recog 2.3.7 → 2.3.12
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/.gitignore +9 -2
- data/.ruby-gemset +1 -0
- data/.ruby-version +1 -0
- data/.travis.yml +2 -4
- data/CONTRIBUTING.md +136 -37
- data/Gemfile +2 -5
- data/README.md +18 -16
- data/bin/recog_cleanup +16 -0
- data/bin/recog_standardize +142 -0
- data/cpe-remap.yaml +36 -1
- data/features/match.feature +4 -0
- data/features/support/aruba.rb +3 -0
- data/features/verify.feature +5 -0
- data/identifiers/README.md +56 -0
- data/identifiers/hw_device.txt +77 -0
- data/identifiers/hw_family.txt +96 -0
- data/identifiers/hw_product.txt +328 -0
- data/identifiers/os_architecture.txt +20 -0
- data/identifiers/os_device.txt +94 -0
- data/identifiers/os_family.txt +325 -0
- data/identifiers/os_product.txt +420 -0
- data/identifiers/service_family.txt +272 -0
- data/identifiers/service_product.txt +557 -0
- data/identifiers/software_class.txt +26 -0
- data/identifiers/software_family.txt +91 -0
- data/identifiers/software_product.txt +333 -0
- data/identifiers/vendor.txt +891 -0
- data/lib/recog/version.rb +1 -1
- data/requirements.txt +1 -1
- data/spec/lib/fingerprint_self_test_spec.rb +1 -1
- data/spec/lib/recog/fingerprint/regexp_factory_spec.rb +1 -1
- data/update_cpes.py +4 -1
- data/xml/apache_modules.xml +292 -5
- data/xml/apache_os.xml +50 -2
- data/xml/architecture.xml +19 -7
- data/xml/dns_versionbind.xml +200 -26
- data/xml/favicons.xml +1701 -0
- data/xml/ftp_banners.xml +276 -16
- data/xml/h323_callresp.xml +112 -12
- data/xml/hp_pjl_id.xml +47 -5
- data/xml/html_title.xml +1419 -72
- data/xml/http_cookies.xml +77 -10
- data/xml/http_servers.xml +898 -47
- data/xml/http_wwwauth.xml +154 -27
- data/xml/imap_banners.xml +23 -13
- data/xml/ldap_searchresult.xml +81 -9
- data/xml/mdns_device-info_txt.xml +194 -17
- data/xml/mdns_workstation_txt.xml +4 -2
- data/xml/mysql_banners.xml +554 -45
- data/xml/mysql_error.xml +113 -6
- data/xml/nntp_banners.xml +10 -2
- data/xml/ntp_banners.xml +95 -11
- data/xml/operating_system.xml +90 -3
- data/xml/pop_banners.xml +32 -31
- data/xml/rsh_resp.xml +11 -2
- data/xml/rtsp_servers.xml +43 -23
- data/xml/sip_banners.xml +9 -14
- data/xml/sip_user_agents.xml +69 -3
- data/xml/smb_native_lm.xml +10 -2
- data/xml/smb_native_os.xml +80 -2
- data/xml/smtp_banners.xml +233 -13
- data/xml/smtp_debug.xml +6 -4
- data/xml/smtp_ehlo.xml +7 -5
- data/xml/smtp_expn.xml +13 -4
- data/xml/smtp_help.xml +23 -4
- data/xml/smtp_mailfrom.xml +5 -2
- data/xml/smtp_noop.xml +6 -5
- data/xml/smtp_quit.xml +5 -4
- data/xml/smtp_rcptto.xml +5 -2
- data/xml/smtp_rset.xml +4 -4
- data/xml/smtp_turn.xml +4 -4
- data/xml/smtp_vrfy.xml +14 -4
- data/xml/snmp_sysdescr.xml +776 -52
- data/xml/snmp_sysobjid.xml +47 -2
- data/xml/ssh_banners.xml +259 -80
- data/xml/telnet_banners.xml +376 -23
- data/xml/x11_banners.xml +27 -4
- data/xml/x509_issuers.xml +37 -13
- data/xml/x509_subjects.xml +525 -55
- metadata +29 -6
data/xml/nntp_banners.xml
CHANGED
|
@@ -1,9 +1,10 @@
|
|
|
1
|
-
<?xml version=
|
|
1
|
+
<?xml version='1.0' encoding='UTF-8'?>
|
|
2
2
|
<fingerprints matches="nntp.banner" protocol="nntp" database_type="service">
|
|
3
3
|
<!--
|
|
4
4
|
NNTP greeting messages (part of the banner after the response code) are matched
|
|
5
5
|
against these patterns to fingerprint NNTP servers.
|
|
6
6
|
-->
|
|
7
|
+
|
|
7
8
|
<fingerprint pattern="CCProxy NNTP Service$">
|
|
8
9
|
<description>Youngzsoft CCProxy NNTP with no version</description>
|
|
9
10
|
<example>CCProxy NNTP Service</example>
|
|
@@ -11,6 +12,7 @@
|
|
|
11
12
|
<param pos="0" name="service.family" value="CCProxy"/>
|
|
12
13
|
<param pos="0" name="service.product" value="CCProxy"/>
|
|
13
14
|
</fingerprint>
|
|
15
|
+
|
|
14
16
|
<fingerprint pattern="^(\S+) Lyris ListManager NNTP Service ready">
|
|
15
17
|
<description>Lyris Listmanager</description>
|
|
16
18
|
<example host.name="blah">blah Lyris ListManager NNTP Service ready (posting ok).</example>
|
|
@@ -19,6 +21,7 @@
|
|
|
19
21
|
<param pos="0" name="service.product" value="ListManager"/>
|
|
20
22
|
<param pos="1" name="host.name"/>
|
|
21
23
|
</fingerprint>
|
|
24
|
+
|
|
22
25
|
<fingerprint pattern="^NNTP Service (?:.*) Version: (5.0.2195.[0-9]+) .*$">
|
|
23
26
|
<description>Microsoft IIS NNTP Server on Windows 2000</description>
|
|
24
27
|
<example>NNTP Service 5.00.0984 Version: 5.0.2195.7034 Posting Allowed</example>
|
|
@@ -34,6 +37,7 @@
|
|
|
34
37
|
<param pos="0" name="os.cpe23" value="cpe:/o:microsoft:windows_2000:-"/>
|
|
35
38
|
<param pos="1" name="ms.nttp.version"/>
|
|
36
39
|
</fingerprint>
|
|
40
|
+
|
|
37
41
|
<fingerprint pattern="^NNTP Service (?:.*) Version: (6.0.3790.[0-9]+) .*$">
|
|
38
42
|
<description>Microsoft IIS NNTP Server on Windows Server 2003</description>
|
|
39
43
|
<example>NNTP Service 6.0.3790.3959 Version: 6.0.3790.3959 Posting Allowed</example>
|
|
@@ -49,6 +53,7 @@
|
|
|
49
53
|
<param pos="0" name="os.cpe23" value="cpe:/o:microsoft:windows_server_2003:-"/>
|
|
50
54
|
<param pos="1" name="ms.nttp.version"/>
|
|
51
55
|
</fingerprint>
|
|
56
|
+
|
|
52
57
|
<fingerprint pattern="^NNTP Service Microsoft. Internet Services (?:.*) Version: (?:[^ ]+) .*$">
|
|
53
58
|
<description>Older Microsoft IIS NNTP Servers</description>
|
|
54
59
|
<example>NNTP Service Microsoft. Internet Services 5.00 Version: 5.0.2068.0 Posting Allowed</example>
|
|
@@ -63,6 +68,7 @@
|
|
|
63
68
|
<param pos="0" name="os.product" value="Windows"/>
|
|
64
69
|
<param pos="0" name="os.cpe23" value="cpe:/o:microsoft:windows:-"/>
|
|
65
70
|
</fingerprint>
|
|
71
|
+
|
|
66
72
|
<fingerprint pattern="^Kerio (?:Connect|MailServer)\s+(\d\.[\d.]+)\s+(?:(?:patch|RC) (\d)\s+)?NNTP server ready$">
|
|
67
73
|
<description>Kerio Connect NNTP</description>
|
|
68
74
|
<example service.version="9.2.3">Kerio Connect 9.2.3 NNTP server ready</example>
|
|
@@ -74,9 +80,11 @@
|
|
|
74
80
|
<param pos="1" name="service.version"/>
|
|
75
81
|
<param pos="2" name="service.version.version"/>
|
|
76
82
|
</fingerprint>
|
|
83
|
+
|
|
77
84
|
<fingerprint pattern="^NNTP server ready(?: \(no posting\))?$">
|
|
78
85
|
<description>Non-specific NNTP</description>
|
|
79
86
|
<example>NNTP server ready (no posting)</example>
|
|
80
87
|
<example>NNTP server ready</example>
|
|
81
88
|
</fingerprint>
|
|
82
|
-
|
|
89
|
+
|
|
90
|
+
</fingerprints>
|
data/xml/ntp_banners.xml
CHANGED
|
@@ -1,8 +1,9 @@
|
|
|
1
|
-
<?xml version=
|
|
1
|
+
<?xml version='1.0' encoding='UTF-8'?>
|
|
2
2
|
<fingerprints matches="ntp.readvar" protocol="ntp" database_type="service" preference="0.80">
|
|
3
3
|
<!--
|
|
4
4
|
NTP "banners", taken from a readvar response
|
|
5
5
|
-->
|
|
6
|
+
|
|
6
7
|
<fingerprint pattern="^.*version=Domain Time II (\S+),hostname=([^,]+),.*system=Win2003.*,processor=(\S+)" flags="REG_DOT_NEWLINE,REG_ICASE">
|
|
7
8
|
<description>Greyware Automation Products, Inc. Domain Time II on Windows Server 2003</description>
|
|
8
9
|
<example service.version="5.1.b.20100331R" os.arch="x64" host.name="blah">
|
|
@@ -21,6 +22,7 @@
|
|
|
21
22
|
<param pos="3" name="os.arch"/>
|
|
22
23
|
<param pos="0" name="os.cpe23" value="cpe:/o:microsoft:windows_server_2003:-"/>
|
|
23
24
|
</fingerprint>
|
|
25
|
+
|
|
24
26
|
<fingerprint pattern="^.*version=Domain Time II (\S+),hostname=([^,]+),.*system=Win2008R2.*,processor=(\S+)" flags="REG_DOT_NEWLINE,REG_ICASE">
|
|
25
27
|
<description>Greyware Automation Products, Inc. Domain Time II on Windows Server 2008 R2</description>
|
|
26
28
|
<example service.version="5.2.b.20120215R" os.arch="x64" host.name="blah">
|
|
@@ -32,10 +34,11 @@
|
|
|
32
34
|
<param pos="2" name="host.name"/>
|
|
33
35
|
<param pos="0" name="os.vendor" value="Microsoft"/>
|
|
34
36
|
<param pos="0" name="os.family" value="Windows"/>
|
|
35
|
-
<param pos="0" name="os.product" value="Windows 2008 R2"/>
|
|
37
|
+
<param pos="0" name="os.product" value="Windows Server 2008 R2"/>
|
|
36
38
|
<param pos="3" name="os.arch"/>
|
|
37
39
|
<param pos="0" name="os.cpe23" value="cpe:/o:microsoft:windows_server_2008:-"/>
|
|
38
40
|
</fingerprint>
|
|
41
|
+
|
|
39
42
|
<fingerprint pattern="^.*version=Domain Time II (\S+),hostname=([^,]+),.*system=Win2008.*,processor=(\S+)" flags="REG_DOT_NEWLINE,REG_ICASE">
|
|
40
43
|
<description>Greyware Automation Products, Inc. Domain Time II on Windows 2008</description>
|
|
41
44
|
<example service.version="5.2.b.20140303R" os.arch="x86" host.name="blah">
|
|
@@ -54,6 +57,7 @@
|
|
|
54
57
|
<param pos="3" name="os.arch"/>
|
|
55
58
|
<param pos="0" name="os.cpe23" value="cpe:/o:microsoft:windows_server_2008:-"/>
|
|
56
59
|
</fingerprint>
|
|
60
|
+
|
|
57
61
|
<fingerprint pattern="^.*version=Domain Time II (\S+),hostname=([^,]+),.*system=Win2012.*,processor=(\S+)" flags="REG_DOT_NEWLINE,REG_ICASE">
|
|
58
62
|
<description>Greyware Automation Products, Inc. Domain Time II on Windows Server 2012</description>
|
|
59
63
|
<example service.version="5.2.b.20140101R" os.arch="x64" host.name="blah">
|
|
@@ -69,6 +73,7 @@
|
|
|
69
73
|
<param pos="3" name="os.arch"/>
|
|
70
74
|
<param pos="0" name="os.cpe23" value="cpe:/o:microsoft:windows_server_2012:-"/>
|
|
71
75
|
</fingerprint>
|
|
76
|
+
|
|
72
77
|
<fingerprint pattern="^.*version=Domain Time II (\S+),hostname=([^,]+),.*system=Win7.*,processor=(\S+)" flags="REG_DOT_NEWLINE,REG_ICASE">
|
|
73
78
|
<description>Greyware Automation Products, Inc. Domain Time II on Windows 7</description>
|
|
74
79
|
<example service.version="5.2.b.20130405R" os.arch="x64" host.name="blah">
|
|
@@ -84,6 +89,7 @@
|
|
|
84
89
|
<param pos="3" name="os.arch"/>
|
|
85
90
|
<param pos="0" name="os.cpe23" value="cpe:/o:microsoft:windows_7:-"/>
|
|
86
91
|
</fingerprint>
|
|
92
|
+
|
|
87
93
|
<fingerprint pattern="^.*version="ntpd (\S+)[^"]+",.*system="Equallogic \(R\) storage array"" flags="REG_DOT_NEWLINE,REG_ICASE">
|
|
88
94
|
<description>ntpd running on an EqualLogic Storage Array that includes the NTP version</description>
|
|
89
95
|
<example>
|
|
@@ -100,6 +106,7 @@
|
|
|
100
106
|
<param pos="0" name="os.vendor" value="EqualLogic"/>
|
|
101
107
|
<param pos="0" name="os.product" value="Storage Array"/>
|
|
102
108
|
</fingerprint>
|
|
109
|
+
|
|
103
110
|
<fingerprint pattern="^.*system="Equallogic \(R\) storage array"" flags="REG_DOT_NEWLINE,REG_ICASE">
|
|
104
111
|
<description>ntpd running on an EqualLogic Storage Array that does not include the NTP version</description>
|
|
105
112
|
<example>
|
|
@@ -112,6 +119,7 @@
|
|
|
112
119
|
<param pos="0" name="os.vendor" value="EqualLogic"/>
|
|
113
120
|
<param pos="0" name="os.product" value="Storage Array"/>
|
|
114
121
|
</fingerprint>
|
|
122
|
+
|
|
115
123
|
<fingerprint pattern="^.*version="ntpd ([^ ]+)[^"]+",.*processor="([^ ]+)",.*system="Linux/(?:[^ ]+\.ESX)"" flags="REG_DOT_NEWLINE,REG_ICASE">
|
|
116
124
|
<description>ntpd running on VMware ESX</description>
|
|
117
125
|
<example service.version="4.2.2p1@1.1570-o" os.arch="x86_64">
|
|
@@ -127,6 +135,7 @@
|
|
|
127
135
|
<param pos="2" name="os.arch"/>
|
|
128
136
|
<param pos="0" name="os.cpe23" value="cpe:/o:vmware:esx:-"/>
|
|
129
137
|
</fingerprint>
|
|
138
|
+
|
|
130
139
|
<fingerprint pattern="^.*version="ntpd ([^ ]+)[^"]+",.*processor="([^ ]+)",.*system="Linux/?([^ ]+)"" flags="REG_DOT_NEWLINE,REG_ICASE">
|
|
131
140
|
<description>ntpd running on Linux</description>
|
|
132
141
|
<example>
|
|
@@ -143,6 +152,7 @@
|
|
|
143
152
|
<param pos="3" name="os.version"/>
|
|
144
153
|
<param pos="0" name="os.cpe23" value="cpe:/o:linux:linux_kernel:{os.version}"/>
|
|
145
154
|
</fingerprint>
|
|
155
|
+
|
|
146
156
|
<fingerprint pattern="^.*version="ntpd ([^ ]+)[^"]+",.*processor="([^"]+)",.*system="Darwin/?6\.([^"]+)"" flags="REG_DOT_NEWLINE,REG_ICASE">
|
|
147
157
|
<description>ntpd running on Mac OSX 10.2/Jaguar</description>
|
|
148
158
|
<example service.version="4.1.1@1.786" os.version.version="8">
|
|
@@ -160,6 +170,7 @@
|
|
|
160
170
|
<param pos="0" name="os.certainty" value="0.9"/>
|
|
161
171
|
<param pos="0" name="os.cpe23" value="cpe:/o:apple:mac_os_x:10.2"/>
|
|
162
172
|
</fingerprint>
|
|
173
|
+
|
|
163
174
|
<fingerprint pattern="^.*version="ntpd ([^ ]+)[^"]+",.*processor="([^"]+)",.*system="Darwin/?7\.([^"]+)"" flags="REG_DOT_NEWLINE,REG_ICASE">
|
|
164
175
|
<description>ntpd running on Mac OSX 10.3/Panther</description>
|
|
165
176
|
<param pos="0" name="service.family" value="NTP"/>
|
|
@@ -174,6 +185,7 @@
|
|
|
174
185
|
<param pos="0" name="os.certainty" value="0.9"/>
|
|
175
186
|
<param pos="0" name="os.cpe23" value="cpe:/o:apple:mac_os_x:10.3"/>
|
|
176
187
|
</fingerprint>
|
|
188
|
+
|
|
177
189
|
<fingerprint pattern="^.*version="ntpd ([^ ]+)[^"]+",.*processor="([^"]+)",.*system="Darwin/?8\.([^"]+)"" flags="REG_DOT_NEWLINE,REG_ICASE">
|
|
178
190
|
<description>ntpd running on Mac OSX 10.4/Tiger</description>
|
|
179
191
|
<example>
|
|
@@ -192,6 +204,7 @@
|
|
|
192
204
|
<param pos="0" name="os.certainty" value="0.9"/>
|
|
193
205
|
<param pos="0" name="os.cpe23" value="cpe:/o:apple:mac_os_x:10.4"/>
|
|
194
206
|
</fingerprint>
|
|
207
|
+
|
|
195
208
|
<fingerprint pattern="^.*version="ntpd ([^ ]+)[^"]+",.*processor="([^"]+)",.*system="Darwin/?9\.([^"]+)"" flags="REG_DOT_NEWLINE,REG_ICASE">
|
|
196
209
|
<description>ntpd running on Mac OSX 10.5/Leopard</description>
|
|
197
210
|
<example>
|
|
@@ -210,6 +223,7 @@
|
|
|
210
223
|
<param pos="0" name="os.certainty" value="0.9"/>
|
|
211
224
|
<param pos="0" name="os.cpe23" value="cpe:/o:apple:mac_os_x:10.5"/>
|
|
212
225
|
</fingerprint>
|
|
226
|
+
|
|
213
227
|
<fingerprint pattern="^.*version="ntpd ([^ ]+)[^"]+",.*processor="([^"]+)",.*system="Darwin/?10\.([^"]+)"" flags="REG_DOT_NEWLINE,REG_ICASE">
|
|
214
228
|
<description>ntpd running on Mac OSX 10.6/Snow Leopard</description>
|
|
215
229
|
<example>
|
|
@@ -228,6 +242,7 @@
|
|
|
228
242
|
<param pos="0" name="os.certainty" value="0.9"/>
|
|
229
243
|
<param pos="0" name="os.cpe23" value="cpe:/o:apple:mac_os_x:10.6"/>
|
|
230
244
|
</fingerprint>
|
|
245
|
+
|
|
231
246
|
<fingerprint pattern="^.*processor="([^"]+)".*system="BSD/OS([\d.]+)"" flags="REG_DOT_NEWLINE,REG_ICASE">
|
|
232
247
|
<description>BSD/OS with a version and arch</description>
|
|
233
248
|
<example os.arch="i386" os.version="4.3.1">
|
|
@@ -238,6 +253,7 @@
|
|
|
238
253
|
<param pos="1" name="os.arch"/>
|
|
239
254
|
<param pos="2" name="os.version"/>
|
|
240
255
|
</fingerprint>
|
|
256
|
+
|
|
241
257
|
<fingerprint pattern="^.*system="BSD/OS"" flags="REG_DOT_NEWLINE,REG_ICASE">
|
|
242
258
|
<description>BSD/OS without a version or arch</description>
|
|
243
259
|
<example>
|
|
@@ -246,6 +262,7 @@
|
|
|
246
262
|
<param pos="0" name="os.vendor" value="Berkeley Software Design Inc."/>
|
|
247
263
|
<param pos="0" name="os.product" value="BSD/OS"/>
|
|
248
264
|
</fingerprint>
|
|
265
|
+
|
|
249
266
|
<fingerprint pattern="^.*version="ntpd ([^ ]+)[^"]+",.*processor="([^"]+)",.*system="Darwin/?11\.([^"]+)"" flags="REG_DOT_NEWLINE,REG_ICASE">
|
|
250
267
|
<description>ntpd running on Mac OSX 10.7/Lion</description>
|
|
251
268
|
<example>
|
|
@@ -264,6 +281,7 @@
|
|
|
264
281
|
<param pos="0" name="os.certainty" value="0.9"/>
|
|
265
282
|
<param pos="0" name="os.cpe23" value="cpe:/o:apple:mac_os_x:10.7"/>
|
|
266
283
|
</fingerprint>
|
|
284
|
+
|
|
267
285
|
<fingerprint pattern="^.*version="ntpd ([^ ]+)[^"]+",.*processor="([^"]+)",.*system="Darwin/?12\.([^"]+)"" flags="REG_DOT_NEWLINE,REG_ICASE">
|
|
268
286
|
<description>ntpd running on Mac OSX 10.8/Mountain Lion</description>
|
|
269
287
|
<example service.version="4.2.6@1.2089-o" os.arch="x86_64" os.version.version="1.0">
|
|
@@ -282,6 +300,7 @@
|
|
|
282
300
|
<param pos="0" name="os.certainty" value="0.9"/>
|
|
283
301
|
<param pos="0" name="os.cpe23" value="cpe:/o:apple:mac_os_x:10.8"/>
|
|
284
302
|
</fingerprint>
|
|
303
|
+
|
|
285
304
|
<fingerprint pattern="^.*version="ntpd ([^ ]+)[^"]+",.*processor="([^"]+)",.*system="Darwin/?13\.([^"]+)"" flags="REG_DOT_NEWLINE,REG_ICASE">
|
|
286
305
|
<description>ntpd running on Mac OSX 10.9/Mavericks</description>
|
|
287
306
|
<example service.version="4.2.6@1.2089-o" os.arch="x86_64" os.version.version="4.0">
|
|
@@ -300,6 +319,7 @@
|
|
|
300
319
|
<param pos="0" name="os.certainty" value="0.9"/>
|
|
301
320
|
<param pos="0" name="os.cpe23" value="cpe:/o:apple:mac_os_x:10.9"/>
|
|
302
321
|
</fingerprint>
|
|
322
|
+
|
|
303
323
|
<fingerprint pattern="^.*version="ntpd ([^ ]+)[^"]+",.*processor="([^"]+)",.*system="Darwin/?14\.([^"]+)"" flags="REG_DOT_NEWLINE,REG_ICASE">
|
|
304
324
|
<description>ntpd running on Mac OSX 10.10/Yosemite</description>
|
|
305
325
|
<example service.version="4.2.6@1.2089-o" os.arch="x86_64" os.version.version="3.0">
|
|
@@ -318,20 +338,30 @@
|
|
|
318
338
|
<param pos="0" name="os.certainty" value="0.9"/>
|
|
319
339
|
<param pos="0" name="os.cpe23" value="cpe:/o:apple:mac_os_x:10.10"/>
|
|
320
340
|
</fingerprint>
|
|
321
|
-
|
|
341
|
+
|
|
342
|
+
<fingerprint pattern="^.*version="ntpd ([^ p]+)(:?p[^ "]+)?[^"]+",.*processor="([^ ]+)",.*system="FreeBSD/?(?:[^ ]+-NETSCALER-([^ ]+))"" flags="REG_DOT_NEWLINE,REG_ICASE">
|
|
322
343
|
<description>ntpd running on Citrix Netscaler, which is based on FreeBSD</description>
|
|
323
|
-
<example>
|
|
344
|
+
<example service.version="4.2.6" service.version.version="p2@1.2194" os.arch="i386" os.version="9.3">
|
|
324
345
|
version="ntpd 4.2.6p2@1.2194 Wed Nov 24 15:54:11 UTC 2010 (1)",
|
|
325
346
|
processor="i386", system="FreeBSD/6.3-NETSCALER-9.3", leap=00, stratum=3,
|
|
326
347
|
</example>
|
|
327
|
-
<
|
|
328
|
-
|
|
348
|
+
<example service.version="4.2.6" service.version.version="p3-a" os.arch="amd64" os.version="10.5">
|
|
349
|
+
version="ntpd 4.2.6p3-a (1)", processor="amd64", system="FreeBSD/8.4-NETSCALER-10.5",
|
|
350
|
+
leap=3, stratum=16, precision=-21, rootdelay=0.000, rootdisp=1264777.230,
|
|
351
|
+
</example>
|
|
329
352
|
<param pos="1" name="service.version"/>
|
|
353
|
+
<param pos="2" name="service.version.version"/>
|
|
354
|
+
<param pos="0" name="service.vendor" value="NTP"/>
|
|
355
|
+
<param pos="0" name="service.product" value="NTP"/>
|
|
356
|
+
<param pos="0" name="service.cpe23" value="cpe:/a:ntp:ntp:{service.version}"/>
|
|
330
357
|
<param pos="0" name="os.vendor" value="Citrix"/>
|
|
358
|
+
<param pos="0" name="os.family" value="NetScaler"/>
|
|
359
|
+
<param pos="0" name="os.device" value="Network Management Device"/>
|
|
331
360
|
<param pos="0" name="os.product" value="NetScaler"/>
|
|
332
|
-
<param pos="
|
|
333
|
-
<param pos="
|
|
361
|
+
<param pos="3" name="os.arch"/>
|
|
362
|
+
<param pos="4" name="os.version"/>
|
|
334
363
|
</fingerprint>
|
|
364
|
+
|
|
335
365
|
<fingerprint pattern="^.*version="ntpd ([^ ]+)[^"]+",.*processor="([^ ]+)",.*system="FreeBSD/?([^ ]+)"" flags="REG_DOT_NEWLINE,REG_ICASE">
|
|
336
366
|
<description>ntpd running on FreeBSD</description>
|
|
337
367
|
<example>
|
|
@@ -348,6 +378,7 @@
|
|
|
348
378
|
<param pos="3" name="os.version"/>
|
|
349
379
|
<param pos="0" name="os.cpe23" value="cpe:/o:freebsd:freebsd:{os.version}"/>
|
|
350
380
|
</fingerprint>
|
|
381
|
+
|
|
351
382
|
<fingerprint pattern="^.*processor="([^ ]+)",.*system="FreeBSD/?([^ ]+)"" flags="REG_DOT_NEWLINE,REG_ICASE">
|
|
352
383
|
<description>ntp without a version on FreeBSD</description>
|
|
353
384
|
<example os.arch="i386" os.version="4.1-RELEASE">
|
|
@@ -363,6 +394,7 @@
|
|
|
363
394
|
<param pos="2" name="os.version"/>
|
|
364
395
|
<param pos="0" name="os.cpe23" value="cpe:/o:freebsd:freebsd:{os.version}"/>
|
|
365
396
|
</fingerprint>
|
|
397
|
+
|
|
366
398
|
<fingerprint pattern="^.*version="ntpd ([^ ]+)[^"]+",.*processor="([^ ]+)",.*system="NetBSD/?([^ ]+)"" flags="REG_DOT_NEWLINE,REG_ICASE">
|
|
367
399
|
<description>ntpd running on NetBSD</description>
|
|
368
400
|
<example>
|
|
@@ -379,6 +411,7 @@
|
|
|
379
411
|
<param pos="3" name="os.version"/>
|
|
380
412
|
<param pos="0" name="os.cpe23" value="cpe:/o:netbsd:netbsd:{os.version}"/>
|
|
381
413
|
</fingerprint>
|
|
414
|
+
|
|
382
415
|
<fingerprint pattern="^.*processor="([^ ]+)",.*system="NetBSD/?([^ ]+)"" flags="REG_DOT_NEWLINE,REG_ICASE">
|
|
383
416
|
<description>ntpd running on NetBSD - variant 2</description>
|
|
384
417
|
<example os.arch="i386" os.version="1.5.3">
|
|
@@ -421,6 +454,7 @@
|
|
|
421
454
|
<param pos="2" name="os.version"/>
|
|
422
455
|
<param pos="0" name="os.cpe23" value="cpe:/o:netbsd:netbsd:{os.version}"/>
|
|
423
456
|
</fingerprint>
|
|
457
|
+
|
|
424
458
|
<fingerprint pattern="^.*system="NetWare"" flags="REG_DOT_NEWLINE,REG_ICASE">
|
|
425
459
|
<description>NetWare</description>
|
|
426
460
|
<example>
|
|
@@ -431,6 +465,7 @@
|
|
|
431
465
|
<param pos="0" name="os.product" value="NetWare"/>
|
|
432
466
|
<param pos="0" name="os.cpe23" value="cpe:/o:novell:netware:-"/>
|
|
433
467
|
</fingerprint>
|
|
468
|
+
|
|
434
469
|
<fingerprint pattern="^.*version="ntpd ([^ ]+)[^"]+",.*processor="([^ ]+)",.*system="SunOS/?5.0"" flags="REG_DOT_NEWLINE,REG_ICASE">
|
|
435
470
|
<description>ntpd running on Solaris 2.0 (SunOS/5.0) </description>
|
|
436
471
|
<example service.version="4.2.0@1.1161-r" os.arch="sun4u">
|
|
@@ -451,6 +486,7 @@
|
|
|
451
486
|
<param pos="2" name="os.arch"/>
|
|
452
487
|
<param pos="0" name="os.cpe23" value="cpe:/o:sun:solaris:2.0"/>
|
|
453
488
|
</fingerprint>
|
|
489
|
+
|
|
454
490
|
<fingerprint pattern="^.*version="ntpd ([^ ]+)[^"]+",.*processor="([^ ]+)",.*system="SunOS/?5.1"" flags="REG_DOT_NEWLINE,REG_ICASE">
|
|
455
491
|
<description> ntpd running on Solaris 2.1 (SunOS/5.1) </description>
|
|
456
492
|
<example service.version="4.2.0@1.1161-r" os.arch="sun4u">
|
|
@@ -471,6 +507,7 @@
|
|
|
471
507
|
<param pos="2" name="os.arch"/>
|
|
472
508
|
<param pos="0" name="os.cpe23" value="cpe:/o:sun:solaris:2.1"/>
|
|
473
509
|
</fingerprint>
|
|
510
|
+
|
|
474
511
|
<fingerprint pattern="^.*version="ntpd ([^ ]+)[^"]+",.*processor="([^ ]+)",.*system="SunOS/?5.2"" flags="REG_DOT_NEWLINE,REG_ICASE">
|
|
475
512
|
<description> ntpd running on Solaris 2.2 (SunOS/5.2) </description>
|
|
476
513
|
<example service.version="4.2.0@1.1161-r" os.arch="sun4u">
|
|
@@ -491,6 +528,7 @@
|
|
|
491
528
|
<param pos="2" name="os.arch"/>
|
|
492
529
|
<param pos="0" name="os.cpe23" value="cpe:/o:sun:solaris:2.2"/>
|
|
493
530
|
</fingerprint>
|
|
531
|
+
|
|
494
532
|
<fingerprint pattern="^.*version="ntpd ([^ ]+)[^"]+",.*processor="([^ ]+)",.*system="SunOS/?5.3"" flags="REG_DOT_NEWLINE,REG_ICASE">
|
|
495
533
|
<description> ntpd running on Solaris 2.3 (SunOS/5.3) </description>
|
|
496
534
|
<example service.version="4.2.0@1.1161-r" os.arch="sun4u">
|
|
@@ -511,6 +549,7 @@
|
|
|
511
549
|
<param pos="2" name="os.arch"/>
|
|
512
550
|
<param pos="0" name="os.cpe23" value="cpe:/o:sun:solaris:2.3"/>
|
|
513
551
|
</fingerprint>
|
|
552
|
+
|
|
514
553
|
<fingerprint pattern="^.*version="ntpd ([^ ]+)[^"]+",.*processor="([^ ]+)",.*system="SunOS/?5.4"" flags="REG_DOT_NEWLINE,REG_ICASE">
|
|
515
554
|
<description>ntpd running on Solaris 2.4 (SunOS/5.4) </description>
|
|
516
555
|
<example service.version="4.2.0@1.1161-r" os.arch="sun4u">
|
|
@@ -531,6 +570,7 @@
|
|
|
531
570
|
<param pos="2" name="os.arch"/>
|
|
532
571
|
<param pos="0" name="os.cpe23" value="cpe:/o:sun:solaris:2.4"/>
|
|
533
572
|
</fingerprint>
|
|
573
|
+
|
|
534
574
|
<fingerprint pattern="^.*version="ntpd ([^ ]+)[^"]+",.*processor="([^ ]+)",.*system="SunOS/?5.5"" flags="REG_DOT_NEWLINE,REG_ICASE">
|
|
535
575
|
<description>ntpd running on Solaris 2.5 (SunOS/5.5) </description>
|
|
536
576
|
<example service.version="4.2.0@1.1161-r" os.arch="sun4u">
|
|
@@ -551,6 +591,7 @@
|
|
|
551
591
|
<param pos="2" name="os.arch"/>
|
|
552
592
|
<param pos="0" name="os.cpe23" value="cpe:/o:sun:solaris:2.5"/>
|
|
553
593
|
</fingerprint>
|
|
594
|
+
|
|
554
595
|
<fingerprint pattern="^.*version="ntpd ([^ ]+)[^"]+",.*processor="([^ ]+)",.*system="SunOS/?5.6"" flags="REG_DOT_NEWLINE,REG_ICASE">
|
|
555
596
|
<description>ntpd running on Solaris 2.6 (SunOS/5.6) </description>
|
|
556
597
|
<example service.version="4.2.0@1.1161-r" os.arch="sun4u">
|
|
@@ -571,6 +612,7 @@
|
|
|
571
612
|
<param pos="2" name="os.arch"/>
|
|
572
613
|
<param pos="0" name="os.cpe23" value="cpe:/o:sun:solaris:2.6"/>
|
|
573
614
|
</fingerprint>
|
|
615
|
+
|
|
574
616
|
<fingerprint pattern="^.*version="ntpd ([^ ]+)[^"]+",.*processor="([^ ]+)",.*system="SunOS/?5.(1[1-9])"" flags="REG_DOT_NEWLINE,REG_ICASE">
|
|
575
617
|
<description>ntpd running on Solaris 11 or above (SunOS/5.11 and above) </description>
|
|
576
618
|
<example service.version="4.2.0@1.1161-r" os.arch="sun4u" os.version="11">
|
|
@@ -591,6 +633,7 @@
|
|
|
591
633
|
<param pos="3" name="os.version"/>
|
|
592
634
|
<param pos="0" name="os.cpe23" value="cpe:/o:oracle:solaris:{os.version}"/>
|
|
593
635
|
</fingerprint>
|
|
636
|
+
|
|
594
637
|
<fingerprint pattern="^.*version="ntpd ([^ ]+)[^"]+",.*processor="([^ ]+)",.*system="SunOS/?5.([789]|10)"" flags="REG_DOT_NEWLINE,REG_ICASE">
|
|
595
638
|
<description>ntpd running on Solaris 7-Solaris 10 (SunOS/5.7 - SunOS/5.10) </description>
|
|
596
639
|
<example service.version="4.2.0@1.1161-r" os.arch="sun4u" os.version="7">
|
|
@@ -619,6 +662,7 @@
|
|
|
619
662
|
<param pos="3" name="os.version"/>
|
|
620
663
|
<param pos="0" name="os.cpe23" value="cpe:/o:sun:solaris:{os.version}"/>
|
|
621
664
|
</fingerprint>
|
|
665
|
+
|
|
622
666
|
<fingerprint pattern="^.*processor="([^ ]+)",.*system="SunOS/?5.0"" flags="REG_DOT_NEWLINE,REG_ICASE">
|
|
623
667
|
<description>Solaris 2.0 (SunOS/5.0) with no ntp version</description>
|
|
624
668
|
<example os.arch="sun4m">
|
|
@@ -634,6 +678,7 @@
|
|
|
634
678
|
<param pos="1" name="os.arch"/>
|
|
635
679
|
<param pos="0" name="os.cpe23" value="cpe:/o:sun:solaris:2.0"/>
|
|
636
680
|
</fingerprint>
|
|
681
|
+
|
|
637
682
|
<fingerprint pattern="^.*processor="([^ ]+)",.*system="SunOS/?5.1"" flags="REG_DOT_NEWLINE,REG_ICASE">
|
|
638
683
|
<description>Solaris 2.1 (SunOS/5.1) with no ntp version</description>
|
|
639
684
|
<example os.arch="sun4m">
|
|
@@ -649,6 +694,7 @@
|
|
|
649
694
|
<param pos="1" name="os.arch"/>
|
|
650
695
|
<param pos="0" name="os.cpe23" value="cpe:/o:sun:solaris:2.1"/>
|
|
651
696
|
</fingerprint>
|
|
697
|
+
|
|
652
698
|
<fingerprint pattern="^.*processor="([^ ]+)",.*system="SunOS/?5.2"" flags="REG_DOT_NEWLINE,REG_ICASE">
|
|
653
699
|
<description>Solaris 2.2 (SunOS/5.2) with no ntp version</description>
|
|
654
700
|
<example os.arch="sun4m">
|
|
@@ -664,6 +710,7 @@
|
|
|
664
710
|
<param pos="1" name="os.arch"/>
|
|
665
711
|
<param pos="0" name="os.cpe23" value="cpe:/o:sun:solaris:2.2"/>
|
|
666
712
|
</fingerprint>
|
|
713
|
+
|
|
667
714
|
<fingerprint pattern="^.*processor="([^ ]+)",.*system="SunOS/?5.3"" flags="REG_DOT_NEWLINE,REG_ICASE">
|
|
668
715
|
<description>Solaris 2.3 (SunOS/5.3) with no ntp version</description>
|
|
669
716
|
<example os.arch="sun4m">
|
|
@@ -679,6 +726,7 @@
|
|
|
679
726
|
<param pos="1" name="os.arch"/>
|
|
680
727
|
<param pos="0" name="os.cpe23" value="cpe:/o:sun:solaris:2.3"/>
|
|
681
728
|
</fingerprint>
|
|
729
|
+
|
|
682
730
|
<fingerprint pattern="^.*processor="([^ ]+)",.*system="SunOS/?5.4"" flags="REG_DOT_NEWLINE,REG_ICASE">
|
|
683
731
|
<description>Solaris 2.4 (SunOS/5.4) with no ntp version</description>
|
|
684
732
|
<example os.arch="sun4m">
|
|
@@ -694,6 +742,7 @@
|
|
|
694
742
|
<param pos="1" name="os.arch"/>
|
|
695
743
|
<param pos="0" name="os.cpe23" value="cpe:/o:sun:solaris:2.4"/>
|
|
696
744
|
</fingerprint>
|
|
745
|
+
|
|
697
746
|
<fingerprint pattern="^.*processor="([^ ]+)",.*system="SunOS/?5.5"" flags="REG_DOT_NEWLINE,REG_ICASE">
|
|
698
747
|
<description>Solaris 2.5 (SunOS/5.5) with no ntp version</description>
|
|
699
748
|
<example os.arch="sun4m">
|
|
@@ -709,6 +758,7 @@
|
|
|
709
758
|
<param pos="1" name="os.arch"/>
|
|
710
759
|
<param pos="0" name="os.cpe23" value="cpe:/o:sun:solaris:2.5"/>
|
|
711
760
|
</fingerprint>
|
|
761
|
+
|
|
712
762
|
<fingerprint pattern="^.*processor="([^ ]+)",.*system="SunOS/?5.6"" flags="REG_DOT_NEWLINE,REG_ICASE">
|
|
713
763
|
<description>Solaris 2.6 (SunOS/5.6) with no ntp version</description>
|
|
714
764
|
<example os.arch="sun4m">
|
|
@@ -724,6 +774,7 @@
|
|
|
724
774
|
<param pos="1" name="os.arch"/>
|
|
725
775
|
<param pos="0" name="os.cpe23" value="cpe:/o:sun:solaris:2.6"/>
|
|
726
776
|
</fingerprint>
|
|
777
|
+
|
|
727
778
|
<fingerprint pattern="^.*processor="([^ ]+)",.*system="SunOS/?5.([789]|10)"" flags="REG_DOT_NEWLINE,REG_ICASE">
|
|
728
779
|
<description>Solaris 7-10 (SunOS/5.7 - SunOS/5.10) with no ntp version</description>
|
|
729
780
|
<example os.arch="sun4m" os.version="7">
|
|
@@ -745,6 +796,7 @@
|
|
|
745
796
|
<param pos="2" name="os.version"/>
|
|
746
797
|
<param pos="0" name="os.cpe23" value="cpe:/o:sun:solaris:{os.version}"/>
|
|
747
798
|
</fingerprint>
|
|
799
|
+
|
|
748
800
|
<fingerprint pattern="^.*processor="([^ ]+)",.*system="SunOS/?5.(1[1-9])"" flags="REG_DOT_NEWLINE,REG_ICASE">
|
|
749
801
|
<description>Solaris 11 and up with no ntp version</description>
|
|
750
802
|
<example os.arch="sun4m" os.version="11">
|
|
@@ -760,6 +812,7 @@
|
|
|
760
812
|
<param pos="2" name="os.version"/>
|
|
761
813
|
<param pos="0" name="os.cpe23" value="cpe:/o:oracle:solaris:{os.version}"/>
|
|
762
814
|
</fingerprint>
|
|
815
|
+
|
|
763
816
|
<fingerprint pattern="^.*system="UNIX/SunOS ([^ ]+)"" flags="REG_DOT_NEWLINE,REG_ICASE">
|
|
764
817
|
<description>SunOS with no ntp version</description>
|
|
765
818
|
<example>
|
|
@@ -771,6 +824,7 @@
|
|
|
771
824
|
<param pos="1" name="os.version"/>
|
|
772
825
|
<param pos="0" name="os.cpe23" value="cpe:/o:sun:solaris:{os.version}"/>
|
|
773
826
|
</fingerprint>
|
|
827
|
+
|
|
774
828
|
<fingerprint pattern="^.*version="ntpd ([^ ]+)[^"]+",.*processor="([^ ]+)",.*system="JUNOS/?([^ ]+)"" flags="REG_DOT_NEWLINE,REG_ICASE">
|
|
775
829
|
<description>ntpd running on Juniper/Netscreen JunOS</description>
|
|
776
830
|
<example>
|
|
@@ -787,6 +841,7 @@
|
|
|
787
841
|
<param pos="3" name="os.version"/>
|
|
788
842
|
<param pos="0" name="os.cpe23" value="cpe:/o:juniper:junos:{os.version}"/>
|
|
789
843
|
</fingerprint>
|
|
844
|
+
|
|
790
845
|
<fingerprint pattern="processor="([^ ]+)",.*system="JUNOS/?([^ ]+)"" flags="REG_DOT_NEWLINE,REG_ICASE">
|
|
791
846
|
<description>Juniper/Netscreen JunOS NTP without a version</description>
|
|
792
847
|
<example os.arch="i386" os.version="7.0R2.7">processor="i386", system="JUNOS7.0R2.7", leap=0, stratum=3</example>
|
|
@@ -799,6 +854,7 @@
|
|
|
799
854
|
<param pos="2" name="os.version"/>
|
|
800
855
|
<param pos="0" name="os.cpe23" value="cpe:/o:juniper:junos:{os.version}"/>
|
|
801
856
|
</fingerprint>
|
|
857
|
+
|
|
802
858
|
<fingerprint pattern="^.*version="ntpd ([^ ]+)[^"]+",.*processor="([^ ]+)",.*system="Windows/?([^ ]+)?"" flags="REG_DOT_NEWLINE,REG_ICASE">
|
|
803
859
|
<description>ntpd running on Windows</description>
|
|
804
860
|
<example>
|
|
@@ -819,6 +875,7 @@
|
|
|
819
875
|
<param pos="3" name="os.version"/>
|
|
820
876
|
<param pos="0" name="os.cpe23" value="cpe:/o:microsoft:windows:{os.version}"/>
|
|
821
877
|
</fingerprint>
|
|
878
|
+
|
|
822
879
|
<fingerprint pattern="^.*version="ntpd ([^ ]+)[^"]+",.*processor="([^ ]+)",.*system="HP-UX/?([^ ]+)?"" flags="REG_DOT_NEWLINE,REG_ICASE">
|
|
823
880
|
<description>ntpd running on HP-UX</description>
|
|
824
881
|
<example>
|
|
@@ -835,6 +892,7 @@
|
|
|
835
892
|
<param pos="3" name="os.version"/>
|
|
836
893
|
<param pos="0" name="os.cpe23" value="cpe:/o:hp:hp-ux:{os.version}"/>
|
|
837
894
|
</fingerprint>
|
|
895
|
+
|
|
838
896
|
<fingerprint pattern="^.*version="ntpd ([^ ]+)[^"]+",.*processor=,.*system="HP-UX/"" flags="REG_DOT_NEWLINE,REG_ICASE">
|
|
839
897
|
<description>ntpd running on HP-UX with an empty processor</description>
|
|
840
898
|
<example service.version="4.2.6">
|
|
@@ -849,6 +907,7 @@
|
|
|
849
907
|
<param pos="0" name="os.product" value="HP-UX"/>
|
|
850
908
|
<param pos="0" name="os.cpe23" value="cpe:/o:hp:hp-ux:-"/>
|
|
851
909
|
</fingerprint>
|
|
910
|
+
|
|
852
911
|
<fingerprint pattern="^.*version="ntpd ([^ ]+)[^"]+",.*processor="[^ ]+",.*system="([^ ]+)-hp-hpux([^ ]+)"" flags="REG_DOT_NEWLINE,REG_ICASE">
|
|
853
912
|
<description>ntpd running on HP-UX, where the processor is in the 'system' variable</description>
|
|
854
913
|
<example>
|
|
@@ -865,6 +924,7 @@
|
|
|
865
924
|
<param pos="3" name="os.version"/>
|
|
866
925
|
<param pos="0" name="os.cpe23" value="cpe:/o:hp:hp-ux:{os.version}"/>
|
|
867
926
|
</fingerprint>
|
|
927
|
+
|
|
868
928
|
<fingerprint pattern="^.*version="ntpd ([^ ]+)[^"]+",.*processor="([^ ]+)",.*system="VMkernel/?([^ ]+)?"" flags="REG_DOT_NEWLINE,REG_ICASE">
|
|
869
929
|
<description>ntpd running on VMware ESXi</description>
|
|
870
930
|
<example>
|
|
@@ -881,6 +941,7 @@
|
|
|
881
941
|
<param pos="3" name="os.version"/>
|
|
882
942
|
<param pos="0" name="os.cpe23" value="cpe:/o:vmware:esxi:{os.version}"/>
|
|
883
943
|
</fingerprint>
|
|
944
|
+
|
|
884
945
|
<fingerprint pattern=".*processor="([^ ]+)",.*system="OSF1[/V]?([^ ]+)"" flags="REG_DOT_NEWLINE,REG_ICASE">
|
|
885
946
|
<description>ntpd running on OSF/1</description>
|
|
886
947
|
<example os.arch="alpha" os.version="4.0">
|
|
@@ -893,6 +954,7 @@
|
|
|
893
954
|
<param pos="2" name="os.version"/>
|
|
894
955
|
<param pos="1" name="os.arch"/>
|
|
895
956
|
</fingerprint>
|
|
957
|
+
|
|
896
958
|
<fingerprint pattern=".*system="UNIX/DECOSF1"" flags="REG_DOT_NEWLINE,REG_ICASE">
|
|
897
959
|
<description>DEC OSF/1</description>
|
|
898
960
|
<example>
|
|
@@ -901,6 +963,7 @@
|
|
|
901
963
|
<param pos="0" name="os.vendor" value="DEC"/>
|
|
902
964
|
<param pos="0" name="os.product" value="OSF/1"/>
|
|
903
965
|
</fingerprint>
|
|
966
|
+
|
|
904
967
|
<fingerprint pattern="^.*system="Linux"" flags="REG_DOT_NEWLINE,REG_ICASE">
|
|
905
968
|
<description>Linux with NTP enabled, no processor/version</description>
|
|
906
969
|
<example>
|
|
@@ -913,6 +976,7 @@
|
|
|
913
976
|
<param pos="0" name="service.family" value="NTP"/>
|
|
914
977
|
<param pos="0" name="service.product" value="NTP"/>
|
|
915
978
|
</fingerprint>
|
|
979
|
+
|
|
916
980
|
<fingerprint pattern="^.*system="UNIX/AIX"" flags="REG_DOT_NEWLINE,REG_ICASE">
|
|
917
981
|
<description>AIX with NTP enabled, no processor/version</description>
|
|
918
982
|
<example>
|
|
@@ -926,6 +990,7 @@
|
|
|
926
990
|
<param pos="0" name="service.product" value="NTP"/>
|
|
927
991
|
<param pos="0" name="service.vendor" value="IBM"/>
|
|
928
992
|
</fingerprint>
|
|
993
|
+
|
|
929
994
|
<fingerprint pattern="^.*system="SunOS"" flags="REG_DOT_NEWLINE,REG_ICASE">
|
|
930
995
|
<description>Solaris with NTP enabled, no processor/version</description>
|
|
931
996
|
<example>
|
|
@@ -939,6 +1004,7 @@
|
|
|
939
1004
|
<param pos="0" name="service.product" value="NTP"/>
|
|
940
1005
|
<param pos="0" name="service.vendor" value="Sun"/>
|
|
941
1006
|
</fingerprint>
|
|
1007
|
+
|
|
942
1008
|
<fingerprint pattern="^.*system="cisco"" flags="REG_DOT_NEWLINE,REG_ICASE">
|
|
943
1009
|
<description>Cisco IOS with NTP enabled</description>
|
|
944
1010
|
<example>
|
|
@@ -952,6 +1018,7 @@
|
|
|
952
1018
|
<param pos="0" name="service.product" value="NTP"/>
|
|
953
1019
|
<param pos="0" name="service.vendor" value="Cisco"/>
|
|
954
1020
|
</fingerprint>
|
|
1021
|
+
|
|
955
1022
|
<fingerprint pattern="^.*system="Data ONTAP/+(\S+)".*$" flags="REG_DOT_NEWLINE,REG_ICASE">
|
|
956
1023
|
<description>NetApp file servers</description>
|
|
957
1024
|
<example>
|
|
@@ -964,6 +1031,7 @@
|
|
|
964
1031
|
<param pos="1" name="os.version"/>
|
|
965
1032
|
<param pos="0" name="os.cpe23" value="cpe:/o:netapp:data_ontap:{os.version}"/>
|
|
966
1033
|
</fingerprint>
|
|
1034
|
+
|
|
967
1035
|
<fingerprint pattern="system="UNIX/HPUX"" flags="REG_ICASE">
|
|
968
1036
|
<description>Generic HPUX</description>
|
|
969
1037
|
<example>
|
|
@@ -977,6 +1045,7 @@
|
|
|
977
1045
|
<param pos="0" name="os.product" value="HP-UX"/>
|
|
978
1046
|
<param pos="0" name="os.cpe23" value="cpe:/o:hp:hp-ux:-"/>
|
|
979
1047
|
</fingerprint>
|
|
1048
|
+
|
|
980
1049
|
<fingerprint pattern="system="UNIX"" flags="REG_ICASE">
|
|
981
1050
|
<description>Generic UNIX</description>
|
|
982
1051
|
<example>
|
|
@@ -986,6 +1055,7 @@
|
|
|
986
1055
|
<param pos="0" name="os.product" value="UNIX"/>
|
|
987
1056
|
<param pos="0" name="os.certainty" value="0.5"/>
|
|
988
1057
|
</fingerprint>
|
|
1058
|
+
|
|
989
1059
|
<fingerprint pattern="system="VxWorks(?:/TORNADO)?"" flags="REG_ICASE">
|
|
990
1060
|
<description>Generic VxWorks</description>
|
|
991
1061
|
<example>
|
|
@@ -1001,6 +1071,7 @@
|
|
|
1001
1071
|
<param pos="0" name="os.product" value="VxWorks"/>
|
|
1002
1072
|
<param pos="0" name="os.cpe23" value="cpe:/o:windriver:vxworks:-"/>
|
|
1003
1073
|
</fingerprint>
|
|
1074
|
+
|
|
1004
1075
|
<fingerprint pattern="system="arm-wrs-vxworks"" flags="REG_ICASE">
|
|
1005
1076
|
<description>VxWorks ARM, cross-compiled on Linux</description>
|
|
1006
1077
|
<example>
|
|
@@ -1008,9 +1079,10 @@
|
|
|
1008
1079
|
</example>
|
|
1009
1080
|
<param pos="0" name="os.vendor" value="Wind River"/>
|
|
1010
1081
|
<param pos="0" name="os.product" value="VxWorks"/>
|
|
1011
|
-
<param pos="0" name="os.arch" value="
|
|
1082
|
+
<param pos="0" name="os.arch" value="ARM"/>
|
|
1012
1083
|
<param pos="0" name="os.cpe23" value="cpe:/o:windriver:vxworks:-"/>
|
|
1013
1084
|
</fingerprint>
|
|
1085
|
+
|
|
1014
1086
|
<fingerprint pattern="system="i386-wrs-vxworks"" flags="REG_ICASE">
|
|
1015
1087
|
<description>VxWorks x86, cross-compiled on Linux</description>
|
|
1016
1088
|
<example>
|
|
@@ -1018,9 +1090,10 @@
|
|
|
1018
1090
|
</example>
|
|
1019
1091
|
<param pos="0" name="os.vendor" value="Wind River"/>
|
|
1020
1092
|
<param pos="0" name="os.product" value="VxWorks"/>
|
|
1021
|
-
<param pos="0" name="os.arch" value="
|
|
1093
|
+
<param pos="0" name="os.arch" value="x86"/>
|
|
1022
1094
|
<param pos="0" name="os.cpe23" value="cpe:/o:windriver:vxworks:-"/>
|
|
1023
1095
|
</fingerprint>
|
|
1096
|
+
|
|
1024
1097
|
<fingerprint pattern="system="UNIX/Unixware([^ ]+)"" flags="REG_ICASE">
|
|
1025
1098
|
<description>SCO Unixware NTP</description>
|
|
1026
1099
|
<example>
|
|
@@ -1033,6 +1106,7 @@
|
|
|
1033
1106
|
<param pos="0" name="os.vendor" value="SCO"/>
|
|
1034
1107
|
<param pos="1" name="os.product"/>
|
|
1035
1108
|
</fingerprint>
|
|
1109
|
+
|
|
1036
1110
|
<fingerprint pattern="^.*processor="([^"]+)", system="SCO_SV([\d\.]+)"" flags="REG_DOT_NEWLINE,REG_ICASE">
|
|
1037
1111
|
<description>SCO Unixware NTP - SCO_SV variant</description>
|
|
1038
1112
|
<example os.version="3.2" os.arch="i386">
|
|
@@ -1043,6 +1117,7 @@
|
|
|
1043
1117
|
<param pos="1" name="os.arch"/>
|
|
1044
1118
|
<param pos="2" name="os.version"/>
|
|
1045
1119
|
</fingerprint>
|
|
1120
|
+
|
|
1046
1121
|
<fingerprint pattern="^.*version="ntpd ([^ ]+)[^"]+",.*\s*processor="([^ ]+)",.*system="SecureOS/([^ ]+)"" flags="REG_DOT_NEWLINE,REG_ICASE">
|
|
1047
1122
|
<description>McAfee Network Firewall Enterprise NTP (SecureOS)</description>
|
|
1048
1123
|
<example>
|
|
@@ -1069,6 +1144,7 @@
|
|
|
1069
1144
|
<param pos="2" name="os.arch"/>
|
|
1070
1145
|
<param pos="3" name="os.version"/>
|
|
1071
1146
|
</fingerprint>
|
|
1147
|
+
|
|
1072
1148
|
<fingerprint pattern="^.*processor="([^ ]+)".*system="Linux([^ ]+)"" flags="REG_DOT_NEWLINE,REG_ICASE">
|
|
1073
1149
|
<description>ntpd running on linux</description>
|
|
1074
1150
|
<example>
|
|
@@ -1095,6 +1171,7 @@
|
|
|
1095
1171
|
<param pos="2" name="os.version"/>
|
|
1096
1172
|
<param pos="0" name="os.cpe23" value="cpe:/o:linux:linux_kernel:{os.version}"/>
|
|
1097
1173
|
</fingerprint>
|
|
1174
|
+
|
|
1098
1175
|
<fingerprint pattern=".*version="ntpd (\S+)[^"]+",.*\s*processor="([^ ]+)".*system="Isilon OneFS/v([^ ]+)"" flags="REG_DOT_NEWLINE,REG_ICASE">
|
|
1099
1176
|
<description>Isilon OneFS NTP Server</description>
|
|
1100
1177
|
<example>
|
|
@@ -1113,6 +1190,7 @@
|
|
|
1113
1190
|
<param pos="2" name="os.arch"/>
|
|
1114
1191
|
<param pos="3" name="os.version"/>
|
|
1115
1192
|
</fingerprint>
|
|
1193
|
+
|
|
1116
1194
|
<fingerprint pattern="system="IPSO"" flags="REG_DOT_NEWLINE,REG_ICASE">
|
|
1117
1195
|
<description>Nokia IPSO NTP</description>
|
|
1118
1196
|
<example>
|
|
@@ -1133,6 +1211,7 @@
|
|
|
1133
1211
|
<param pos="0" name="os.device" value="Firewall"/>
|
|
1134
1212
|
<param pos="0" name="os.cpe23" value="cpe:/o:nokia:ipso:-"/>
|
|
1135
1213
|
</fingerprint>
|
|
1214
|
+
|
|
1136
1215
|
<fingerprint pattern="system="UNIX/Solaris\s[^ ]+"" flags="REG_DOT_NEWLINE,REG_ICASE">
|
|
1137
1216
|
<description>Sun Solaris NTP</description>
|
|
1138
1217
|
<example>
|
|
@@ -1155,6 +1234,7 @@
|
|
|
1155
1234
|
<param pos="0" name="service.product" value="NTP"/>
|
|
1156
1235
|
<param pos="0" name="service.vendor" value="Sun"/>
|
|
1157
1236
|
</fingerprint>
|
|
1237
|
+
|
|
1158
1238
|
<fingerprint pattern="version="ntpd version = ([^ ]+)",\s*processor="([A-Z0-9]+)",\s*system="OpenVMS/V([A-Z0-9.-]+)" flags="REG_DOT_NEWLINE,REG_ICASE">
|
|
1159
1239
|
<description>OpenVMS NTP Server</description>
|
|
1160
1240
|
<example service.version="4.2.0" os.arch="PHMNFP" os.version="8.3">
|
|
@@ -1181,6 +1261,7 @@
|
|
|
1181
1261
|
<param pos="3" name="os.version"/>
|
|
1182
1262
|
<param pos="0" name="os.cpe23" value="cpe:/o:hp:openvms:{os.version}"/>
|
|
1183
1263
|
</fingerprint>
|
|
1264
|
+
|
|
1184
1265
|
<fingerprint pattern="version="ntpd version = ([^ ]+)",\s*processor="unknown",\s*system="OpenVMS AXP"" flags="REG_DOT_NEWLINE,REG_ICASE">
|
|
1185
1266
|
<description>OpenVMS AXP (Alpha) NTP Server</description>
|
|
1186
1267
|
<example service.version="4.1.0" os.arch="Alpha">
|
|
@@ -1193,6 +1274,7 @@
|
|
|
1193
1274
|
<param pos="0" name="os.product" value="OpenVMS"/>
|
|
1194
1275
|
<param pos="0" name="os.arch" value="Alpha"/>
|
|
1195
1276
|
</fingerprint>
|
|
1277
|
+
|
|
1196
1278
|
<fingerprint pattern=".*version="ntpd ([^ ]+)[^"]+",\s*processor="([^ ]+)",\s*system="BIG-IPBIG-IP\s+([^"]+)"" flags="REG_DOT_NEWLINE,REG_ICASE">
|
|
1197
1279
|
<description>F5 Big-IP Load Balancers NTP</description>
|
|
1198
1280
|
<example service.version="4.1.1a@1.791" os.arch="i386" os.version="4.5PTF-0">
|
|
@@ -1211,6 +1293,7 @@
|
|
|
1211
1293
|
<param pos="2" name="os.arch"/>
|
|
1212
1294
|
<param pos="3" name="os.version"/>
|
|
1213
1295
|
</fingerprint>
|
|
1296
|
+
|
|
1214
1297
|
<fingerprint pattern=".*version="ntpd ([^ ]+)[^"]+",\s*processor,\s*system="/"" flags="REG_DOT_NEWLINE,REG_ICASE">
|
|
1215
1298
|
<description>NTP on an unknown system</description>
|
|
1216
1299
|
<example service.version="4.2.6p2-RC4@1.2180-o">
|
|
@@ -1220,4 +1303,5 @@
|
|
|
1220
1303
|
<param pos="0" name="service.product" value="NTP"/>
|
|
1221
1304
|
<param pos="1" name="service.version"/>
|
|
1222
1305
|
</fingerprint>
|
|
1223
|
-
|
|
1306
|
+
|
|
1307
|
+
</fingerprints>
|