreeBSD"/>
+    <param pos="0" name="os.family" value="FreeBSD"/>
+    <param pos="0" name="os.product" value="FreeBSD"/>
+    <param pos="0" name="os.version" value="7.1"/>
+    <param pos="0" name="os.cpe23" value="cpe:/o:freebsd:freebsd:7.1"/>
+  </fingerprint>
+
+  <fingerprint pattern="^OpenSSH_(5\.2p1) (FreeBSD-20090522)$">
+    <description>OpenSSH running on FreeBSD 8.0</description>
+    <example service.version="5.2p1" openssh.comment="FreeBSD-20090522">OpenSSH_5.2p1 FreeBSD-20090522</example>
+    <param pos="1" name="service.version"/>
+    <param pos="2" name="openssh.comment"/>
+    <param pos="0" name="service.vendor" value="OpenBSD"/>
+    <param pos="0" name="service.family" value="OpenSSH"/>
+    <param pos="0" name="service.product" value="OpenSSH"/>
+    <param pos="0" name="service.cpe23" value="cpe:/a:openbsd:openssh:{service.version}"/>
+    <param pos="0" name="os.vendor" value="FreeBSD"/>
+    <param pos="0" name="os.family" value="FreeBSD"/>
+    <param pos="0" name="os.product" value="FreeBSD"/>
+    <param pos="0" name="os.version" value="8.0"/>
+    <param pos="0" name="os.cpe23" value="cpe:/o:freebsd:freebsd:8.0"/>
+  </fingerprint>
+
+  <!-- Multiple minor version match, assert the oldest version -->
+
+  <fingerprint pattern="^OpenSSH_(5\.4p1) (FreeBSD-20100308)$">
+    <description>OpenSSH running on FreeBSD 8.1/8.2</description>
+    <example service.version="5.4p1" openssh.comment="FreeBSD-20100308">OpenSSH_5.4p1 FreeBSD-20100308</example>
+    <param pos="1" name="service.version"/>
+    <param pos="2" name="openssh.comment"/>
+    <param pos="0" name="service.vendor" value="OpenBSD"/>
+    <param pos="0" name="service.family" value="OpenSSH"/>
+    <param pos="0" name="service.product" value="OpenSSH"/>
+    <param pos="0" name="service.cpe23" value="cpe:/a:openbsd:openssh:{service.version}"/>
+    <param pos="0" name="os.vendor" value="FreeBSD"/>
+    <param pos="0" name="os.family" value="FreeBSD"/>
+    <param pos="0" name="os.product" value="FreeBSD"/>
+    <param pos="0" name="os.version" value="8.1"/>
+    <param pos="0" name="os.cpe23" value="cpe:/o:freebsd:freebsd:8.1"/>
+  </fingerprint>
+
+  <fingerprint pattern="^OpenSSH_(5\.4p1_hpn13v11) (FreeBSD-20100308)$">
+    <description>OpenSSH running on FreeBSD 8.3</description>
+    <example service.version="5.4p1_hpn13v11" openssh.comment="FreeBSD-20100308">OpenSSH_5.4p1_hpn13v11 FreeBSD-20100308</example>
+    <param pos="1" name="service.version"/>
+    <param pos="2" name="openssh.comment"/>
+    <param pos="0" name="service.vendor" value="OpenBSD"/>
+    <param pos="0" name="service.family" value="OpenSSH"/>
+    <param pos="0" name="service.product" value="OpenSSH"/>
+    <param pos="0" name="service.cpe23" value="cpe:/a:openbsd:openssh:{service.version}"/>
+    <param pos="0" name="os.vendor" value="FreeBSD"/>
+    <param pos="0" name="os.family" value="FreeBSD"/>
+    <param pos="0" name="os.product" value="FreeBSD"/>
+    <param pos="0" name="os.version" value="8.3"/>
+    <param pos="0" name="os.cpe23" value="cpe:/o:freebsd:freebsd:8.3"/>
+  </fingerprint>
+
+  <fingerprint pattern="^OpenSSH_(6\.1_hpn13v11) (FreeBSD-20120901)$">
+    <description>OpenSSH running on FreeBSD 8.4</description>
+    <example service.version="6.1_hpn13v11" openssh.comment="FreeBSD-20120901">OpenSSH_6.1_hpn13v11 FreeBSD-20120901</example>
+    <param pos="1" name="service.version"/>
+    <param pos="2" name="openssh.comment"/>
+    <param pos="0" name="service.vendor" value="OpenBSD"/>
+    <param pos="0" name="service.family" value="OpenSSH"/>
+    <param pos="0" name="service.product" value="OpenSSH"/>
+    <param pos="0" name="service.cpe23" value="cpe:/a:openbsd:openssh:{service.version}"/>
+    <param pos="0" name="os.vendor" value="FreeBSD"/>
+    <param pos="0" name="os.family" value="FreeBSD"/>
+    <param pos="0" name="os.product" value="FreeBSD"/>
+    <param pos="0" name="os.version" value="8.4"/>
+    <param pos="0" name="os.cpe23" value="cpe:/o:freebsd:freebsd:8.4"/>
+  </fingerprint>
+
+  <!-- Multiple minor version match, assert the oldest version -->
+
+  <fingerprint pattern="^OpenSSH_(5\.8p2_hpn13v11) (FreeBSD-20110503)$">
+    <description>OpenSSH running on FreeBSD 9.0/9.1</description>
+    <example service.version="5.8p2_hpn13v11" openssh.comment="FreeBSD-20110503">OpenSSH_5.8p2_hpn13v11 FreeBSD-20110503</example>
+    <param pos="1" name="service.version"/>
+    <param pos="2" name="openssh.comment"/>
+    <param pos="0" name="service.vendor" value="OpenBSD"/>
+    <param pos="0" name="service.family" value="OpenSSH"/>
+    <param pos="0" name="service.product" value="OpenSSH"/>
+    <param pos="0" name="service.cpe23" value="cpe:/a:openbsd:openssh:{service.version}"/>
+    <param pos="0" name="os.vendor" value="FreeBSD"/>
+    <param pos="0" name="os.family" value="FreeBSD"/>
+    <param pos="0" name="os.product" value="FreeBSD"/>
+    <param pos="0" name="os.version" value="9.0"/>
+    <param pos="0" name="os.cpe23" value="cpe:/o:freebsd:freebsd:9.0"/>
+  </fingerprint>
+
+  <fingerprint pattern="^OpenSSH_(6\.2_hpn13v11) (FreeBSD-20130515)$">
+    <description>OpenSSH running on FreeBSD 9.2</description>
+    <example service.version="6.2_hpn13v11" openssh.comment="FreeBSD-20130515">OpenSSH_6.2_hpn13v11 FreeBSD-20130515</example>
+    <param pos="1" name="service.version"/>
+    <param pos="2" name="openssh.comment"/>
+    <param pos="0" name="service.vendor" value="OpenBSD"/>
+    <param pos="0" name="service.family" value="OpenSSH"/>
+    <param pos="0" name="service.product" value="OpenSSH"/>
+    <param pos="0" name="service.cpe23" value="cpe:/a:openbsd:openssh:{service.version}"/>
+    <param pos="0" name="os.vendor" value="FreeBSD"/>
+    <param pos="0" name="os.family" value="FreeBSD"/>
+    <param pos="0" name="os.product" value="FreeBSD"/>
+    <param pos="0" name="os.version" value="9.2"/>
+    <param pos="0" name="os.cpe23" value="cpe:/o:freebsd:freebsd:9.2"/>
+  </fingerprint>
+
+  <!-- Spans major versions, do not assert a version number -->
+
+  <fingerprint pattern="^OpenSSH_(6\.6\.1_hpn13v11) (FreeBSD-20140420)$">
+    <description>OpenSSH running on FreeBSD 9.3/10.1/10.2</description>
+    <example service.version="6.6.1_hpn13v11" openssh.comment="FreeBSD-20140420">OpenSSH_6.6.1_hpn13v11 FreeBSD-20140420</example>
+    <param pos="1" name="service.version"/>
+    <param pos="2" name="openssh.comment"/>
+    <param pos="0" name="service.vendor" value="OpenBSD"/>
+    <param pos="0" name="service.family" value="OpenSSH"/>
+    <param pos="0" name="service.product" value="OpenSSH"/>
+    <param pos="0" name="service.cpe23" value="cpe:/a:openbsd:openssh:{service.version}"/>
+    <param pos="0" name="os.vendor" value="FreeBSD"/>
+    <param pos="0" name="os.family" value="FreeBSD"/>
+    <param pos="0" name="os.product" value="FreeBSD"/>
+    <param pos="0" name="os.cpe23" value="cpe:/o:freebsd:freebsd:-"/>
+  </fingerprint>
+
+  <fingerprint pattern="^OpenSSH_(6\.4_hpn13v11) (FreeBSD-20131111)$">
+    <description>OpenSSH running on FreeBSD 10.0</description>
+    <example service.version="6.4_hpn13v11" openssh.comment="FreeBSD-20131111">OpenSSH_6.4_hpn13v11 FreeBSD-20131111</example>
+    <param pos="1" name="service.version"/>
+    <param pos="2" name="openssh.comment"/>
+    <param pos="0" name="service.vendor" value="OpenBSD"/>
+    <param pos="0" name="service.family" value="OpenSSH"/>
+    <param pos="0" name="service.product" value="OpenSSH"/>
+    <param pos="0" name="service.cpe23" value="cpe:/a:openbsd:openssh:{service.version}"/>
+    <param pos="0" name="os.vendor" value="FreeBSD"/>
+    <param pos="0" name="os.family" value="FreeBSD"/>
+    <param pos="0" name="os.product" value="FreeBSD"/>
+    <param pos="0" name="os.version" value="10.0"/>
+    <param pos="0" name="os.cpe23" value="cpe:/o:freebsd:freebsd:10.0"/>
+  </fingerprint>
+
+  <!-- Spans major versions, do not assert a version number -->
+
+  <fingerprint pattern="^OpenSSH_(7\.2) (FreeBSD-20160310)$">
+    <description>OpenSSH running on FreeBSD 10.3/11.0</description>
     <example service.version="7.2" openssh.comment="FreeBSD-20160310">OpenSSH_7.2 FreeBSD-20160310</example>
     <param pos="1" name="service.version"/>
     <param pos="2" name="openssh.comment"/>
@@ -74,6 +500,90 @@
     <param pos="0" name="os.product" value="FreeBSD"/>
     <param pos="0" name="os.cpe23" value="cpe:/o:freebsd:freebsd:-"/>
   </fingerprint>
+
+  <fingerprint pattern="^OpenSSH_(7\.3) (FreeBSD-20170902)$">
+    <description>OpenSSH running on FreeBSD 10.4</description>
+    <example service.version="7.3" openssh.comment="FreeBSD-20170902">OpenSSH_7.3 FreeBSD-20170902</example>
+    <param pos="1" name="service.version"/>
+    <param pos="2" name="openssh.comment"/>
+    <param pos="0" name="service.vendor" value="OpenBSD"/>
+    <param pos="0" name="service.family" value="OpenSSH"/>
+    <param pos="0" name="service.product" value="OpenSSH"/>
+    <param pos="0" name="service.cpe23" value="cpe:/a:openbsd:openssh:{service.version}"/>
+    <param pos="0" name="os.vendor" value="FreeBSD"/>
+    <param pos="0" name="os.family" value="FreeBSD"/>
+    <param pos="0" name="os.product" value="FreeBSD"/>
+    <param pos="0" name="os.version" value="10.4"/>
+    <param pos="0" name="os.cpe23" value="cpe:/o:freebsd:freebsd:10.4"/>
+  </fingerprint>
+
+  <fingerprint pattern="^OpenSSH_(7\.2) (FreeBSD-20161230)$">
+    <description>OpenSSH running on FreeBSD 11.1</description>
+    <example service.version="7.2" openssh.comment="FreeBSD-20161230">OpenSSH_7.2 FreeBSD-20161230</example>
+    <param pos="1" name="service.version"/>
+    <param pos="2" name="openssh.comment"/>
+    <param pos="0" name="service.vendor" value="OpenBSD"/>
+    <param pos="0" name="service.family" value="OpenSSH"/>
+    <param pos="0" name="service.product" value="OpenSSH"/>
+    <param pos="0" name="service.cpe23" value="cpe:/a:openbsd:openssh:{service.version}"/>
+    <param pos="0" name="os.vendor" value="FreeBSD"/>
+    <param pos="0" name="os.family" value="FreeBSD"/>
+    <param pos="0" name="os.product" value="FreeBSD"/>
+    <param pos="0" name="os.version" value="11.1"/>
+    <param pos="0" name="os.cpe23" value="cpe:/o:freebsd:freebsd:11.1"/>
+  </fingerprint>
+
+  <!-- Multiple minor version match, assert the oldest version -->
+
+  <fingerprint pattern="^OpenSSH_(7\.5) (FreeBSD-20170903)$">
+    <description>OpenSSH running on FreeBSD 11.2/11.3</description>
+    <example service.version="7.5" openssh.comment="FreeBSD-20170903">OpenSSH_7.5 FreeBSD-20170903</example>
+    <param pos="1" name="service.version"/>
+    <param pos="2" name="openssh.comment"/>
+    <param pos="0" name="service.vendor" value="OpenBSD"/>
+    <param pos="0" name="service.family" value="OpenSSH"/>
+    <param pos="0" name="service.product" value="OpenSSH"/>
+    <param pos="0" name="service.cpe23" value="cpe:/a:openbsd:openssh:{service.version}"/>
+    <param pos="0" name="os.vendor" value="FreeBSD"/>
+    <param pos="0" name="os.family" value="FreeBSD"/>
+    <param pos="0" name="os.product" value="FreeBSD"/>
+    <param pos="0" name="os.version" value="11.2"/>
+    <param pos="0" name="os.cpe23" value="cpe:/o:freebsd:freebsd:11.2"/>
+  </fingerprint>
+
+  <fingerprint pattern="^OpenSSH_(7\.8) (FreeBSD-20180909)$">
+    <description>OpenSSH running on FreeBSD 12.0</description>
+    <example service.version="7.8" openssh.comment="FreeBSD-20180909">OpenSSH_7.8 FreeBSD-20180909</example>
+    <param pos="1" name="service.version"/>
+    <param pos="2" name="openssh.comment"/>
+    <param pos="0" name="service.vendor" value="OpenBSD"/>
+    <param pos="0" name="service.family" value="OpenSSH"/>
+    <param pos="0" name="service.product" value="OpenSSH"/>
+    <param pos="0" name="service.cpe23" value="cpe:/a:openbsd:openssh:{service.version}"/>
+    <param pos="0" name="os.vendor" value="FreeBSD"/>
+    <param pos="0" name="os.family" value="FreeBSD"/>
+    <param pos="0" name="os.product" value="FreeBSD"/>
+    <param pos="0" name="os.version" value="12.0"/>
+    <param pos="0" name="os.cpe23" value="cpe:/o:freebsd:freebsd:12.0"/>
+  </fingerprint>
+
+  <fingerprint pattern="^OpenSSH_([^\s]+)\s+(FreeBSD[ -].*)$">
+    <description>OpenSSH running on FreeBSD</description>
+    <example service.version="7.2" openssh.comment="FreeBSD-20160311">OpenSSH_7.2 FreeBSD-20160311</example>
+    <param pos="1" name="service.version"/>
+    <param pos="2" name="openssh.comment"/>
+    <param pos="0" name="service.vendor" value="OpenBSD"/>
+    <param pos="0" name="service.family" value="OpenSSH"/>
+    <param pos="0" name="service.product" value="OpenSSH"/>
+    <param pos="0" name="service.cpe23" value="cpe:/a:openbsd:openssh:{service.version}"/>
+    <param pos="0" name="os.vendor" value="FreeBSD"/>
+    <param pos="0" name="os.family" value="FreeBSD"/>
+    <param pos="0" name="os.product" value="FreeBSD"/>
+    <param pos="0" name="os.cpe23" value="cpe:/o:freebsd:freebsd:-"/>
+  </fingerprint>
+
+  <!-- NetBSD -->
+
   <fingerprint pattern="^OpenSSH_([^\s]+)\s+(NetBSD(?:_Secure_Shell)?[ -].*)$">
     <description>OpenSSH running on NetBSD</description>
     <example service.version="7.2" openssh.comment="NetBSD-20100308">OpenSSH_7.2 NetBSD-20100308</example>
@@ -84,14 +594,349 @@
     <param pos="0" name="service.family" value="OpenSSH"/>
     <param pos="0" name="service.product" value="OpenSSH"/>
     <param pos="0" name="service.cpe23" value="cpe:/a:openbsd:openssh:{service.version}"/>
-    <param pos="0" name="os.vendor" value="NetBSD"/>
-    <param pos="0" name="os.family" value="NetBSD"/>
-    <param pos="0" name="os.product" value="NetBSD"/>
-    <param pos="0" name="os.cpe23" value="cpe:/o:netbsd:netbsd:-"/>
+    <param pos="0" name="os.vendor" value="NetBSD"/>
+    <param pos="0" name="os.family" value="NetBSD"/>
+    <param pos="0" name="os.product" value="NetBSD"/>
+    <param pos="0" name="os.cpe23" value="cpe:/o:netbsd:netbsd:-"/>
+  </fingerprint>
+
+  <!-- Ubuntu -->
+
+  <fingerprint pattern="^OpenSSH_(3\.8\.1p1) (Debian-11ubuntu\d+(?:\.\d+)?)$">
+    <description>OpenSSH running on Ubuntu 4.10</description>
+    <example service.version="3.8.1p1" openssh.comment="Debian-11ubuntu3">OpenSSH_3.8.1p1 Debian-11ubuntu3</example>
+    <param pos="1" name="service.version"/>
+    <param pos="2" name="openssh.comment"/>
+    <param pos="0" name="service.vendor" value="OpenBSD"/>
+    <param pos="0" name="service.family" value="OpenSSH"/>
+    <param pos="0" name="service.product" value="OpenSSH"/>
+    <param pos="0" name="service.cpe23" value="cpe:/a:openbsd:openssh:{service.version}"/>
+    <param pos="0" name="os.vendor" value="Ubuntu"/>
+    <param pos="0" name="os.family" value="Linux"/>
+    <param pos="0" name="os.product" value="Linux"/>
+    <param pos="0" name="os.version" value="4.10"/>
+    <param pos="0" name="os.cpe23" value="cpe:/o:canonical:ubuntu_linux:4.10"/>
+  </fingerprint>
+
+  <fingerprint pattern="^OpenSSH_(3\.9p1) (Debian-1ubuntu\d+(?:\.\d+)?)$">
+    <description>OpenSSH running on Ubuntu 5.04</description>
+    <example service.version="3.9p1" openssh.comment="Debian-1ubuntu2">OpenSSH_3.9p1 Debian-1ubuntu2</example>
+    <param pos="1" name="service.version"/>
+    <param pos="2" name="openssh.comment"/>
+    <param pos="0" name="service.vendor" value="OpenBSD"/>
+    <param pos="0" name="service.family" value="OpenSSH"/>
+    <param pos="0" name="service.product" value="OpenSSH"/>
+    <param pos="0" name="service.cpe23" value="cpe:/a:openbsd:openssh:{service.version}"/>
+    <param pos="0" name="os.vendor" value="Ubuntu"/>
+    <param pos="0" name="os.family" value="Linux"/>
+    <param pos="0" name="os.product" value="Linux"/>
+    <param pos="0" name="os.version" value="5.04"/>
+    <param pos="0" name="os.cpe23" value="cpe:/o:canonical:ubuntu_linux:5.04"/>
+  </fingerprint>
+
+  <fingerprint pattern="^OpenSSH_(4\.1p1) (Debian-7ubuntu\d+(?:\.\d+)?)$">
+    <description>OpenSSH running on Ubuntu 5.10</description>
+    <example service.version="4.1p1" openssh.comment="Debian-7ubuntu4">OpenSSH_4.1p1 Debian-7ubuntu4</example>
+    <param pos="1" name="service.version"/>
+    <param pos="2" name="openssh.comment"/>
+    <param pos="0" name="service.vendor" value="OpenBSD"/>
+    <param pos="0" name="service.family" value="OpenSSH"/>
+    <param pos="0" name="service.product" value="OpenSSH"/>
+    <param pos="0" name="service.cpe23" value="cpe:/a:openbsd:openssh:{service.version}"/>
+    <param pos="0" name="os.vendor" value="Ubuntu"/>
+    <param pos="0" name="os.family" value="Linux"/>
+    <param pos="0" name="os.product" value="Linux"/>
+    <param pos="0" name="os.version" value="5.10"/>
+    <param pos="0" name="os.cpe23" value="cpe:/o:canonical:ubuntu_linux:5.10"/>
+  </fingerprint>
+
+  <fingerprint pattern="^OpenSSH_(4\.2p1) (Debian-7ubuntu\d+(?:\.\d+)?)$">
+    <description>OpenSSH running on Ubuntu 6.04</description>
+    <example service.version="4.2p1" openssh.comment="Debian-7ubuntu3.1">OpenSSH_4.2p1 Debian-7ubuntu3.1</example>
+    <example>OpenSSH_4.2p1 Debian-7ubuntu3.2</example>
+    <param pos="1" name="service.version"/>
+    <param pos="2" name="openssh.comment"/>
+    <param pos="0" name="service.vendor" value="OpenBSD"/>
+    <param pos="0" name="service.family" value="OpenSSH"/>
+    <param pos="0" name="service.product" value="OpenSSH"/>
+    <param pos="0" name="service.cpe23" value="cpe:/a:openbsd:openssh:{service.version}"/>
+    <param pos="0" name="os.vendor" value="Ubuntu"/>
+    <param pos="0" name="os.family" value="Linux"/>
+    <param pos="0" name="os.product" value="Linux"/>
+    <param pos="0" name="os.version" value="6.04"/>
+    <param pos="0" name="os.cpe23" value="cpe:/o:canonical:ubuntu_linux:6.04"/>
+  </fingerprint>
+
+  <fingerprint pattern="^OpenSSH_(4\.3p2) (Debian-8ubuntu\d+(?:\.\d+)?)$">
+    <description>OpenSSH running on Ubuntu 7.04</description>
+    <example service.version="4.3p2" openssh.comment="Debian-8ubuntu1.4">OpenSSH_4.3p2 Debian-8ubuntu1.4</example>
+    <param pos="1" name="service.version"/>
+    <param pos="2" name="openssh.comment"/>
+    <param pos="0" name="service.vendor" value="OpenBSD"/>
+    <param pos="0" name="service.family" value="OpenSSH"/>
+    <param pos="0" name="service.product" value="OpenSSH"/>
+    <param pos="0" name="service.cpe23" value="cpe:/a:openbsd:openssh:{service.version}"/>
+    <param pos="0" name="os.vendor" value="Ubuntu"/>
+    <param pos="0" name="os.family" value="Linux"/>
+    <param pos="0" name="os.product" value="Linux"/>
+    <param pos="0" name="os.version" value="7.04"/>
+    <param pos="0" name="os.cpe23" value="cpe:/o:canonical:ubuntu_linux:7.04"/>
+  </fingerprint>
+
+  <fingerprint pattern="^OpenSSH_(4\.6p1) (Debian-5ubuntu\d+(?:\.\d+)?)$">
+    <description>OpenSSH running on Ubuntu 7.10</description>
+    <example service.version="4.6p1" openssh.comment="Debian-5ubuntu0.2">OpenSSH_4.6p1 Debian-5ubuntu0.2</example>
+    <example>OpenSSH_4.6p1 Debian-5ubuntu0.5</example>
+    <example>OpenSSH_4.6p1 Debian-5ubuntu0.6</example>
+    <example>OpenSSH_4.6p1 Debian-5ubuntu0</example>
+    <param pos="1" name="service.version"/>
+    <param pos="2" name="openssh.comment"/>
+    <param pos="0" name="service.vendor" value="OpenBSD"/>
+    <param pos="0" name="service.family" value="OpenSSH"/>
+    <param pos="0" name="service.product" value="OpenSSH"/>
+    <param pos="0" name="service.cpe23" value="cpe:/a:openbsd:openssh:{service.version}"/>
+    <param pos="0" name="os.vendor" value="Ubuntu"/>
+    <param pos="0" name="os.family" value="Linux"/>
+    <param pos="0" name="os.product" value="Linux"/>
+    <param pos="0" name="os.version" value="7.10"/>
+    <param pos="0" name="os.cpe23" value="cpe:/o:canonical:ubuntu_linux:7.10"/>
+  </fingerprint>
+
+  <fingerprint pattern="^OpenSSH_(4\.7p1) (Debian-8ubuntu\d+(?:\.\d+)?)$">
+    <description>OpenSSH running on Ubuntu 8.04</description>
+    <example service.version="4.7p1" openssh.comment="Debian-8ubuntu1.2">OpenSSH_4.7p1 Debian-8ubuntu1.2</example>
+    <example service.version="4.7p1" openssh.comment="Debian-8ubuntu3">OpenSSH_4.7p1 Debian-8ubuntu3</example>
+    <param pos="1" name="service.version"/>
+    <param pos="2" name="openssh.comment"/>
+    <param pos="0" name="service.vendor" value="OpenBSD"/>
+    <param pos="0" name="service.family" value="OpenSSH"/>
+    <param pos="0" name="service.product" value="OpenSSH"/>
+    <param pos="0" name="service.cpe23" value="cpe:/a:openbsd:openssh:{service.version}"/>
+    <param pos="0" name="os.vendor" value="Ubuntu"/>
+    <param pos="0" name="os.family" value="Linux"/>
+    <param pos="0" name="os.product" value="Linux"/>
+    <param pos="0" name="os.version" value="8.04"/>
+    <param pos="0" name="os.cpe23" value="cpe:/o:canonical:ubuntu_linux:8.04"/>
+  </fingerprint>
+
+  <fingerprint pattern="^OpenSSH_(5\.1p1) (Debian-3ubuntu\d+(?:\.\d+)?)$">
+    <description>OpenSSH running on Ubuntu 8.10</description>
+    <example service.version="5.1p1" openssh.comment="Debian-3ubuntu1">OpenSSH_5.1p1 Debian-3ubuntu1</example>
+    <param pos="1" name="service.version"/>
+    <param pos="2" name="openssh.comment"/>
+    <param pos="0" name="service.vendor" value="OpenBSD"/>
+    <param pos="0" name="service.family" value="OpenSSH"/>
+    <param pos="0" name="service.product" value="OpenSSH"/>
+    <param pos="0" name="service.cpe23" value="cpe:/a:openbsd:openssh:{service.version}"/>
+    <param pos="0" name="os.vendor" value="Ubuntu"/>
+    <param pos="0" name="os.family" value="Linux"/>
+    <param pos="0" name="os.product" value="Linux"/>
+    <param pos="0" name="os.version" value="8.10"/>
+    <param pos="0" name="os.cpe23" value="cpe:/o:canonical:ubuntu_linux:8.10"/>
+  </fingerprint>
+
+  <fingerprint pattern="^OpenSSH_(5\.1p1) (Debian-5ubuntu\d+(?:\.\d+)?)$">
+    <description>OpenSSH running on Ubuntu 9.04</description>
+    <example service.version="5.1p1" openssh.comment="Debian-5ubuntu1">OpenSSH_5.1p1 Debian-5ubuntu1</example>
+    <param pos="1" name="service.version"/>
+    <param pos="2" name="openssh.comment"/>
+    <param pos="0" name="service.vendor" value="OpenBSD"/>
+    <param pos="0" name="service.family" value="OpenSSH"/>
+    <param pos="0" name="service.product" value="OpenSSH"/>
+    <param pos="0" name="service.cpe23" value="cpe:/a:openbsd:openssh:{service.version}"/>
+    <param pos="0" name="os.vendor" value="Ubuntu"/>
+    <param pos="0" name="os.family" value="Linux"/>
+    <param pos="0" name="os.product" value="Linux"/>
+    <param pos="0" name="os.version" value="9.04"/>
+    <param pos="0" name="os.cpe23" value="cpe:/o:canonical:ubuntu_linux:9.04"/>
+  </fingerprint>
+
+  <fingerprint pattern="^OpenSSH_(5\.1p1) (Debian-6ubuntu\d+(?:\.\d+)?)$">
+    <description>OpenSSH running on Ubuntu 9.10</description>
+    <example service.version="5.1p1" openssh.comment="Debian-6ubuntu2">OpenSSH_5.1p1 Debian-6ubuntu2</example>
+    <param pos="1" name="service.version"/>
+    <param pos="2" name="openssh.comment"/>
+    <param pos="0" name="service.vendor" value="OpenBSD"/>
+    <param pos="0" name="service.family" value="OpenSSH"/>
+    <param pos="0" name="service.product" value="OpenSSH"/>
+    <param pos="0" name="service.cpe23" value="cpe:/a:openbsd:openssh:{service.version}"/>
+    <param pos="0" name="os.vendor" value="Ubuntu"/>
+    <param pos="0" name="os.family" value="Linux"/>
+    <param pos="0" name="os.product" value="Linux"/>
+    <param pos="0" name="os.version" value="9.10"/>
+    <param pos="0" name="os.cpe23" value="cpe:/o:canonical:ubuntu_linux:9.10"/>
+  </fingerprint>
+
+  <fingerprint pattern="^OpenSSH_(5\.3p1) (Debian-3ubuntu\d+(?:\.\d+)?)$">
+    <description>OpenSSH running on Ubuntu 10.04 (lucid)</description>
+    <example service.version="5.3p1" openssh.comment="Debian-3ubuntu3">OpenSSH_5.3p1 Debian-3ubuntu3</example>
+    <example service.version="5.3p1" openssh.comment="Debian-3ubuntu4">OpenSSH_5.3p1 Debian-3ubuntu4</example>
+    <example service.version="5.3p1" openssh.comment="Debian-3ubuntu5">OpenSSH_5.3p1 Debian-3ubuntu5</example>
+    <example service.version="5.3p1" openssh.comment="Debian-3ubuntu6">OpenSSH_5.3p1 Debian-3ubuntu6</example>
+    <example service.version="5.3p1" openssh.comment="Debian-3ubuntu7">OpenSSH_5.3p1 Debian-3ubuntu7</example>
+    <example service.version="5.3p1" openssh.comment="Debian-3ubuntu7.1">OpenSSH_5.3p1 Debian-3ubuntu7.1</example>
+    <param pos="1" name="service.version"/>
+    <param pos="2" name="openssh.comment"/>
+    <param pos="0" name="service.vendor" value="OpenBSD"/>
+    <param pos="0" name="service.family" value="OpenSSH"/>
+    <param pos="0" name="service.product" value="OpenSSH"/>
+    <param pos="0" name="service.cpe23" value="cpe:/a:openbsd:openssh:{service.version}"/>
+    <param pos="0" name="os.vendor" value="Ubuntu"/>
+    <param pos="0" name="os.family" value="Linux"/>
+    <param pos="0" name="os.product" value="Linux"/>
+    <param pos="0" name="os.version" value="10.04"/>
+    <param pos="0" name="os.cpe23" value="cpe:/o:canonical:ubuntu_linux:10.04"/>
+  </fingerprint>
+
+  <fingerprint pattern="^OpenSSH_(5\.5p1) (Debian-4ubuntu\d+(?:\.\d+)?)$">
+    <description>OpenSSH running on Ubuntu 10.10</description>
+    <example service.version="5.5p1" openssh.comment="Debian-4ubuntu4">OpenSSH_5.5p1 Debian-4ubuntu4</example>
+    <example service.version="5.5p1" openssh.comment="Debian-4ubuntu5">OpenSSH_5.5p1 Debian-4ubuntu5</example>
+    <example service.version="5.5p1" openssh.comment="Debian-4ubuntu6">OpenSSH_5.5p1 Debian-4ubuntu6</example>
+    <param pos="1" name="service.version"/>
+    <param pos="2" name="openssh.comment"/>
+    <param pos="0" name="service.vendor" value="OpenBSD"/>
+    <param pos="0" name="service.family" value="OpenSSH"/>
+    <param pos="0" name="service.product" value="OpenSSH"/>
+    <param pos="0" name="service.cpe23" value="cpe:/a:openbsd:openssh:{service.version}"/>
+    <param pos="0" name="os.vendor" value="Ubuntu"/>
+    <param pos="0" name="os.family" value="Linux"/>
+    <param pos="0" name="os.product" value="Linux"/>
+    <param pos="0" name="os.version" value="10.10"/>
+    <param pos="0" name="os.cpe23" value="cpe:/o:canonical:ubuntu_linux:10.10"/>
+  </fingerprint>
+
+  <fingerprint pattern="^OpenSSH_(5\.8p1) (Debian-1ubuntu\d(?:\.\d)?)$">
+    <description>OpenSSH running on Ubuntu 11.04</description>
+    <example service.version="5.8p1" openssh.comment="Debian-1ubuntu3">OpenSSH_5.8p1 Debian-1ubuntu3</example>
+    <param pos="1" name="service.version"/>
+    <param pos="2" name="openssh.comment"/>
+    <param pos="0" name="service.vendor" value="OpenBSD"/>
+    <param pos="0" name="service.family" value="OpenSSH"/>
+    <param pos="0" name="service.product" value="OpenSSH"/>
+    <param pos="0" name="service.cpe23" value="cpe:/a:openbsd:openssh:{service.version}"/>
+    <param pos="0" name="os.vendor" value="Ubuntu"/>
+    <param pos="0" name="os.family" value="Linux"/>
+    <param pos="0" name="os.product" value="Linux"/>
+    <param pos="0" name="os.version" value="11.04"/>
+    <param pos="0" name="os.cpe23" value="cpe:/o:canonical:ubuntu_linux:11.04"/>
+  </fingerprint>
+
+  <fingerprint pattern="^OpenSSH_(5\.8p1) (Debian-7ubuntu\d(?:\.\d)?)$">
+    <description>OpenSSH running on Ubuntu 11.10</description>
+    <example service.version="5.8p1" openssh.comment="Debian-7ubuntu1">OpenSSH_5.8p1 Debian-7ubuntu1</example>
+    <param pos="1" name="service.version"/>
+    <param pos="2" name="openssh.comment"/>
+    <param pos="0" name="service.vendor" value="OpenBSD"/>
+    <param pos="0" name="service.family" value="OpenSSH"/>
+    <param pos="0" name="service.product" value="OpenSSH"/>
+    <param pos="0" name="service.cpe23" value="cpe:/a:openbsd:openssh:{service.version}"/>
+    <param pos="0" name="os.vendor" value="Ubuntu"/>
+    <param pos="0" name="os.family" value="Linux"/>
+    <param pos="0" name="os.product" value="Linux"/>
+    <param pos="0" name="os.version" value="11.10"/>
+    <param pos="0" name="os.cpe23" value="cpe:/o:canonical:ubuntu_linux:11.10"/>
+  </fingerprint>
+
+  <fingerprint pattern="^OpenSSH_(5\.9p1) (Debian-5ubuntu\d(?:\.\d)?)$">
+    <description>OpenSSH running on Ubuntu 12.04</description>
+    <example service.version="5.9p1" openssh.comment="Debian-5ubuntu1">OpenSSH_5.9p1 Debian-5ubuntu1</example>
+    <example service.version="5.9p1" openssh.comment="Debian-5ubuntu1.4">OpenSSH_5.9p1 Debian-5ubuntu1.4</example>
+    <param pos="1" name="service.version"/>
+    <param pos="2" name="openssh.comment"/>
+    <param pos="0" name="service.vendor" value="OpenBSD"/>
+    <param pos="0" name="service.family" value="OpenSSH"/>
+    <param pos="0" name="service.product" value="OpenSSH"/>
+    <param pos="0" name="service.cpe23" value="cpe:/a:openbsd:openssh:{service.version}"/>
+    <param pos="0" name="os.vendor" value="Ubuntu"/>
+    <param pos="0" name="os.family" value="Linux"/>
+    <param pos="0" name="os.product" value="Linux"/>
+    <param pos="0" name="os.version" value="12.04"/>
+    <param pos="0" name="os.cpe23" value="cpe:/o:canonical:ubuntu_linux:12.04"/>
+  </fingerprint>
+
+  <fingerprint pattern="^OpenSSH_(6\.0p1) (Debian-3ubuntu\d(?:\.\d)?)$">
+    <description>OpenSSH running on Ubuntu 12.10</description>
+    <example service.version="6.0p1" openssh.comment="Debian-3ubuntu1">OpenSSH_6.0p1 Debian-3ubuntu1</example>
+    <example>OpenSSH_6.0p1 Debian-3ubuntu1.2</example>
+    <param pos="1" name="service.version"/>
+    <param pos="2" name="openssh.comment"/>
+    <param pos="0" name="service.vendor" value="OpenBSD"/>
+    <param pos="0" name="service.family" value="OpenSSH"/>
+    <param pos="0" name="service.product" value="OpenSSH"/>
+    <param pos="0" name="service.cpe23" value="cpe:/a:openbsd:openssh:{service.version}"/>
+    <param pos="0" name="os.vendor" value="Ubuntu"/>
+    <param pos="0" name="os.family" value="Linux"/>
+    <param pos="0" name="os.product" value="Linux"/>
+    <param pos="0" name="os.version" value="12.10"/>
+    <param pos="0" name="os.cpe23" value="cpe:/o:canonical:ubuntu_linux:12.10"/>
+  </fingerprint>
+
+  <fingerprint pattern="^OpenSSH_(6\.1p1) (Debian-4)$">
+    <description>OpenSSH running on Ubuntu 13.04</description>
+    <example service.version="6.1p1" openssh.comment="Debian-4">OpenSSH_6.1p1 Debian-4</example>
+    <param pos="1" name="service.version"/>
+    <param pos="2" name="openssh.comment"/>
+    <param pos="0" name="service.vendor" value="OpenBSD"/>
+    <param pos="0" name="service.family" value="OpenSSH"/>
+    <param pos="0" name="service.product" value="OpenSSH"/>
+    <param pos="0" name="service.cpe23" value="cpe:/a:openbsd:openssh:{service.version}"/>
+    <param pos="0" name="os.vendor" value="Ubuntu"/>
+    <param pos="0" name="os.family" value="Linux"/>
+    <param pos="0" name="os.product" value="Linux"/>
+    <param pos="0" name="os.version" value="13.04"/>
+    <param pos="0" name="os.cpe23" value="cpe:/o:canonical:ubuntu_linux:13.04"/>
+  </fingerprint>
+
+  <fingerprint pattern="^OpenSSH_(6\.2p2) (Ubuntu-6unbuntu\d(?:\.\d)?)$">
+    <description>OpenSSH running on Ubuntu 13.10</description>
+    <example service.version="6.2p2" openssh.comment="Ubuntu-6unbuntu0.4">OpenSSH_6.2p2 Ubuntu-6unbuntu0.4</example>
+    <param pos="1" name="service.version"/>
+    <param pos="2" name="openssh.comment"/>
+    <param pos="0" name="service.vendor" value="OpenBSD"/>
+    <param pos="0" name="service.family" value="OpenSSH"/>
+    <param pos="0" name="service.product" value="OpenSSH"/>
+    <param pos="0" name="service.cpe23" value="cpe:/a:openbsd:openssh:{service.version}"/>
+    <param pos="0" name="os.vendor" value="Ubuntu"/>
+    <param pos="0" name="os.family" value="Linux"/>
+    <param pos="0" name="os.product" value="Linux"/>
+    <param pos="0" name="os.version" value="13.10"/>
+    <param pos="0" name="os.cpe23" value="cpe:/o:canonical:ubuntu_linux:13.10"/>
+  </fingerprint>
+
+  <fingerprint pattern="^OpenSSH_(\d+\.\d+(?:\.\d+)?(?:p\d+)?)[_|-](hpn\d+v\d+)$">
+    <description>OpenSSH with HPN patches</description>
+    <example service.version="6.1" openssh.comment="hpn13v11">OpenSSH_6.1_hpn13v11</example>
+    <example service.version="5.8p1" openssh.comment="hpn13v11">OpenSSH_5.8p1-hpn13v11</example>
+    <example service.version="5.8p1" openssh.comment="hpn14v9">OpenSSH_5.8p1-hpn14v9</example>
+    <param pos="1" name="service.version"/>
+    <param pos="2" name="openssh.comment"/>
+    <param pos="0" name="service.vendor" value="OpenBSD"/>
+    <param pos="0" name="service.family" value="OpenSSH"/>
+    <param pos="0" name="service.product" value="OpenSSH"/>
+    <param pos="0" name="service.cpe23" value="cpe:/a:openbsd:openssh:{service.version}"/>
+  </fingerprint>
+
+  <fingerprint pattern="^OpenSSH_(6\.6(?:\.\d)?p1) (Ubuntu-2ubuntu\d+(?:\.\d+)?)$">
+    <description>OpenSSH running on Ubuntu 14.04</description>
+    <example service.version="6.6p1" openssh.comment="Ubuntu-2ubuntu1">OpenSSH_6.6p1 Ubuntu-2ubuntu1</example>
+    <example service.version="6.6.1p1" openssh.comment="Ubuntu-2ubuntu2">OpenSSH_6.6.1p1 Ubuntu-2ubuntu2</example>
+    <param pos="1" name="service.version"/>
+    <param pos="2" name="openssh.comment"/>
+    <param pos="0" name="service.vendor" value="OpenBSD"/>
+    <param pos="0" name="service.family" value="OpenSSH"/>
+    <param pos="0" name="service.product" value="OpenSSH"/>
+    <param pos="0" name="service.cpe23" value="cpe:/a:openbsd:openssh:{service.version}"/>
+    <param pos="0" name="os.vendor" value="Ubuntu"/>
+    <param pos="0" name="os.family" value="Linux"/>
+    <param pos="0" name="os.product" value="Linux"/>
+    <param pos="0" name="os.version" value="14.04"/>
+    <param pos="0" name="os.cpe23" value="cpe:/o:canonical:ubuntu_linux:14.04"/>
   </fingerprint>
-  <fingerprint pattern="^OpenSSH_(4\.1p1) (Debian-7ubuntu\d+(?:\.\d+)?)$">
-    <description>OpenSSH running on Ubuntu 5.10</description>
-    <example>OpenSSH_4.1p1 Debian-7ubuntu4</example>
+
+  <fingerprint pattern="^OpenSSH_(6\.6\.1p1) (Ubuntu-8)$">
+    <description>OpenSSH running on Ubuntu 14.10</description>
+    <example service.version="6.6.1p1" openssh.comment="Ubuntu-8">OpenSSH_6.6.1p1 Ubuntu-8</example>
     <param pos="1" name="service.version"/>
     <param pos="2" name="openssh.comment"/>
     <param pos="0" name="service.vendor" value="OpenBSD"/>
@@ -101,13 +946,13 @@
     <param pos="0" name="os.vendor" value="Ubuntu"/>
     <param pos="0" name="os.family" value="Linux"/>
     <param pos="0" name="os.product" value="Linux"/>
-    <param pos="0" name="os.version" value="5.10"/>
-    <param pos="0" name="os.cpe23" value="cpe:/o:canonical:ubuntu_linux:5.10"/>
+    <param pos="0" name="os.version" value="14.10"/>
+    <param pos="0" name="os.cpe23" value="cpe:/o:canonical:ubuntu_linux:14.10"/>
   </fingerprint>
-  <fingerprint pattern="^OpenSSH_(4\.2p1) (Debian-7ubuntu\d+(?:\.\d+)?)$">
-    <description>OpenSSH running on Ubuntu 6.04</description>
-    <example>OpenSSH_4.2p1 Debian-7ubuntu3.1</example>
-    <example>OpenSSH_4.2p1 Debian-7ubuntu3.2</example>
+
+  <fingerprint pattern="^OpenSSH_(6\.7p1) (Ubuntu-5ubuntu\d(?:\.\d)?)$">
+    <description>OpenSSH running on Ubuntu 15.04 (vivid)</description>
+    <example service.version="6.7p1" openssh.comment="Ubuntu-5ubuntu1">OpenSSH_6.7p1 Ubuntu-5ubuntu1</example>
     <param pos="1" name="service.version"/>
     <param pos="2" name="openssh.comment"/>
     <param pos="0" name="service.vendor" value="OpenBSD"/>
@@ -117,12 +962,13 @@
     <param pos="0" name="os.vendor" value="Ubuntu"/>
     <param pos="0" name="os.family" value="Linux"/>
     <param pos="0" name="os.product" value="Linux"/>
-    <param pos="0" name="os.version" value="6.04"/>
-    <param pos="0" name="os.cpe23" value="cpe:/o:canonical:ubuntu_linux:6.04"/>
+    <param pos="0" name="os.version" value="15.04"/>
+    <param pos="0" name="os.cpe23" value="cpe:/o:canonical:ubuntu_linux:15.04"/>
   </fingerprint>
-  <fingerprint pattern="^OpenSSH_(4\.3p2) (Debian-8ubuntu\d+(?:\.\d+)?)$">
-    <description>OpenSSH running on Ubuntu 7.04</description>
-    <example>OpenSSH_4.3p2 Debian-8ubuntu1.4</example>
+
+  <fingerprint pattern="^OpenSSH_(6\.9p1) (Ubuntu-2)$">
+    <description>OpenSSH running on Ubuntu 15.10</description>
+    <example service.version="6.9p1" openssh.comment="Ubuntu-2">OpenSSH_6.9p1 Ubuntu-2</example>
     <param pos="1" name="service.version"/>
     <param pos="2" name="openssh.comment"/>
     <param pos="0" name="service.vendor" value="OpenBSD"/>
@@ -132,14 +978,13 @@
     <param pos="0" name="os.vendor" value="Ubuntu"/>
     <param pos="0" name="os.family" value="Linux"/>
     <param pos="0" name="os.product" value="Linux"/>
-    <param pos="0" name="os.version" value="7.04"/>
-    <param pos="0" name="os.cpe23" value="cpe:/o:canonical:ubuntu_linux:7.04"/>
+    <param pos="0" name="os.version" value="15.10"/>
+    <param pos="0" name="os.cpe23" value="cpe:/o:canonical:ubuntu_linux:15.10"/>
   </fingerprint>
-  <fingerprint pattern="^OpenSSH_(4\.6p1) (Debian-5ubuntu\d+(?:\.\d+)?)$">
-    <description>OpenSSH running on Ubuntu 7.10</description>
-    <example>OpenSSH_4.6p1 Debian-5ubuntu0.2</example>
-    <example>OpenSSH_4.6p1 Debian-5ubuntu0.5</example>
-    <example>OpenSSH_4.6p1 Debian-5ubuntu0.6</example>
+
+  <fingerprint pattern="^OpenSSH_(7\.2p2) (Ubuntu-4ubuntu\d(?:\.\d)?)$">
+    <description>OpenSSH running on Ubuntu 16.04 (vivid)</description>
+    <example service.version="7.2p2" openssh.comment="Ubuntu-4ubuntu2.7">OpenSSH_7.2p2 Ubuntu-4ubuntu2.7</example>
     <param pos="1" name="service.version"/>
     <param pos="2" name="openssh.comment"/>
     <param pos="0" name="service.vendor" value="OpenBSD"/>
@@ -149,12 +994,13 @@
     <param pos="0" name="os.vendor" value="Ubuntu"/>
     <param pos="0" name="os.family" value="Linux"/>
     <param pos="0" name="os.product" value="Linux"/>
-    <param pos="0" name="os.version" value="7.10"/>
-    <param pos="0" name="os.cpe23" value="cpe:/o:canonical:ubuntu_linux:7.10"/>
+    <param pos="0" name="os.version" value="16.04"/>
+    <param pos="0" name="os.cpe23" value="cpe:/o:canonical:ubuntu_linux:16.04"/>
   </fingerprint>
-  <fingerprint pattern="^OpenSSH_(4\.6p1) (Debian-5build1)$">
-    <description>OpenSSH running on very early versions of Ubuntu 7.10</description>
-    <example service.version="4.6p1" openssh.comment="Debian-5build1">OpenSSH_4.6p1 Debian-5build1</example>
+
+  <fingerprint pattern="^OpenSSH_(7\.3p1) (Ubuntu-1)$">
+    <description>OpenSSH running on Ubuntu 16.10</description>
+    <example service.version="7.3p1" openssh.comment="Ubuntu-1">OpenSSH_7.3p1 Ubuntu-1</example>
     <param pos="1" name="service.version"/>
     <param pos="2" name="openssh.comment"/>
     <param pos="0" name="service.vendor" value="OpenBSD"/>
@@ -164,13 +1010,13 @@
     <param pos="0" name="os.vendor" value="Ubuntu"/>
     <param pos="0" name="os.family" value="Linux"/>
     <param pos="0" name="os.product" value="Linux"/>
-    <param pos="0" name="os.version" value="7.10"/>
-    <param pos="0" name="os.cpe23" value="cpe:/o:canonical:ubuntu_linux:7.10"/>
+    <param pos="0" name="os.version" value="16.10"/>
+    <param pos="0" name="os.cpe23" value="cpe:/o:canonical:ubuntu_linux:16.10"/>
   </fingerprint>
-  <fingerprint pattern="^OpenSSH_(4\.7p1) (Debian-8ubuntu\d+(?:\.\d+)?)$">
-    <description>OpenSSH running on Ubuntu 8.04</description>
-    <example service.version="4.7p1" openssh.comment="Debian-8ubuntu1.2">OpenSSH_4.7p1 Debian-8ubuntu1.2</example>
-    <example service.version="4.7p1" openssh.comment="Debian-8ubuntu3">OpenSSH_4.7p1 Debian-8ubuntu3</example>
+
+  <fingerprint pattern="^OpenSSH_(7\.4p1) (Ubuntu-10)$">
+    <description>OpenSSH running on Ubuntu 17.04</description>
+    <example service.version="7.4p1" openssh.comment="Ubuntu-10">OpenSSH_7.4p1 Ubuntu-10</example>
     <param pos="1" name="service.version"/>
     <param pos="2" name="openssh.comment"/>
     <param pos="0" name="service.vendor" value="OpenBSD"/>
@@ -180,12 +1026,13 @@
     <param pos="0" name="os.vendor" value="Ubuntu"/>
     <param pos="0" name="os.family" value="Linux"/>
     <param pos="0" name="os.product" value="Linux"/>
-    <param pos="0" name="os.version" value="8.04"/>
-    <param pos="0" name="os.cpe23" value="cpe:/o:canonical:ubuntu_linux:8.04"/>
+    <param pos="0" name="os.version" value="17.04"/>
+    <param pos="0" name="os.cpe23" value="cpe:/o:canonical:ubuntu_linux:17.04"/>
   </fingerprint>
-  <fingerprint pattern="^OpenSSH_(5\.1p1) (Debian-3ubuntu\d+(?:\.\d+)?)$">
-    <description>OpenSSH running on Ubuntu 8.10</description>
-    <example>OpenSSH_5.1p1 Debian-3ubuntu1</example>
+
+  <fingerprint pattern="^OpenSSH_(7\.5p1) (Ubuntu-10ubuntu\d(?:\.\d)?)$">
+    <description>OpenSSH running on Ubuntu 17.10</description>
+    <example service.version="7.5p1" openssh.comment="Ubuntu-10ubuntu0.1">OpenSSH_7.5p1 Ubuntu-10ubuntu0.1</example>
     <param pos="1" name="service.version"/>
     <param pos="2" name="openssh.comment"/>
     <param pos="0" name="service.vendor" value="OpenBSD"/>
@@ -195,12 +1042,13 @@
     <param pos="0" name="os.vendor" value="Ubuntu"/>
     <param pos="0" name="os.family" value="Linux"/>
     <param pos="0" name="os.product" value="Linux"/>
-    <param pos="0" name="os.version" value="8.10"/>
-    <param pos="0" name="os.cpe23" value="cpe:/o:canonical:ubuntu_linux:8.10"/>
+    <param pos="0" name="os.version" value="17.10"/>
+    <param pos="0" name="os.cpe23" value="cpe:/o:canonical:ubuntu_linux:17.10"/>
   </fingerprint>
-  <fingerprint pattern="^OpenSSH_(5\.1p1) (Debian-5ubuntu\d+(?:\.\d+)?)$">
-    <description>OpenSSH running on Ubuntu 9.04</description>
-    <example>OpenSSH_5.1p1 Debian-5ubuntu1</example>
+
+  <fingerprint pattern="^OpenSSH_(7\.6p1) (Ubuntu-4ubuntu\d(?:\.\d)?)$">
+    <description>OpenSSH running on Ubuntu 18.04</description>
+    <example service.version="7.6p1" openssh.comment="Ubuntu-4ubuntu0.3">OpenSSH_7.6p1 Ubuntu-4ubuntu0.3</example>
     <param pos="1" name="service.version"/>
     <param pos="2" name="openssh.comment"/>
     <param pos="0" name="service.vendor" value="OpenBSD"/>
@@ -210,12 +1058,13 @@
     <param pos="0" name="os.vendor" value="Ubuntu"/>
     <param pos="0" name="os.family" value="Linux"/>
     <param pos="0" name="os.product" value="Linux"/>
-    <param pos="0" name="os.version" value="9.04"/>
-    <param pos="0" name="os.cpe23" value="cpe:/o:canonical:ubuntu_linux:9.04"/>
+    <param pos="0" name="os.version" value="18.04"/>
+    <param pos="0" name="os.cpe23" value="cpe:/o:canonical:ubuntu_linux:18.04"/>
   </fingerprint>
-  <fingerprint pattern="^OpenSSH_(5\.1p1) (Debian-6ubuntu\d+(?:\.\d+)?)$">
-    <description>OpenSSH running on Ubuntu 9.10</description>
-    <example>OpenSSH_5.1p1 Debian-6ubuntu2</example>
+
+  <fingerprint pattern="^OpenSSH_(7\.7p1) (Ubuntu-4)$">
+    <description>OpenSSH running on Ubuntu 18.10</description>
+    <example service.version="7.7p1" openssh.comment="Ubuntu-4">OpenSSH_7.7p1 Ubuntu-4</example>
     <param pos="1" name="service.version"/>
     <param pos="2" name="openssh.comment"/>
     <param pos="0" name="service.vendor" value="OpenBSD"/>
@@ -225,17 +1074,13 @@
     <param pos="0" name="os.vendor" value="Ubuntu"/>
     <param pos="0" name="os.family" value="Linux"/>
     <param pos="0" name="os.product" value="Linux"/>
-    <param pos="0" name="os.version" value="9.10"/>
-    <param pos="0" name="os.cpe23" value="cpe:/o:canonical:ubuntu_linux:9.10"/>
+    <param pos="0" name="os.version" value="18.10"/>
+    <param pos="0" name="os.cpe23" value="cpe:/o:canonical:ubuntu_linux:18.10"/>
   </fingerprint>
-  <fingerprint pattern="^OpenSSH_(5\.3p1) (Debian-3ubuntu\d+(?:\.\d+)?)$">
-    <description>OpenSSH running on Ubuntu 10.04 (lucid)</description>
-    <example service.version="5.3p1" openssh.comment="Debian-3ubuntu3">OpenSSH_5.3p1 Debian-3ubuntu3</example>
-    <example service.version="5.3p1" openssh.comment="Debian-3ubuntu4">OpenSSH_5.3p1 Debian-3ubuntu4</example>
-    <example service.version="5.3p1" openssh.comment="Debian-3ubuntu5">OpenSSH_5.3p1 Debian-3ubuntu5</example>
-    <example service.version="5.3p1" openssh.comment="Debian-3ubuntu6">OpenSSH_5.3p1 Debian-3ubuntu6</example>
-    <example service.version="5.3p1" openssh.comment="Debian-3ubuntu7">OpenSSH_5.3p1 Debian-3ubuntu7</example>
-    <example service.version="5.3p1" openssh.comment="Debian-3ubuntu7.1">OpenSSH_5.3p1 Debian-3ubuntu7.1</example>
+
+  <fingerprint pattern="^OpenSSH_(7\.9p1) (Ubuntu-10)$">
+    <description>OpenSSH running on Ubuntu 19.04</description>
+    <example service.version="7.9p1" openssh.comment="Ubuntu-10">OpenSSH_7.9p1 Ubuntu-10</example>
     <param pos="1" name="service.version"/>
     <param pos="2" name="openssh.comment"/>
     <param pos="0" name="service.vendor" value="OpenBSD"/>
@@ -245,14 +1090,13 @@
     <param pos="0" name="os.vendor" value="Ubuntu"/>
     <param pos="0" name="os.family" value="Linux"/>
     <param pos="0" name="os.product" value="Linux"/>
-    <param pos="0" name="os.version" value="10.04"/>
-    <param pos="0" name="os.cpe23" value="cpe:/o:canonical:ubuntu_linux:10.04"/>
+    <param pos="0" name="os.version" value="19.04"/>
+    <param pos="0" name="os.cpe23" value="cpe:/o:canonical:ubuntu_linux:19.04"/>
   </fingerprint>
-  <fingerprint pattern="^OpenSSH_(5\.5p1) (Debian-4ubuntu\d+(?:\.\d+)?)$">
-    <description>OpenSSH running on Ubuntu 10.10</description>
-    <example service.version="5.5p1" openssh.comment="Debian-4ubuntu4">OpenSSH_5.5p1 Debian-4ubuntu4</example>
-    <example service.version="5.5p1" openssh.comment="Debian-4ubuntu5">OpenSSH_5.5p1 Debian-4ubuntu5</example>
-    <example service.version="5.5p1" openssh.comment="Debian-4ubuntu6">OpenSSH_5.5p1 Debian-4ubuntu6</example>
+
+  <fingerprint pattern="^OpenSSH_(8\.0p1) (Ubuntu-6build1)$">
+    <description>OpenSSH running on Ubuntu 19.10</description>
+    <example service.version="8.0p1" openssh.comment="Ubuntu-6build1">OpenSSH_8.0p1 Ubuntu-6build1</example>
     <param pos="1" name="service.version"/>
     <param pos="2" name="openssh.comment"/>
     <param pos="0" name="service.vendor" value="OpenBSD"/>
@@ -262,12 +1106,13 @@
     <param pos="0" name="os.vendor" value="Ubuntu"/>
     <param pos="0" name="os.family" value="Linux"/>
     <param pos="0" name="os.product" value="Linux"/>
-    <param pos="0" name="os.version" value="10.10"/>
-    <param pos="0" name="os.cpe23" value="cpe:/o:canonical:ubuntu_linux:10.10"/>
+    <param pos="0" name="os.version" value="19.10"/>
+    <param pos="0" name="os.cpe23" value="cpe:/o:canonical:ubuntu_linux:19.10"/>
   </fingerprint>
-  <fingerprint pattern="^OpenSSH_(5\.8p1) (Debian-1ubuntu\d(?:\.\d)?)$">
-    <description>OpenSSH running on Ubuntu 11.04</description>
-    <example>OpenSSH_5.8p1 Debian-1ubuntu3</example>
+
+  <fingerprint pattern="^OpenSSH_([^\s]+)\s+(Ubuntu-\d\d?)$">
+    <description>OpenSSH running on Ubuntu (unknown release)</description>
+    <example service.version="7.6p1" openssh.comment="Ubuntu-2">OpenSSH_7.6p1 Ubuntu-2</example>
     <param pos="1" name="service.version"/>
     <param pos="2" name="openssh.comment"/>
     <param pos="0" name="service.vendor" value="OpenBSD"/>
@@ -277,12 +1122,12 @@
     <param pos="0" name="os.vendor" value="Ubuntu"/>
     <param pos="0" name="os.family" value="Linux"/>
     <param pos="0" name="os.product" value="Linux"/>
-    <param pos="0" name="os.version" value="11.04"/>
-    <param pos="0" name="os.cpe23" value="cpe:/o:canonical:ubuntu_linux:11.04"/>
+    <param pos="0" name="os.cpe23" value="cpe:/o:canonical:ubuntu_linux:-"/>
   </fingerprint>
-  <fingerprint pattern="^OpenSSH_(5\.8p1) (Debian-7ubuntu\d(?:\.\d)?)$">
-    <description>OpenSSH running on Ubuntu 11.10</description>
-    <example>OpenSSH_5.8p1 Debian-7ubuntu1</example>
+
+  <fingerprint pattern="^OpenSSH_([^\s]+)\s+((?:Debian|Ubuntu).+ubuntu.*)$">
+    <description>OpenSSH running on Ubuntu</description>
+    <example service.version="7.2p3" openssh.comment="Ubuntu-4ubuntu2.2">OpenSSH_7.2p3 Ubuntu-4ubuntu2.2</example>
     <param pos="1" name="service.version"/>
     <param pos="2" name="openssh.comment"/>
     <param pos="0" name="service.vendor" value="OpenBSD"/>
@@ -292,118 +1137,133 @@
     <param pos="0" name="os.vendor" value="Ubuntu"/>
     <param pos="0" name="os.family" value="Linux"/>
     <param pos="0" name="os.product" value="Linux"/>
-    <param pos="0" name="os.version" value="11.10"/>
-    <param pos="0" name="os.cpe23" value="cpe:/o:canonical:ubuntu_linux:11.10"/>
+    <param pos="0" name="os.certainty" value="0.75"/>
+    <param pos="0" name="os.cpe23" value="cpe:/o:canonical:ubuntu_linux:-"/>
   </fingerprint>
-  <fingerprint pattern="^OpenSSH_(5\.9p1) (Debian-5ubuntu\d(?:\.\d)?)$">
-    <description>OpenSSH running on Ubuntu 12.04</description>
-    <example service.version="5.9p1" openssh.comment="Debian-5ubuntu1">OpenSSH_5.9p1 Debian-5ubuntu1</example>
-    <example service.version="5.9p1" openssh.comment="Debian-5ubuntu1.4">OpenSSH_5.9p1 Debian-5ubuntu1.4</example>
+
+  <!-- Debian -->
+
+  <fingerprint pattern="^OpenSSH_([^\s]+)\s+(Debian.+woody.*)$">
+    <description>OpenSSH running on Debian 3.0 (woody)</description>
+    <example service.version="3.4p1" openssh.comment="Debian 1:3.4p1-1.woody.3">OpenSSH_3.4p1 Debian 1:3.4p1-1.woody.3</example>
     <param pos="1" name="service.version"/>
     <param pos="2" name="openssh.comment"/>
     <param pos="0" name="service.vendor" value="OpenBSD"/>
     <param pos="0" name="service.family" value="OpenSSH"/>
     <param pos="0" name="service.product" value="OpenSSH"/>
     <param pos="0" name="service.cpe23" value="cpe:/a:openbsd:openssh:{service.version}"/>
-    <param pos="0" name="os.vendor" value="Ubuntu"/>
+    <param pos="0" name="os.vendor" value="Debian"/>
     <param pos="0" name="os.family" value="Linux"/>
     <param pos="0" name="os.product" value="Linux"/>
-    <param pos="0" name="os.version" value="12.04"/>
-    <param pos="0" name="os.cpe23" value="cpe:/o:canonical:ubuntu_linux:12.04"/>
+    <param pos="0" name="os.version" value="3.0"/>
+    <param pos="0" name="os.cpe23" value="cpe:/o:debian:debian_linux:3.0"/>
   </fingerprint>
-  <fingerprint pattern="^OpenSSH_(6\.0p1) (Debian-3ubuntu\d(?:\.\d)?)$">
-    <description>OpenSSH running on Ubuntu 12.10</description>
-    <example>OpenSSH_6.0p1 Debian-3ubuntu1</example>
+
+  <fingerprint pattern="^OpenSSH_([^\s]+)\s+(Debian.+sarge.*)$">
+    <description>OpenSSH running on Debian 3.1 (sarge)</description>
+    <example service.version="3.8.1p1" openssh.comment="Debian-8.sarge.4">OpenSSH_3.8.1p1 Debian-8.sarge.4</example>
     <param pos="1" name="service.version"/>
     <param pos="2" name="openssh.comment"/>
     <param pos="0" name="service.vendor" value="OpenBSD"/>
     <param pos="0" name="service.family" value="OpenSSH"/>
     <param pos="0" name="service.product" value="OpenSSH"/>
     <param pos="0" name="service.cpe23" value="cpe:/a:openbsd:openssh:{service.version}"/>
-    <param pos="0" name="os.vendor" value="Ubuntu"/>
+    <param pos="0" name="os.vendor" value="Debian"/>
     <param pos="0" name="os.family" value="Linux"/>
     <param pos="0" name="os.product" value="Linux"/>
-    <param pos="0" name="os.version" value="12.10"/>
-    <param pos="0" name="os.cpe23" value="cpe:/o:canonical:ubuntu_linux:12.10"/>
+    <param pos="0" name="os.version" value="3.1"/>
+    <param pos="0" name="os.cpe23" value="cpe:/o:debian:debian_linux:3.1"/>
   </fingerprint>
-  <fingerprint pattern="^OpenSSH_(6\.1p1) (Debian-4)$">
-    <description>OpenSSH running on Ubuntu 13.04</description>
-    <example>OpenSSH_6.1p1 Debian-4</example>
+
+  <fingerprint pattern="^OpenSSH_(4\.3p2) (Debian-9.*)$">
+    <description>OpenSSH running on Debian 4.0 (etch)</description>
+    <example service.version="4.3p2" openssh.comment="Debian-9">OpenSSH_4.3p2 Debian-9</example>
+    <example service.version="4.3p2" openssh.comment="Debian-9etch3">OpenSSH_4.3p2 Debian-9etch3</example>
     <param pos="1" name="service.version"/>
     <param pos="2" name="openssh.comment"/>
     <param pos="0" name="service.vendor" value="OpenBSD"/>
     <param pos="0" name="service.family" value="OpenSSH"/>
     <param pos="0" name="service.product" value="OpenSSH"/>
     <param pos="0" name="service.cpe23" value="cpe:/a:openbsd:openssh:{service.version}"/>
-    <param pos="0" name="os.vendor" value="Ubuntu"/>
+    <param pos="0" name="os.vendor" value="Debian"/>
     <param pos="0" name="os.family" value="Linux"/>
     <param pos="0" name="os.product" value="Linux"/>
-    <param pos="0" name="os.version" value="13.04"/>
-    <param pos="0" name="os.cpe23" value="cpe:/o:canonical:ubuntu_linux:13.04"/>
+    <param pos="0" name="os.version" value="4.0"/>
+    <param pos="0" name="os.cpe23" value="cpe:/o:debian:debian_linux:4.0"/>
   </fingerprint>
-  <fingerprint pattern="^OpenSSH_(\d+\.\d+(?:\.\d+)?(?:p\d+)?)[_|-](hpn\d+v\d+)$">
-    <description>OpenSSH with HPN patches</description>
-    <example service.version="6.1" openssh.comment="hpn13v11">OpenSSH_6.1_hpn13v11</example>
-    <example service.version="5.8p1" openssh.comment="hpn13v11">OpenSSH_5.8p1-hpn13v11</example>
-    <example service.version="5.8p1" openssh.comment="hpn14v9">OpenSSH_5.8p1-hpn14v9</example>
+
+  <fingerprint pattern="^OpenSSH_(5\.1p1) (Debian-5)$">
+    <description>OpenSSH running on Debian 5.0 (also 5.10)</description>
+    <example service.version="5.1p1" openssh.comment="Debian-5">OpenSSH_5.1p1 Debian-5</example>
     <param pos="1" name="service.version"/>
     <param pos="2" name="openssh.comment"/>
     <param pos="0" name="service.vendor" value="OpenBSD"/>
     <param pos="0" name="service.family" value="OpenSSH"/>
     <param pos="0" name="service.product" value="OpenSSH"/>
     <param pos="0" name="service.cpe23" value="cpe:/a:openbsd:openssh:{service.version}"/>
+    <param pos="0" name="os.vendor" value="Debian"/>
+    <param pos="0" name="os.family" value="Linux"/>
+    <param pos="0" name="os.product" value="Linux"/>
+    <param pos="0" name="os.version" value="5.0"/>
+    <param pos="0" name="os.cpe23" value="cpe:/o:debian:debian_linux:5.0"/>
   </fingerprint>
-  <fingerprint pattern="^OpenSSH_(6\.6(?:\.\d)?p1) (Ubuntu-2ubuntu\d+(?:\.\d+)?)$">
-    <description>OpenSSH running on Ubuntu 14.04</description>
-    <example service.version="6.6p1" openssh.comment="Ubuntu-2ubuntu1">OpenSSH_6.6p1 Ubuntu-2ubuntu1</example>
-    <example service.version="6.6.1p1" openssh.comment="Ubuntu-2ubuntu2">OpenSSH_6.6.1p1 Ubuntu-2ubuntu2</example>
+
+  <fingerprint pattern="^OpenSSH_([^\s]+)\s+(Debian-\d+[+~]squeeze.*)$">
+    <description>OpenSSH running on Debian 6.0 (squeeze)</description>
+    <example service.version="5.5p1" openssh.comment="Debian-6+squeeze4">OpenSSH_5.5p1 Debian-6+squeeze4</example>
+    <example service.version="5.5p1" openssh.comment="Debian-26+squeeze7">OpenSSH_5.5p1 Debian-26+squeeze7</example>
+    <example service.version="5.8p1" openssh.comment="Debian-4~squeeze+1">OpenSSH_5.8p1 Debian-4~squeeze+1</example>
     <param pos="1" name="service.version"/>
     <param pos="2" name="openssh.comment"/>
     <param pos="0" name="service.vendor" value="OpenBSD"/>
     <param pos="0" name="service.family" value="OpenSSH"/>
     <param pos="0" name="service.product" value="OpenSSH"/>
     <param pos="0" name="service.cpe23" value="cpe:/a:openbsd:openssh:{service.version}"/>
-    <param pos="0" name="os.vendor" value="Ubuntu"/>
+    <param pos="0" name="os.vendor" value="Debian"/>
     <param pos="0" name="os.family" value="Linux"/>
     <param pos="0" name="os.product" value="Linux"/>
-    <param pos="0" name="os.version" value="14.04"/>
-    <param pos="0" name="os.cpe23" value="cpe:/o:canonical:ubuntu_linux:14.04"/>
+    <param pos="0" name="os.version" value="6.0"/>
+    <param pos="0" name="os.cpe23" value="cpe:/o:debian:debian_linux:6.0"/>
   </fingerprint>
-  <fingerprint pattern="^OpenSSH_(6\.7p1) (Ubuntu-5ubuntu\d(?:\.\d)?)$">
-    <description>OpenSSH running on Ubuntu 15.04 (vivid)</description>
-    <example service.version="6.7p1" openssh.comment="Ubuntu-5ubuntu1">OpenSSH_6.7p1 Ubuntu-5ubuntu1</example>
+
+  <fingerprint pattern="^OpenSSH_(5\.5p1) (Debian-6)$">
+    <description>OpenSSH running on Debian 6.0 (w/o squeeze in banner)</description>
+    <example service.version="5.5p1" openssh.comment="Debian-6">OpenSSH_5.5p1 Debian-6</example>
     <param pos="1" name="service.version"/>
     <param pos="2" name="openssh.comment"/>
     <param pos="0" name="service.vendor" value="OpenBSD"/>
     <param pos="0" name="service.family" value="OpenSSH"/>
     <param pos="0" name="service.product" value="OpenSSH"/>
     <param pos="0" name="service.cpe23" value="cpe:/a:openbsd:openssh:{service.version}"/>
-    <param pos="0" name="os.vendor" value="Ubuntu"/>
+    <param pos="0" name="os.vendor" value="Debian"/>
     <param pos="0" name="os.family" value="Linux"/>
     <param pos="0" name="os.product" value="Linux"/>
-    <param pos="0" name="os.version" value="15.04"/>
-    <param pos="0" name="os.cpe23" value="cpe:/o:canonical:ubuntu_linux:15.04"/>
+    <param pos="0" name="os.version" value="6.0"/>
+    <param pos="0" name="os.cpe23" value="cpe:/o:debian:debian_linux:6.0"/>
   </fingerprint>
-  <fingerprint pattern="^OpenSSH_([^\s]+)\s+(Ubuntu-\d\d?)$">
-    <description>OpenSSH running on Ubuntu (unknown release)</description>
-    <example service.version="7.4p1" openssh.comment="Ubuntu-10">OpenSSH_7.4p1 Ubuntu-10</example>
-    <example service.version="7.6p1" openssh.comment="Ubuntu-2">OpenSSH_7.6p1 Ubuntu-2</example>
+
+  <!-- More specific than and should preceed the 7.0 match -->
+
+  <fingerprint pattern="^OpenSSH_([^\s]+)\s+(Debian-4\+deb7u2)$">
+    <description>OpenSSH running on Debian 7.8 (wheezy)</description>
+    <example service.version="6.0p1" openssh.comment="Debian-4+deb7u2">OpenSSH_6.0p1 Debian-4+deb7u2</example>
     <param pos="1" name="service.version"/>
     <param pos="2" name="openssh.comment"/>
     <param pos="0" name="service.vendor" value="OpenBSD"/>
     <param pos="0" name="service.family" value="OpenSSH"/>
     <param pos="0" name="service.product" value="OpenSSH"/>
     <param pos="0" name="service.cpe23" value="cpe:/a:openbsd:openssh:{service.version}"/>
-    <param pos="0" name="os.vendor" value="Ubuntu"/>
+    <param pos="0" name="os.vendor" value="Debian"/>
     <param pos="0" name="os.family" value="Linux"/>
     <param pos="0" name="os.product" value="Linux"/>
-    <param pos="0" name="os.cpe23" value="cpe:/o:canonical:ubuntu_linux:-"/>
+    <param pos="0" name="os.version" value="7.8"/>
+    <param pos="0" name="os.cpe23" value="cpe:/o:debian:debian_linux:7.8"/>
   </fingerprint>
+
   <fingerprint pattern="^OpenSSH_([^\s]+)\s+(Debian-4(?:\+deb7u\d+)?)$">
     <description>OpenSSH running on Debian 7.x (wheezy)</description>
     <example service.version="6.0p1" openssh.comment="Debian-4">OpenSSH_6.0p1 Debian-4</example>
     <example service.version="6.0p1" openssh.comment="Debian-4+deb7u1">OpenSSH_6.0p1 Debian-4+deb7u1</example>
-    <example service.version="6.0p1" openssh.comment="Debian-4+deb7u2">OpenSSH_6.0p1 Debian-4+deb7u2</example>
     <param pos="1" name="service.version"/>
     <param pos="2" name="openssh.comment"/>
     <param pos="0" name="service.vendor" value="OpenBSD"/>
@@ -416,6 +1276,7 @@
     <param pos="0" name="os.version" value="7.0"/>
     <param pos="0" name="os.cpe23" value="cpe:/o:debian:debian_linux:7.0"/>
   </fingerprint>
+
   <fingerprint pattern="^OpenSSH_([^\s]+)\s+(Debian-\d~bpo7\d?\+\d+)$">
     <description>OpenSSH backport running on Debian 7.x (wheezy)</description>
     <example service.version="6.6.1p1" openssh.comment="Debian-4~bpo70+1">OpenSSH_6.6.1p1 Debian-4~bpo70+1</example>
@@ -432,10 +1293,12 @@
     <param pos="0" name="os.version" value="7.0"/>
     <param pos="0" name="os.cpe23" value="cpe:/o:debian:debian_linux:7.0"/>
   </fingerprint>
+
   <fingerprint pattern="^OpenSSH_([^\s]+)\s+(Debian-5\+deb8u\d+.*)$">
     <description>OpenSSH running on Debian 8.x (jessie)</description>
     <example service.version="6.7p1" openssh.comment="Debian-5+deb8u2">OpenSSH_6.7p1 Debian-5+deb8u2</example>
     <example service.version="6.7p1" openssh.comment="Debian-5+deb8u1~ui80+7">OpenSSH_6.7p1 Debian-5+deb8u1~ui80+7</example>
+    <example service.version="6.7p1" openssh.comment="Debian-5+deb8u8">OpenSSH_6.7p1 Debian-5+deb8u8</example>
     <param pos="1" name="service.version"/>
     <param pos="2" name="openssh.comment"/>
     <param pos="0" name="service.vendor" value="OpenBSD"/>
@@ -448,6 +1311,7 @@
     <param pos="0" name="os.version" value="8.0"/>
     <param pos="0" name="os.cpe23" value="cpe:/o:debian:debian_linux:8.0"/>
   </fingerprint>
+
   <fingerprint pattern="^OpenSSH_([^\s]+)\s+(Debian-\d\d?\+deb9u\d+)$">
     <description>OpenSSH running on Debian 9.x (stretch)</description>
     <example service.version="7.4p1" openssh.comment="Debian-10+deb9u1">OpenSSH_7.4p1 Debian-10+deb9u1</example>
@@ -464,11 +1328,11 @@
     <param pos="0" name="os.version" value="9.0"/>
     <param pos="0" name="os.cpe23" value="cpe:/o:debian:debian_linux:9.0"/>
   </fingerprint>
-  <fingerprint pattern="^OpenSSH_([^\s]+)\s+(Debian-\d+[+~]squeeze.*)$">
-    <description>OpenSSH running on Debian 6.0 (squeeze)</description>
-    <example service.version="5.5p1" openssh.comment="Debian-6+squeeze4">OpenSSH_5.5p1 Debian-6+squeeze4</example>
-    <example service.version="5.5p1" openssh.comment="Debian-26+squeeze7">OpenSSH_5.5p1 Debian-26+squeeze7</example>
-    <example service.version="5.8p1" openssh.comment="Debian-4~squeeze+1">OpenSSH_5.8p1 Debian-4~squeeze+1</example>
+
+  <fingerprint pattern="^OpenSSH_(7\.9p1) (Debian-10|Debian-\d\d?\+deb10u\d+)$">
+    <description>OpenSSH running on Debian 10.x (buster)</description>
+    <example service.version="7.9p1" openssh.comment="Debian-10">OpenSSH_7.9p1 Debian-10</example>
+    <example service.version="7.9p1" openssh.comment="Debian-10+deb10u6">OpenSSH_7.9p1 Debian-10+deb10u6</example>
     <param pos="1" name="service.version"/>
     <param pos="2" name="openssh.comment"/>
     <param pos="0" name="service.vendor" value="OpenBSD"/>
@@ -478,27 +1342,14 @@
     <param pos="0" name="os.vendor" value="Debian"/>
     <param pos="0" name="os.family" value="Linux"/>
     <param pos="0" name="os.product" value="Linux"/>
-    <param pos="0" name="os.version" value="6.0"/>
-    <param pos="0" name="os.cpe23" value="cpe:/o:debian:debian_linux:6.0"/>
-  </fingerprint>
-  <fingerprint pattern="^OpenSSH_([^\s]+)\s+((?:Debian|Ubuntu).+ubuntu.*)$">
-    <description>OpenSSH running on Ubuntu</description>
-    <example service.version="7.2p2" openssh.comment="Ubuntu-4ubuntu2.2">OpenSSH_7.2p2 Ubuntu-4ubuntu2.2</example>
-    <param pos="1" name="service.version"/>
-    <param pos="2" name="openssh.comment"/>
-    <param pos="0" name="service.vendor" value="OpenBSD"/>
-    <param pos="0" name="service.family" value="OpenSSH"/>
-    <param pos="0" name="service.product" value="OpenSSH"/>
-    <param pos="0" name="service.cpe23" value="cpe:/a:openbsd:openssh:{service.version}"/>
-    <param pos="0" name="os.vendor" value="Ubuntu"/>
-    <param pos="0" name="os.family" value="Linux"/>
-    <param pos="0" name="os.product" value="Linux"/>
-    <param pos="0" name="os.certainty" value="0.75"/>
-    <param pos="0" name="os.cpe23" value="cpe:/o:canonical:ubuntu_linux:-"/>
+    <param pos="0" name="os.version" value="10.0"/>
+    <param pos="0" name="os.cpe23" value="cpe:/o:debian:debian_linux:10.0"/>
   </fingerprint>
-  <fingerprint pattern="^OpenSSH_([^\s]+)\s+(Debian.+etch.*)$">
-    <description>OpenSSH running on Debian 4.0 (etch)</description>
-    <example service.version="4.3p2" openssh.comment="Debian-9etch3">OpenSSH_4.3p2 Debian-9etch3</example>
+
+  <fingerprint pattern="^OpenSSH_(8\.1p1) (Debian-1|Debian-\d\d?\+deb11u\d+)$">
+    <description>OpenSSH running on Debian 11.x (bullseye)</description>
+    <example service.version="8.1p1" openssh.comment="Debian-1">OpenSSH_8.1p1 Debian-1</example>
+    <example service.version="8.1p1" openssh.comment="Debian-1+deb11u1">OpenSSH_8.1p1 Debian-1+deb11u1</example>
     <param pos="1" name="service.version"/>
     <param pos="2" name="openssh.comment"/>
     <param pos="0" name="service.vendor" value="OpenBSD"/>
@@ -508,12 +1359,15 @@
     <param pos="0" name="os.vendor" value="Debian"/>
     <param pos="0" name="os.family" value="Linux"/>
     <param pos="0" name="os.product" value="Linux"/>
-    <param pos="0" name="os.version" value="4.0"/>
-    <param pos="0" name="os.cpe23" value="cpe:/o:debian:debian_linux:4.0"/>
+    <param pos="0" name="os.version" value="11.0"/>
+    <param pos="0" name="os.cpe23" value="cpe:/o:debian:debian_linux:11.0"/>
   </fingerprint>
-  <fingerprint pattern="^OpenSSH_([^\s]+)\s+(Debian.+sarge.*)$">
-    <description>OpenSSH running on Debian 3.1 (sarge)</description>
-    <example service.version="3.8.1p1" openssh.comment="Debian-8.sarge.4">OpenSSH_3.8.1p1 Debian-8.sarge.4</example>
+
+  <fingerprint pattern="^OpenSSH_([^\s]+)\s+(Debian-\d+(?:[~]?bpo[.]?\d+)?)$">
+    <description>OpenSSH running on Debian (unknown release)</description>
+    <example service.version="4.3p2" openssh.comment="Debian-5~bpo.1">OpenSSH_4.3p2 Debian-5~bpo.1</example>
+    <example service.version="4.2p1" openssh.comment="Debian-4bpo1">OpenSSH_4.2p1 Debian-4bpo1</example>
+    <example service.version="7.4p1" openssh.comment="Debian-10">OpenSSH_7.4p1 Debian-10</example>
     <param pos="1" name="service.version"/>
     <param pos="2" name="openssh.comment"/>
     <param pos="0" name="service.vendor" value="OpenBSD"/>
@@ -523,45 +1377,49 @@
     <param pos="0" name="os.vendor" value="Debian"/>
     <param pos="0" name="os.family" value="Linux"/>
     <param pos="0" name="os.product" value="Linux"/>
-    <param pos="0" name="os.version" value="3.1"/>
-    <param pos="0" name="os.cpe23" value="cpe:/o:debian:debian_linux:3.1"/>
+    <param pos="0" name="os.cpe23" value="cpe:/o:debian:debian_linux:-"/>
   </fingerprint>
-  <fingerprint pattern="^OpenSSH_([^\s]+)\s+(Debian.+woody.*)$">
-    <description>OpenSSH running on Debian 3.0 (woody)</description>
-    <example service.version="3.4p1" openssh.comment="Debian 1:3.4p1-1.woody.3">OpenSSH_3.4p1 Debian 1:3.4p1-1.woody.3</example>
+
+  <!-- Raspbian -->
+
+  <fingerprint pattern="^OpenSSH_([^\s]+)\s+(Raspbian-5\+deb8u\d+)$">
+    <description>OpenSSH running on Raspbian (Debian 8 "Jessie" based)</description>
+    <example service.version="6.7p1" openssh.comment="Raspbian-5+deb8u1">OpenSSH_6.7p1 Raspbian-5+deb8u1</example>
+    <example service.version="6.7p1" openssh.comment="Raspbian-5+deb8u2">OpenSSH_6.7p1 Raspbian-5+deb8u2</example>
     <param pos="1" name="service.version"/>
     <param pos="2" name="openssh.comment"/>
     <param pos="0" name="service.vendor" value="OpenBSD"/>
     <param pos="0" name="service.family" value="OpenSSH"/>
     <param pos="0" name="service.product" value="OpenSSH"/>
     <param pos="0" name="service.cpe23" value="cpe:/a:openbsd:openssh:{service.version}"/>
-    <param pos="0" name="os.vendor" value="Debian"/>
+    <param pos="0" name="os.vendor" value="Raspbian"/>
     <param pos="0" name="os.family" value="Linux"/>
     <param pos="0" name="os.product" value="Linux"/>
-    <param pos="0" name="os.version" value="3.0"/>
-    <param pos="0" name="os.cpe23" value="cpe:/o:debian:debian_linux:3.0"/>
+    <param pos="0" name="os.version" value="8.0"/>
+    <param pos="0" name="hw.product" value="Raspberry Pi"/>
   </fingerprint>
-  <fingerprint pattern="^OpenSSH_([^\s]+)\s+(Debian-\d+(?:[~]?bpo[.]?\d+)?)$">
-    <description>OpenSSH running on Debian (unknown release)</description>
-    <example service.version="5.5p1" openssh.comment="Debian-6">OpenSSH_5.5p1 Debian-6</example>
-    <example service.version="4.3p2" openssh.comment="Debian-5~bpo.1">OpenSSH_4.3p2 Debian-5~bpo.1</example>
-    <example service.version="4.2p1" openssh.comment="Debian-4bpo1">OpenSSH_4.2p1 Debian-4bpo1</example>
-    <example service.version="7.4p1" openssh.comment="Debian-10">OpenSSH_7.4p1 Debian-10</example>
+
+  <fingerprint pattern="^OpenSSH_([^\s]+)\s+(Raspbian-\d\d?\+deb9u\d+)$">
+    <description>OpenSSH running on Raspbian (Debian 9 "Stretch" based)</description>
+    <example service.version="7.4p1" openssh.comment="Raspbian-10+deb9u1">OpenSSH_7.4p1 Raspbian-10+deb9u1</example>
+    <example service.version="7.4p1" openssh.comment="Raspbian-9+deb9u1">OpenSSH_7.4p1 Raspbian-9+deb9u1</example>
     <param pos="1" name="service.version"/>
     <param pos="2" name="openssh.comment"/>
     <param pos="0" name="service.vendor" value="OpenBSD"/>
     <param pos="0" name="service.family" value="OpenSSH"/>
     <param pos="0" name="service.product" value="OpenSSH"/>
     <param pos="0" name="service.cpe23" value="cpe:/a:openbsd:openssh:{service.version}"/>
-    <param pos="0" name="os.vendor" value="Debian"/>
+    <param pos="0" name="os.vendor" value="Raspbian"/>
     <param pos="0" name="os.family" value="Linux"/>
     <param pos="0" name="os.product" value="Linux"/>
-    <param pos="0" name="os.cpe23" value="cpe:/o:debian:debian_linux:-"/>
+    <param pos="0" name="os.version" value="9.0"/>
+    <param pos="0" name="hw.product" value="Raspberry Pi"/>
   </fingerprint>
-  <fingerprint pattern="^OpenSSH_([^\s]+)\s+(Raspbian-\d\d?\+deb9u\d+)$">
-    <description>OpenSSH running on Raspbian (Debian 9 "Stretch" based)</description>
-    <example service.version="7.4p1" openssh.comment="Raspbian-10+deb9u1">OpenSSH_7.4p1 Raspbian-10+deb9u1</example>
-    <example service.version="7.4p1" openssh.comment="Raspbian-9+deb9u1">OpenSSH_7.4p1 Raspbian-9+deb9u1</example>
+
+  <fingerprint pattern="^OpenSSH_(7\.9p1)\s+(Raspbian-(?:10|\d\d?\+deb10u\d+))$">
+    <description>OpenSSH running on Raspbian (Debian 10 "Buster" based)</description>
+    <example service.version="7.9p1" openssh.comment="Raspbian-10">OpenSSH_7.9p1 Raspbian-10</example>
+    <example service.version="7.9p1" openssh.comment="Raspbian-10+deb10u1">OpenSSH_7.9p1 Raspbian-10+deb10u1</example>
     <param pos="1" name="service.version"/>
     <param pos="2" name="openssh.comment"/>
     <param pos="0" name="service.vendor" value="OpenBSD"/>
@@ -571,12 +1429,14 @@
     <param pos="0" name="os.vendor" value="Raspbian"/>
     <param pos="0" name="os.family" value="Linux"/>
     <param pos="0" name="os.product" value="Linux"/>
-    <param pos="0" name="os.version" value="9.0"/>
+    <param pos="0" name="os.version" value="10.0"/>
+    <param pos="0" name="hw.product" value="Raspberry Pi"/>
   </fingerprint>
-  <fingerprint pattern="^OpenSSH_([^\s]+)\s+(Raspbian-5\+deb8u\d+)$">
-    <description>OpenSSH running on Raspbian (Debian 8 "Jessie" based)</description>
-    <example service.version="6.7p1" openssh.comment="Raspbian-5+deb8u1">OpenSSH_6.7p1 Raspbian-5+deb8u1</example>
-    <example service.version="6.7p1" openssh.comment="Raspbian-5+deb8u2">OpenSSH_6.7p1 Raspbian-5+deb8u2</example>
+
+  <fingerprint pattern="^OpenSSH_(8\.1p1)\s+(Raspbian-(?:1|\d\d?\+deb11u\d+))$">
+    <description>OpenSSH running on Raspbian (Debian 11 "Bullseye" based)</description>
+    <example service.version="8.1p1" openssh.comment="Raspbian-1">OpenSSH_8.1p1 Raspbian-1</example>
+    <example service.version="8.1p1" openssh.comment="Raspbian-1+deb11u1">OpenSSH_8.1p1 Raspbian-1+deb11u1</example>
     <param pos="1" name="service.version"/>
     <param pos="2" name="openssh.comment"/>
     <param pos="0" name="service.vendor" value="OpenBSD"/>
@@ -586,8 +1446,10 @@
     <param pos="0" name="os.vendor" value="Raspbian"/>
     <param pos="0" name="os.family" value="Linux"/>
     <param pos="0" name="os.product" value="Linux"/>
-    <param pos="0" name="os.version" value="8.0"/>
+    <param pos="0" name="os.version" value="11.0"/>
+    <param pos="0" name="hw.product" value="Raspberry Pi"/>
   </fingerprint>
+
   <fingerprint pattern="^OpenSSH_([^\s]+)\s+(Raspbian-\d\d?)$">
     <description>OpenSSH running on Raspbian (Debian, unknown release)</description>
     <example service.version="7.5p1" openssh.comment="Raspbian-10">OpenSSH_7.5p1 Raspbian-10</example>
@@ -601,7 +1463,11 @@
     <param pos="0" name="os.vendor" value="Raspbian"/>
     <param pos="0" name="os.family" value="Linux"/>
     <param pos="0" name="os.product" value="Linux"/>
+    <param pos="0" name="hw.product" value="Raspberry Pi"/>
   </fingerprint>
+
+  <!-- Miscellaneous -->
+
   <fingerprint pattern="^OpenSSH_(.*)\+(CAN-[0-9]{4}-[0-9]{4})$">
     <description>OpenSSH with CVE patch, as seen in Mac OS X</description>
     <example service.version="3.4p1" openssh.cvepatch="CAN-2004-0175">OpenSSH_3.4p1+CAN-2004-0175</example>
@@ -616,6 +1482,7 @@
     <param pos="0" name="os.product" value="Mac OS X"/>
     <param pos="0" name="os.cpe23" value="cpe:/o:apple:mac_os_x:-"/>
   </fingerprint>
+
   <fingerprint pattern="^OpenSSH_(.*)_Mikrotik_v(.*)$">
     <description>OpenSSH on MikroTik</description>
     <example service.version="2.3.0" os.version="2.9">OpenSSH_2.3.0_Mikrotik_v2.9</example>
@@ -631,6 +1498,7 @@
     <param pos="0" name="os.product" value="RouterOS"/>
     <param pos="0" name="os.cpe23" value="cpe:/o:mikrotik:routeros:{os.version}"/>
   </fingerprint>
+
   <fingerprint pattern="^OpenSSH_(.*)-HipServ$">
     <description>OpenSSH on HipServ</description>
     <example service.version="4.3">OpenSSH_4.3-HipServ</example>
@@ -644,6 +1512,21 @@
     <param pos="0" name="os.family" value="Linux"/>
     <param pos="0" name="os.product" value="HipServ"/>
   </fingerprint>
+
+  <fingerprint pattern="^OpenSSH_for_Windows_([\d.]+)$">
+    <description>OpenSSH running on Windows</description>
+    <example service.version="7.7">OpenSSH_for_Windows_7.7</example>
+    <param pos="1" name="service.version"/>
+    <param pos="0" name="service.vendor" value="OpenBSD"/>
+    <param pos="0" name="service.family" value="OpenSSH"/>
+    <param pos="0" name="service.product" value="OpenSSH"/>
+    <param pos="0" name="service.cpe23" value="cpe:/a:openbsd:openssh:{service.version}"/>
+    <param pos="0" name="os.vendor" value="Microsoft"/>
+    <param pos="0" name="os.family" value="Windows"/>
+    <param pos="0" name="os.product" value="Windows"/>
+    <param pos="0" name="os.cpe23" value="cpe:/o:microsoft:windows:-"/>
+  </fingerprint>
+
   <fingerprint pattern="^OpenSSH_(.*) in DesktopAuthority (?:.*)$">
     <description>DesktopAuthority SSH</description>
     <example service.version="3.8">OpenSSH_3.8 in DesktopAuthority 7.1.091</example>
@@ -657,6 +1540,7 @@
     <param pos="0" name="os.product" value="Windows"/>
     <param pos="0" name="os.cpe23" value="cpe:/o:microsoft:windows:-"/>
   </fingerprint>
+
   <fingerprint pattern="^OpenSSH_(\d+\.\d+(?:\.\d+)?(?:p\d+)?) ((?:PKIX\s+)?FIPS)$">
     <description>OpenSSH with a version and FIPS mode enabled</description>
     <example service.version="5.9" openssh.comment="FIPS">OpenSSH_5.9 FIPS</example>
@@ -669,6 +1553,7 @@
     <param pos="0" name="service.product" value="OpenSSH"/>
     <param pos="0" name="service.cpe23" value="cpe:/a:openbsd:openssh:{service.version}"/>
   </fingerprint>
+
   <fingerprint pattern="^OpenSSH_(\d+\.\d+(?:\.\d+)?(?:p\d+)?) *$">
     <description>OpenSSH with just a version, no comment by vendor</description>
     <example service.version="5.9p1">OpenSSH_5.9p1</example>
@@ -681,6 +1566,7 @@
     <param pos="0" name="service.product" value="OpenSSH"/>
     <param pos="0" name="service.cpe23" value="cpe:/a:openbsd:openssh:{service.version}"/>
   </fingerprint>
+
   <fingerprint pattern="^OpenSSH$">
     <description>OpenSSH w/o version or comment</description>
     <example>OpenSSH</example>
@@ -689,7 +1575,9 @@
     <param pos="0" name="service.product" value="OpenSSH"/>
     <param pos="0" name="service.cpe23" value="cpe:/a:openbsd:openssh:-"/>
   </fingerprint>
+
   <!-- SSH-1.99-OpenSSH_4.3p2-4.cern-hpn-CERN-4.3p2-4.cern -->
+
   <!--<fingerprint pattern="^OpenSSH_?([^\s]*)\s*(.*)$">
       <description>Catch all for OpenSSH based SSH servers
       ******************** NOTE ********************
@@ -702,8 +1590,12 @@
       <param pos="0" name="service.vendor" value="OpenBSD"/>
       <param pos="0" name="service.family" value="OpenSSH"/>
       <param pos="0" name="service.product" value="OpenSSH"/>
-   </fingerprint>-->
+   </fingerprint>
+
+-->
+
   <!-- TODO: Handle "vpn3" banners for Cisco 3000 VPN Concentrators (need example banners first) -->
+
   <fingerprint pattern="^Cisco-(.*)$">
     <description>Cisco SSH banner (could be IOS or PIX), The version always seems to be 1.25</description>
     <example service.version="1.25">Cisco-1.25</example>
@@ -715,8 +1607,9 @@
     <param pos="0" name="os.certainty" value="0.8"/>
     <param pos="0" name="os.cpe23" value="cpe:/o:cisco:ios:-"/>
   </fingerprint>
+
   <fingerprint pattern="^CISCO_WLC$">
-    <description>SSH banner from a Cisco Wireless LAN Controller (WLC)</description>
+    <description>SSH banner from a Cisco WLC (WLC)</description>
     <example>CISCO_WLC</example>
     <param pos="0" name="service.vendor" value="Cisco"/>
     <param pos="0" name="service.product" value="SSH"/>
@@ -724,6 +1617,7 @@
     <param pos="0" name="os.product" value="Wireless LAN Controller"/>
     <param pos="0" name="os.cpe23" value="cpe:/o:cisco:wireless_lan_controller:-"/>
   </fingerprint>
+
   <fingerprint pattern="(?i)^Cleo (\S+)/(\S+) SSH FTP server$">
     <description>Cleo networks Harmony, VLProxy, VLTrader, others</description>
     <example service.product="Harmony" service.version="5.5.0.3">Cleo Harmony/5.5.0.3 SSH FTP server</example>
@@ -732,6 +1626,7 @@
     <param pos="1" name="service.product"/>
     <param pos="2" name="service.version"/>
   </fingerprint>
+
   <fingerprint pattern="^Sun_SSH_(.*)$">
     <description>Sun SSH banner</description>
     <example service.version="1.1">Sun_SSH_1.1</example>
@@ -743,6 +1638,7 @@
     <param pos="0" name="os.product" value="Solaris"/>
     <param pos="0" name="os.cpe23" value="cpe:/o:sun:solaris:-"/>
   </fingerprint>
+
   <fingerprint pattern="^SSH Protocol Compatible Server SCS (.*)$">
     <description>Netscreen with version</description>
     <param pos="1" name="service.version"/>
@@ -755,6 +1651,7 @@
     <param pos="0" name="os.product" value="ScreenOS"/>
     <param pos="0" name="os.cpe23" value="cpe:/o:juniper:screenos:-"/>
   </fingerprint>
+
   <fingerprint pattern="^NetScreen$">
     <description>Netscreen generic</description>
     <example>NetScreen</example>
@@ -767,11 +1664,13 @@
     <param pos="0" name="os.product" value="ScreenOS"/>
     <param pos="0" name="os.cpe23" value="cpe:/o:juniper:screenos:-"/>
   </fingerprint>
+
   <fingerprint pattern="^HUAWEI-(?:[\d\.]+)$">
     <description>Huawei generic</description>
     <example>HUAWEI-1.5</example>
     <param pos="0" name="hw.vendor" value="Huawei"/>
   </fingerprint>
+
   <fingerprint pattern="^HUAWEI-UMG(\d+)">
     <description>Huawei Universal Media Gateway</description>
     <example hw.model="8900">HUAWEI-UMG8900</example>
@@ -780,6 +1679,7 @@
     <param pos="0" name="hw.device" value="Telecom"/>
     <param pos="1" name="hw.model"/>
   </fingerprint>
+
   <fingerprint pattern="^HUAWEI.VRP.([\d\.]+)$">
     <description>Huawei Versatile Routing Platform (VRP)</description>
     <example os.version="3.10" service.version="3.10">HUAWEI-VRP-3.10</example>
@@ -794,6 +1694,7 @@
     <param pos="0" name="os.product" value="VRP"/>
     <param pos="1" name="os.version"/>
   </fingerprint>
+
   <fingerprint pattern="^([\d.]+)[ _]sshlib:? (?i:GlobalScape)$">
     <description>GlobalScape SSH (which uses Bitvise sshlib)</description>
     <example service.component.version="1.36">1.36_sshlib GlobalSCAPE</example>
@@ -811,6 +1712,7 @@
     <param pos="0" name="os.product" value="Windows"/>
     <param pos="0" name="os.cpe23" value="cpe:/o:microsoft:windows:-"/>
   </fingerprint>
+
   <fingerprint pattern="^([^\s]+) sshlib: WinSSHD (.*)$">
     <description>Bitvise WinSSHD (which uses Bitvise sshlib)</description>
     <example service.component.version="1.78" service.version="4.15a">1.78 sshlib: WinSSHD 4.15a</example>
@@ -827,6 +1729,7 @@
     <param pos="0" name="os.product" value="Windows"/>
     <param pos="0" name="os.cpe23" value="cpe:/o:microsoft:windows:-"/>
   </fingerprint>
+
   <fingerprint pattern="^([^\s]+) FlowSsh: (?:Bitvise SSH Server \(WinSSHD\)|WinSSHD) ([\d\.]+):?.*$">
     <description>Bitvise WinSSHD (which uses Bitvise flowssh) with version</description>
     <example service.version="5.09" service.component.version="1.03">1.03 FlowSsh: WinSSHD 5.09</example>
@@ -845,6 +1748,7 @@
     <param pos="0" name="os.product" value="Windows"/>
     <param pos="0" name="os.cpe23" value="cpe:/o:microsoft:windows:-"/>
   </fingerprint>
+
   <fingerprint pattern="^([^\s]+) FlowSsh: (?:Bitvise SSH Server \(WinSSHD\)|WinSSHD)(?: :.*)?$">
     <description>Bitvise WinSSHD (which uses Bitvise flowssh) without version</description>
     <example service.component.version="9.99">9.99 FlowSsh: Bitvise SSH Server (WinSSHD)</example>
@@ -861,6 +1765,7 @@
     <param pos="0" name="os.product" value="Windows"/>
     <param pos="0" name="os.cpe23" value="cpe:/o:microsoft:windows:-"/>
   </fingerprint>
+
   <fingerprint pattern="^([^\s]+) sshlib: MOVEit DMZ SSH (.*)$">
     <description>MOVEit DMZ (which uses Bitvise sshlib)</description>
     <param pos="1" name="service.component.version"/>
@@ -876,6 +1781,7 @@
     <param pos="0" name="os.product" value="Windows"/>
     <param pos="0" name="os.cpe23" value="cpe:/o:microsoft:windows:-"/>
   </fingerprint>
+
   <fingerprint pattern="^paramiko_([\d\.]+).*$">
     <description>Paramiko</description>
     <example service.version="2.1.3">paramiko_2.1.3 501 command not implemented ERROR</example>
@@ -883,7 +1789,9 @@
     <param pos="0" name="service.vendor" value="Paramiko"/>
     <param pos="0" name="service.product" value="Paramiko"/>
     <param pos="1" name="service.version"/>
+    <param pos="0" name="service.cpe23" value="cpe:/a:paramiko:paramiko:{service.version}"/>
   </fingerprint>
+
   <fingerprint pattern="^Pragma SecureShell\s*(.*)$">
     <description>Pragma SecureShell</description>
     <param pos="1" name="service.version"/>
@@ -895,6 +1803,7 @@
     <param pos="0" name="os.product" value="Windows"/>
     <param pos="0" name="os.cpe23" value="cpe:/o:microsoft:windows:-"/>
   </fingerprint>
+
   <fingerprint pattern="^Pragma FortressSSH\s+([\d.]+)(?:\s+\[([\d.:]+)\])?$">
     <description>Pragma FortressSSH</description>
     <example service.version="5.0.9.2031">Pragma FortressSSH 5.0.9.2031</example>
@@ -909,6 +1818,7 @@
     <param pos="0" name="os.product" value="Windows"/>
     <param pos="0" name="os.cpe23" value="cpe:/o:microsoft:windows:-"/>
   </fingerprint>
+
   <fingerprint pattern="^RebexSSH_([\d\.]+)$">
     <description>Rbex SSH</description>
     <example service.version="1.0.5.25508">RebexSSH_1.0.5.25508</example>
@@ -916,12 +1826,14 @@
     <param pos="0" name="service.product" value="SSH"/>
     <param pos="1" name="service.version"/>
   </fingerprint>
+
   <fingerprint pattern="^RGOS_\S+$">
     <description>Ruijie Networks SSH</description>
     <example>RGOS_SSH_1.0</example>
     <example>RGOS_PK3223</example>
     <param pos="0" name="hw.vendor" value="Ruijie"/>
   </fingerprint>
+
   <fingerprint pattern="^VShell_(?:Special_Edition_)?(\d+)_(\d+)_(\d+)_(\d+) VShell$">
     <description>VanDyke VShell - detailed variant</description>
     <example service.version="3" service.version.version="6" service.version.version.version="2" service.version.version.version.version="446">VShell_3_6_2_446 VShell</example>
@@ -935,6 +1847,7 @@
     <param pos="0" name="service.product" value="VShell"/>
     <param pos="0" name="service.cpe23" value="cpe:/a:vandyke:vshell:{service.version}"/>
   </fingerprint>
+
   <fingerprint pattern="^([\s]*)\s*VShell$">
     <description>VanDyke VShell</description>
     <param pos="1" name="service.version"/>
@@ -943,6 +1856,7 @@
     <param pos="0" name="service.product" value="VShell"/>
     <param pos="0" name="service.cpe23" value="cpe:/a:vandyke:vshell:{service.version}"/>
   </fingerprint>
+
   <fingerprint pattern="^WRQReflection(?i:F)orSecureIT_(.*)$">
     <description>Attachmate Reflection (formerly WRQ Reflection for Secure IT)</description>
     <example service.version="6.1 Build 21">WRQReflectionForSecureIT_6.1 Build 21</example>
@@ -952,6 +1866,7 @@
     <param pos="0" name="service.family" value="Reflection"/>
     <param pos="0" name="service.product" value="Reflection"/>
   </fingerprint>
+
   <fingerprint pattern="^([^\s]*)\s*F-Secure SSH\s*(?:.*)$">
     <description>Attachmate Reflection (formerly F-Secure SSH)</description>
     <example service.version="3.2.3">3.2.3 F-Secure SSH Windows NT Server</example>
@@ -960,6 +1875,7 @@
     <param pos="0" name="service.family" value="Reflection"/>
     <param pos="0" name="service.product" value="Reflection"/>
   </fingerprint>
+
   <fingerprint pattern="^([^\s]*)\s*SSH Tectia Server$">
     <description>SSH Communications Security Tectia Server - branded</description>
     <example service.version="6.4.12.353">6.4.12.353 SSH Tectia Server</example>
@@ -968,6 +1884,7 @@
     <param pos="0" name="service.family" value="SSH Tectia Server"/>
     <param pos="0" name="service.product" value="SSH Tectia Server"/>
   </fingerprint>
+
   <fingerprint pattern="^([0-9\.]+) SSH Secure Shell(?: \(non-commercial\))?$">
     <description>SSH Communications Security Tectia Server</description>
     <example service.version="3.2.9.1">3.2.9.1 SSH Secure Shell (non-commercial)</example>
@@ -978,6 +1895,7 @@
     <param pos="0" name="service.family" value="SSH Tectia Server"/>
     <param pos="0" name="service.product" value="SSH Tectia Server"/>
   </fingerprint>
+
   <fingerprint pattern="^([0-9\.]+) SSH Secure Shell Windows NT Server$">
     <description>Unknown Windows SSH server</description>
     <example service.version="4.0.3">4.0.3 SSH Secure Shell Windows NT Server</example>
@@ -990,6 +1908,7 @@
     <param pos="0" name="service.family" value="SSH Tectia Server"/>
     <param pos="0" name="service.product" value="SSH Tectia Server"/>
   </fingerprint>
+
   <fingerprint pattern="^ARRIS_(.*)$">
     <description>ARRIS device (though not clear which) - www.arrisi.com</description>
     <example service.version="0.50">ARRIS_0.50</example>
@@ -998,6 +1917,7 @@
     <param pos="0" name="service.product" value="ARRIS"/>
     <param pos="0" name="os.vendor" value="ARRIS"/>
   </fingerprint>
+
   <fingerprint pattern="^Mocana SSH\s?(?:([\d.]+))?$">
     <description>Mocana Embedded SSH</description>
     <example service.version="5.3.1">Mocana SSH 5.3.1</example>
@@ -1007,6 +1927,7 @@
     <param pos="0" name="service.family" value="Embedded SSH Server"/>
     <param pos="0" name="service.product" value="Embedded SSH Server"/>
   </fingerprint>
+
   <fingerprint pattern="^FreSSH\.(.*)$">
     <description>FreSSH</description>
     <example service.version="0.8">FreSSH.0.8</example>
@@ -1014,6 +1935,7 @@
     <param pos="0" name="service.family" value="FreSSH"/>
     <param pos="0" name="service.product" value="FreSSH"/>
   </fingerprint>
+
   <fingerprint pattern="^RomCliSecure_(.*)$">
     <description>RomCliSecure appears to be the Adtran NetVanta products</description>
     <example service.version="4.12">RomCliSecure_4.12</example>
@@ -1025,6 +1947,7 @@
     <param pos="0" name="os.family" value="NetVanta"/>
     <param pos="0" name="os.product" value="NetVanta"/>
   </fingerprint>
+
   <fingerprint pattern="^.*MultiNet.*$">
     <description>Process Software MultiNet is a suite of network apps for OpenVMS</description>
     <param pos="0" name="service.vendor" value="Process Software"/>
@@ -1035,12 +1958,14 @@
     <param pos="0" name="os.product" value="OpenVMS"/>
     <param pos="0" name="os.cpe23" value="cpe:/o:hp:openvms:-"/>
   </fingerprint>
+
   <fingerprint pattern="^dropbear$">
     <description>Dropbear w/o version - http://matt.ucc.asn.au/dropbear/dropbear.html</description>
     <example>dropbear</example>
     <param pos="0" name="service.family" value="Dropbear"/>
     <param pos="0" name="service.product" value="Dropbear"/>
   </fingerprint>
+
   <fingerprint pattern="^dropbear_(.*)$">
     <description>Dropbear - http://matt.ucc.asn.au/dropbear/dropbear.html</description>
     <example service.version="2015.67">dropbear_2015.67</example>
@@ -1049,6 +1974,7 @@
     <param pos="0" name="service.family" value="Dropbear"/>
     <param pos="0" name="service.product" value="Dropbear"/>
   </fingerprint>
+
   <fingerprint pattern="^lancom$">
     <description>LANCOM Systems - http://www.lancom-systems.de/</description>
     <example>lancom</example>
@@ -1057,6 +1983,7 @@
     <param pos="0" name="service.product" value="SSH"/>
     <param pos="0" name="os.vendor" value="LANCOM Systems"/>
   </fingerprint>
+
   <fingerprint pattern="^0$">
     <description>MOVEit DMZ</description>
     <example>0</example>
@@ -1068,6 +1995,7 @@
     <param pos="0" name="os.product" value="Windows"/>
     <param pos="0" name="os.cpe23" value="cpe:/o:microsoft:windows:-"/>
   </fingerprint>
+
   <fingerprint pattern="^Comware-(\d+\.?\d*\.?\d*)$">
     <description>SSH on H3C Comware</description>
     <example os.version="5.20.105">Comware-5.20.105</example>
@@ -1080,6 +2008,7 @@
     <param pos="0" name="os.family" value="Comware"/>
     <param pos="1" name="os.version"/>
   </fingerprint>
+
   <fingerprint pattern="^Data ONTAP SSH [\d\.]+$">
     <description>SSH NetApp appliances</description>
     <example>Data ONTAP SSH 1.0</example>
@@ -1088,12 +2017,13 @@
     <param pos="0" name="os.product" value="Data ONTAP"/>
     <param pos="0" name="os.cpe23" value="cpe:/o:netapp:data_ontap:-"/>
   </fingerprint>
+
   <fingerprint pattern="^(\d\.\d+\.\d+) SSH Secure Shell OpenVMS V\d+\.\d+$">
     <description>SSH for OpenVMS</description>
     <example service.component.version="3.2.0">3.2.0 SSH Secure Shell OpenVMS V5.5</example>
     <example service.component.version="2.4.1">2.4.1 SSH Secure Shell OpenVMS V1.0</example>
     <param pos="1" name="service.component.version"/>
-    <param pos="0" name="service.component.vendor" value="SSH Communication Security"/>
+    <param pos="0" name="service.component.vendor" value="SSH Communications Security"/>
     <param pos="0" name="service.component.family" value="SSH Secure Shell"/>
     <param pos="0" name="service.component.product" value="SSH Secure Shell"/>
     <param pos="0" name="service.vendor" value="HP"/>
@@ -1105,12 +2035,13 @@
     <param pos="0" name="os.certainty" value="0.75"/>
     <param pos="0" name="os.cpe23" value="cpe:/o:hp:openvms:-"/>
   </fingerprint>
+
   <fingerprint pattern="^(\d\.\d+\.\d+) SSH (?:Secure Shell )?OpenVMS V\d\.\d VMS_sftp_version (\d)$">
     <description>SSH for OpenVMS sftp</description>
     <example service.component.version="3.2.0" service.version="3">3.2.0 SSH Secure Shell OpenVMS V5.5 VMS_sftp_version 3</example>
     <example service.component.version="3.2.0" service.version="3">3.2.0 SSH OpenVMS V5.5 VMS_sftp_version 3</example>
     <param pos="1" name="service.component.version"/>
-    <param pos="0" name="service.component.vendor" value="SSH Communication Security"/>
+    <param pos="0" name="service.component.vendor" value="SSH Communications Security"/>
     <param pos="0" name="service.component.family" value="SSH Secure Shell"/>
     <param pos="0" name="service.component.product" value="SSH Secure Shell"/>
     <param pos="0" name="service.vendor" value="HP"/>
@@ -1121,6 +2052,7 @@
     <param pos="0" name="os.family" value="OpenVMS"/>
     <param pos="0" name="os.certainty" value="0.75"/>
   </fingerprint>
+
   <fingerprint pattern="^\S+ SSH Secure Shell Tru64 UNIX$">
     <description>Digital/Compaq/HP Tru64 Unix</description>
     <example>3.2.0 SSH Secure Shell Tru64 UNIX</example>
@@ -1129,17 +2061,21 @@
     <param pos="0" name="os.product" value="Tru64 Unix"/>
     <param pos="0" name="os.cpe23" value="cpe:/o:hp:tru64:-"/>
   </fingerprint>
-  <fingerprint pattern="^(?:SSH-(\d\.\d)-)?ROSSSH$">
+
+  <fingerprint pattern="^ROSSSH$">
     <description>MikroTik RouterOS sshd</description>
     <example>ROSSSH</example>
-    <example service.version="2.0">SSH-2.0-ROSSSH</example>
-    <param pos="1" name="service.version"/>
     <param pos="0" name="os.vendor" value="MikroTik"/>
     <param pos="0" name="os.device" value="Router"/>
     <param pos="0" name="os.family" value="RouterOS"/>
     <param pos="0" name="os.product" value="RouterOS"/>
     <param pos="0" name="os.cpe23" value="cpe:/o:mikrotik:routeros:-"/>
   </fingerprint>
+
+  <!-- xlightftpd is an ftp server that also supports SFTP. The SFTP
+       server appears in ssh studies, thus this banner is here, and
+       not in ftp_banners.xml-->
+
   <fingerprint pattern="^xlightftpd_release_([\d.]+)$">
     <description>Xlight FTP Server</description>
     <example service.version="3.8.3.6.1">xlightftpd_release_3.8.3.6.1</example>
@@ -1152,6 +2088,7 @@
     <param pos="0" name="os.product" value="Windows"/>
     <param pos="0" name="os.cpe23" value="cpe:/o:microsoft:windows:-"/>
   </fingerprint>
+
   <fingerprint pattern="^libssh[-_]([\d.]+)$">
     <description>SSH server utilising libssh</description>
     <example service.version="0.6.0">libssh-0.6.0</example>
@@ -1162,6 +2099,28 @@
     <param pos="0" name="service.vendor" value="libssh"/>
     <param pos="0" name="service.cpe23" value="cpe:/a:libssh:libssh:{service.version}"/>
   </fingerprint>
+
+  <fingerprint pattern="^WeOnlyDo ([\d.]+)$">
+    <description>WeOnlyDo with version</description>
+    <example service.version="1.2.7">WeOnlyDo 1.2.7</example>
+    <example service.version="2.0.1">WeOnlyDo 2.0.1</example>
+    <example service.version="2.5.4">WeOnlyDo 2.5.4</example>
+    <param pos="1" name="service.version"/>
+    <param pos="0" name="service.family" value="WeOnlyDo"/>
+    <param pos="0" name="service.vendor" value="WeOnlyDo"/>
+    <param pos="0" name="service.product" value="WeOnlyDo SSH Server"/>
+  </fingerprint>
+
+  <fingerprint pattern="^WeOnlyDo ([\d.]+) \(FIPS\)$">
+    <description>WeOnlyDo with version with FIPS mode enabled</description>
+    <example service.version="2.2.9">WeOnlyDo 2.2.9 (FIPS)</example>
+    <example service.version="2.4.3">WeOnlyDo 2.4.3 (FIPS)</example>
+    <param pos="1" name="service.version"/>
+    <param pos="0" name="service.family" value="WeOnlyDo"/>
+    <param pos="0" name="service.vendor" value="WeOnlyDo"/>
+    <param pos="0" name="service.product" value="WeOnlyDo SSH Server"/>
+  </fingerprint>
+
   <!--
 1.2.22j4rad
 2.40
@@ -1170,8 +2129,10 @@ Server-VII
 9.9.1
 IPSSH-1.10.0
 -->
+
   <!--
 Possibly Nortel Passport
 SSH_2.1.1
 -->
-</fingerprints>
+
+</fingerprints>