recog 2.3.7 → 2.3.12

Sign up to get free protection for your applications and to get access to all the features.
Files changed (81) hide show
  1. checksums.yaml +4 -4
  2. data/.gitignore +9 -2
  3. data/.ruby-gemset +1 -0
  4. data/.ruby-version +1 -0
  5. data/.travis.yml +2 -4
  6. data/CONTRIBUTING.md +136 -37
  7. data/Gemfile +2 -5
  8. data/README.md +18 -16
  9. data/bin/recog_cleanup +16 -0
  10. data/bin/recog_standardize +142 -0
  11. data/cpe-remap.yaml +36 -1
  12. data/features/match.feature +4 -0
  13. data/features/support/aruba.rb +3 -0
  14. data/features/verify.feature +5 -0
  15. data/identifiers/README.md +56 -0
  16. data/identifiers/hw_device.txt +77 -0
  17. data/identifiers/hw_family.txt +96 -0
  18. data/identifiers/hw_product.txt +328 -0
  19. data/identifiers/os_architecture.txt +20 -0
  20. data/identifiers/os_device.txt +94 -0
  21. data/identifiers/os_family.txt +325 -0
  22. data/identifiers/os_product.txt +420 -0
  23. data/identifiers/service_family.txt +272 -0
  24. data/identifiers/service_product.txt +557 -0
  25. data/identifiers/software_class.txt +26 -0
  26. data/identifiers/software_family.txt +91 -0
  27. data/identifiers/software_product.txt +333 -0
  28. data/identifiers/vendor.txt +891 -0
  29. data/lib/recog/version.rb +1 -1
  30. data/requirements.txt +1 -1
  31. data/spec/lib/fingerprint_self_test_spec.rb +1 -1
  32. data/spec/lib/recog/fingerprint/regexp_factory_spec.rb +1 -1
  33. data/update_cpes.py +4 -1
  34. data/xml/apache_modules.xml +292 -5
  35. data/xml/apache_os.xml +50 -2
  36. data/xml/architecture.xml +19 -7
  37. data/xml/dns_versionbind.xml +200 -26
  38. data/xml/favicons.xml +1701 -0
  39. data/xml/ftp_banners.xml +276 -16
  40. data/xml/h323_callresp.xml +112 -12
  41. data/xml/hp_pjl_id.xml +47 -5
  42. data/xml/html_title.xml +1419 -72
  43. data/xml/http_cookies.xml +77 -10
  44. data/xml/http_servers.xml +898 -47
  45. data/xml/http_wwwauth.xml +154 -27
  46. data/xml/imap_banners.xml +23 -13
  47. data/xml/ldap_searchresult.xml +81 -9
  48. data/xml/mdns_device-info_txt.xml +194 -17
  49. data/xml/mdns_workstation_txt.xml +4 -2
  50. data/xml/mysql_banners.xml +554 -45
  51. data/xml/mysql_error.xml +113 -6
  52. data/xml/nntp_banners.xml +10 -2
  53. data/xml/ntp_banners.xml +95 -11
  54. data/xml/operating_system.xml +90 -3
  55. data/xml/pop_banners.xml +32 -31
  56. data/xml/rsh_resp.xml +11 -2
  57. data/xml/rtsp_servers.xml +43 -23
  58. data/xml/sip_banners.xml +9 -14
  59. data/xml/sip_user_agents.xml +69 -3
  60. data/xml/smb_native_lm.xml +10 -2
  61. data/xml/smb_native_os.xml +80 -2
  62. data/xml/smtp_banners.xml +233 -13
  63. data/xml/smtp_debug.xml +6 -4
  64. data/xml/smtp_ehlo.xml +7 -5
  65. data/xml/smtp_expn.xml +13 -4
  66. data/xml/smtp_help.xml +23 -4
  67. data/xml/smtp_mailfrom.xml +5 -2
  68. data/xml/smtp_noop.xml +6 -5
  69. data/xml/smtp_quit.xml +5 -4
  70. data/xml/smtp_rcptto.xml +5 -2
  71. data/xml/smtp_rset.xml +4 -4
  72. data/xml/smtp_turn.xml +4 -4
  73. data/xml/smtp_vrfy.xml +14 -4
  74. data/xml/snmp_sysdescr.xml +776 -52
  75. data/xml/snmp_sysobjid.xml +47 -2
  76. data/xml/ssh_banners.xml +259 -80
  77. data/xml/telnet_banners.xml +376 -23
  78. data/xml/x11_banners.xml +27 -4
  79. data/xml/x509_issuers.xml +37 -13
  80. data/xml/x509_subjects.xml +525 -55
  81. metadata +29 -6
@@ -1,9 +1,10 @@
1
- <?xml version="1.0" encoding="UTF-8"?>
1
+ <?xml version='1.0' encoding='UTF-8'?>
2
2
  <fingerprints matches="nntp.banner" protocol="nntp" database_type="service">
3
3
  <!--
4
4
  NNTP greeting messages (part of the banner after the response code) are matched
5
5
  against these patterns to fingerprint NNTP servers.
6
6
  -->
7
+
7
8
  <fingerprint pattern="CCProxy NNTP Service$">
8
9
  <description>Youngzsoft CCProxy NNTP with no version</description>
9
10
  <example>CCProxy NNTP Service</example>
@@ -11,6 +12,7 @@
11
12
  <param pos="0" name="service.family" value="CCProxy"/>
12
13
  <param pos="0" name="service.product" value="CCProxy"/>
13
14
  </fingerprint>
15
+
14
16
  <fingerprint pattern="^(\S+) Lyris ListManager NNTP Service ready">
15
17
  <description>Lyris Listmanager</description>
16
18
  <example host.name="blah">blah Lyris ListManager NNTP Service ready (posting ok).</example>
@@ -19,6 +21,7 @@
19
21
  <param pos="0" name="service.product" value="ListManager"/>
20
22
  <param pos="1" name="host.name"/>
21
23
  </fingerprint>
24
+
22
25
  <fingerprint pattern="^NNTP Service (?:.*) Version: (5.0.2195.[0-9]+) .*$">
23
26
  <description>Microsoft IIS NNTP Server on Windows 2000</description>
24
27
  <example>NNTP Service 5.00.0984 Version: 5.0.2195.7034 Posting Allowed</example>
@@ -34,6 +37,7 @@
34
37
  <param pos="0" name="os.cpe23" value="cpe:/o:microsoft:windows_2000:-"/>
35
38
  <param pos="1" name="ms.nttp.version"/>
36
39
  </fingerprint>
40
+
37
41
  <fingerprint pattern="^NNTP Service (?:.*) Version: (6.0.3790.[0-9]+) .*$">
38
42
  <description>Microsoft IIS NNTP Server on Windows Server 2003</description>
39
43
  <example>NNTP Service 6.0.3790.3959 Version: 6.0.3790.3959 Posting Allowed</example>
@@ -49,6 +53,7 @@
49
53
  <param pos="0" name="os.cpe23" value="cpe:/o:microsoft:windows_server_2003:-"/>
50
54
  <param pos="1" name="ms.nttp.version"/>
51
55
  </fingerprint>
56
+
52
57
  <fingerprint pattern="^NNTP Service Microsoft. Internet Services (?:.*) Version: (?:[^ ]+) .*$">
53
58
  <description>Older Microsoft IIS NNTP Servers</description>
54
59
  <example>NNTP Service Microsoft. Internet Services 5.00 Version: 5.0.2068.0 Posting Allowed</example>
@@ -63,6 +68,7 @@
63
68
  <param pos="0" name="os.product" value="Windows"/>
64
69
  <param pos="0" name="os.cpe23" value="cpe:/o:microsoft:windows:-"/>
65
70
  </fingerprint>
71
+
66
72
  <fingerprint pattern="^Kerio (?:Connect|MailServer)\s+(\d\.[\d.]+)\s+(?:(?:patch|RC) (\d)\s+)?NNTP server ready$">
67
73
  <description>Kerio Connect NNTP</description>
68
74
  <example service.version="9.2.3">Kerio Connect 9.2.3 NNTP server ready</example>
@@ -74,9 +80,11 @@
74
80
  <param pos="1" name="service.version"/>
75
81
  <param pos="2" name="service.version.version"/>
76
82
  </fingerprint>
83
+
77
84
  <fingerprint pattern="^NNTP server ready(?: \(no posting\))?$">
78
85
  <description>Non-specific NNTP</description>
79
86
  <example>NNTP server ready (no posting)</example>
80
87
  <example>NNTP server ready</example>
81
88
  </fingerprint>
82
- </fingerprints>
89
+
90
+ </fingerprints>
@@ -1,8 +1,9 @@
1
- <?xml version="1.0" encoding="UTF-8"?>
1
+ <?xml version='1.0' encoding='UTF-8'?>
2
2
  <fingerprints matches="ntp.readvar" protocol="ntp" database_type="service" preference="0.80">
3
3
  <!--
4
4
  NTP "banners", taken from a readvar response
5
5
  -->
6
+
6
7
  <fingerprint pattern="^.*version=Domain Time II (\S+),hostname=([^,]+),.*system=Win2003.*,processor=(\S+)" flags="REG_DOT_NEWLINE,REG_ICASE">
7
8
  <description>Greyware Automation Products, Inc. Domain Time II on Windows Server 2003</description>
8
9
  <example service.version="5.1.b.20100331R" os.arch="x64" host.name="blah">
@@ -21,6 +22,7 @@
21
22
  <param pos="3" name="os.arch"/>
22
23
  <param pos="0" name="os.cpe23" value="cpe:/o:microsoft:windows_server_2003:-"/>
23
24
  </fingerprint>
25
+
24
26
  <fingerprint pattern="^.*version=Domain Time II (\S+),hostname=([^,]+),.*system=Win2008R2.*,processor=(\S+)" flags="REG_DOT_NEWLINE,REG_ICASE">
25
27
  <description>Greyware Automation Products, Inc. Domain Time II on Windows Server 2008 R2</description>
26
28
  <example service.version="5.2.b.20120215R" os.arch="x64" host.name="blah">
@@ -32,10 +34,11 @@
32
34
  <param pos="2" name="host.name"/>
33
35
  <param pos="0" name="os.vendor" value="Microsoft"/>
34
36
  <param pos="0" name="os.family" value="Windows"/>
35
- <param pos="0" name="os.product" value="Windows 2008 R2"/>
37
+ <param pos="0" name="os.product" value="Windows Server 2008 R2"/>
36
38
  <param pos="3" name="os.arch"/>
37
39
  <param pos="0" name="os.cpe23" value="cpe:/o:microsoft:windows_server_2008:-"/>
38
40
  </fingerprint>
41
+
39
42
  <fingerprint pattern="^.*version=Domain Time II (\S+),hostname=([^,]+),.*system=Win2008.*,processor=(\S+)" flags="REG_DOT_NEWLINE,REG_ICASE">
40
43
  <description>Greyware Automation Products, Inc. Domain Time II on Windows 2008</description>
41
44
  <example service.version="5.2.b.20140303R" os.arch="x86" host.name="blah">
@@ -54,6 +57,7 @@
54
57
  <param pos="3" name="os.arch"/>
55
58
  <param pos="0" name="os.cpe23" value="cpe:/o:microsoft:windows_server_2008:-"/>
56
59
  </fingerprint>
60
+
57
61
  <fingerprint pattern="^.*version=Domain Time II (\S+),hostname=([^,]+),.*system=Win2012.*,processor=(\S+)" flags="REG_DOT_NEWLINE,REG_ICASE">
58
62
  <description>Greyware Automation Products, Inc. Domain Time II on Windows Server 2012</description>
59
63
  <example service.version="5.2.b.20140101R" os.arch="x64" host.name="blah">
@@ -69,6 +73,7 @@
69
73
  <param pos="3" name="os.arch"/>
70
74
  <param pos="0" name="os.cpe23" value="cpe:/o:microsoft:windows_server_2012:-"/>
71
75
  </fingerprint>
76
+
72
77
  <fingerprint pattern="^.*version=Domain Time II (\S+),hostname=([^,]+),.*system=Win7.*,processor=(\S+)" flags="REG_DOT_NEWLINE,REG_ICASE">
73
78
  <description>Greyware Automation Products, Inc. Domain Time II on Windows 7</description>
74
79
  <example service.version="5.2.b.20130405R" os.arch="x64" host.name="blah">
@@ -84,6 +89,7 @@
84
89
  <param pos="3" name="os.arch"/>
85
90
  <param pos="0" name="os.cpe23" value="cpe:/o:microsoft:windows_7:-"/>
86
91
  </fingerprint>
92
+
87
93
  <fingerprint pattern="^.*version=&quot;ntpd (\S+)[^&quot;]+&quot;,.*system=&quot;Equallogic \(R\) storage array&quot;" flags="REG_DOT_NEWLINE,REG_ICASE">
88
94
  <description>ntpd running on an EqualLogic Storage Array that includes the NTP version</description>
89
95
  <example>
@@ -100,6 +106,7 @@
100
106
  <param pos="0" name="os.vendor" value="EqualLogic"/>
101
107
  <param pos="0" name="os.product" value="Storage Array"/>
102
108
  </fingerprint>
109
+
103
110
  <fingerprint pattern="^.*system=&quot;Equallogic \(R\) storage array&quot;" flags="REG_DOT_NEWLINE,REG_ICASE">
104
111
  <description>ntpd running on an EqualLogic Storage Array that does not include the NTP version</description>
105
112
  <example>
@@ -112,6 +119,7 @@
112
119
  <param pos="0" name="os.vendor" value="EqualLogic"/>
113
120
  <param pos="0" name="os.product" value="Storage Array"/>
114
121
  </fingerprint>
122
+
115
123
  <fingerprint pattern="^.*version=&quot;ntpd ([^ ]+)[^&quot;]+&quot;,.*processor=&quot;([^ ]+)&quot;,.*system=&quot;Linux/(?:[^ ]+\.ESX)&quot;" flags="REG_DOT_NEWLINE,REG_ICASE">
116
124
  <description>ntpd running on VMware ESX</description>
117
125
  <example service.version="4.2.2p1@1.1570-o" os.arch="x86_64">
@@ -127,6 +135,7 @@
127
135
  <param pos="2" name="os.arch"/>
128
136
  <param pos="0" name="os.cpe23" value="cpe:/o:vmware:esx:-"/>
129
137
  </fingerprint>
138
+
130
139
  <fingerprint pattern="^.*version=&quot;ntpd ([^ ]+)[^&quot;]+&quot;,.*processor=&quot;([^ ]+)&quot;,.*system=&quot;Linux/?([^ ]+)&quot;" flags="REG_DOT_NEWLINE,REG_ICASE">
131
140
  <description>ntpd running on Linux</description>
132
141
  <example>
@@ -143,6 +152,7 @@
143
152
  <param pos="3" name="os.version"/>
144
153
  <param pos="0" name="os.cpe23" value="cpe:/o:linux:linux_kernel:{os.version}"/>
145
154
  </fingerprint>
155
+
146
156
  <fingerprint pattern="^.*version=&quot;ntpd ([^ ]+)[^&quot;]+&quot;,.*processor=&quot;([^&quot;]+)&quot;,.*system=&quot;Darwin/?6\.([^&quot;]+)&quot;" flags="REG_DOT_NEWLINE,REG_ICASE">
147
157
  <description>ntpd running on Mac OSX 10.2/Jaguar</description>
148
158
  <example service.version="4.1.1@1.786" os.version.version="8">
@@ -160,6 +170,7 @@
160
170
  <param pos="0" name="os.certainty" value="0.9"/>
161
171
  <param pos="0" name="os.cpe23" value="cpe:/o:apple:mac_os_x:10.2"/>
162
172
  </fingerprint>
173
+
163
174
  <fingerprint pattern="^.*version=&quot;ntpd ([^ ]+)[^&quot;]+&quot;,.*processor=&quot;([^&quot;]+)&quot;,.*system=&quot;Darwin/?7\.([^&quot;]+)&quot;" flags="REG_DOT_NEWLINE,REG_ICASE">
164
175
  <description>ntpd running on Mac OSX 10.3/Panther</description>
165
176
  <param pos="0" name="service.family" value="NTP"/>
@@ -174,6 +185,7 @@
174
185
  <param pos="0" name="os.certainty" value="0.9"/>
175
186
  <param pos="0" name="os.cpe23" value="cpe:/o:apple:mac_os_x:10.3"/>
176
187
  </fingerprint>
188
+
177
189
  <fingerprint pattern="^.*version=&quot;ntpd ([^ ]+)[^&quot;]+&quot;,.*processor=&quot;([^&quot;]+)&quot;,.*system=&quot;Darwin/?8\.([^&quot;]+)&quot;" flags="REG_DOT_NEWLINE,REG_ICASE">
178
190
  <description>ntpd running on Mac OSX 10.4/Tiger</description>
179
191
  <example>
@@ -192,6 +204,7 @@
192
204
  <param pos="0" name="os.certainty" value="0.9"/>
193
205
  <param pos="0" name="os.cpe23" value="cpe:/o:apple:mac_os_x:10.4"/>
194
206
  </fingerprint>
207
+
195
208
  <fingerprint pattern="^.*version=&quot;ntpd ([^ ]+)[^&quot;]+&quot;,.*processor=&quot;([^&quot;]+)&quot;,.*system=&quot;Darwin/?9\.([^&quot;]+)&quot;" flags="REG_DOT_NEWLINE,REG_ICASE">
196
209
  <description>ntpd running on Mac OSX 10.5/Leopard</description>
197
210
  <example>
@@ -210,6 +223,7 @@
210
223
  <param pos="0" name="os.certainty" value="0.9"/>
211
224
  <param pos="0" name="os.cpe23" value="cpe:/o:apple:mac_os_x:10.5"/>
212
225
  </fingerprint>
226
+
213
227
  <fingerprint pattern="^.*version=&quot;ntpd ([^ ]+)[^&quot;]+&quot;,.*processor=&quot;([^&quot;]+)&quot;,.*system=&quot;Darwin/?10\.([^&quot;]+)&quot;" flags="REG_DOT_NEWLINE,REG_ICASE">
214
228
  <description>ntpd running on Mac OSX 10.6/Snow Leopard</description>
215
229
  <example>
@@ -228,6 +242,7 @@
228
242
  <param pos="0" name="os.certainty" value="0.9"/>
229
243
  <param pos="0" name="os.cpe23" value="cpe:/o:apple:mac_os_x:10.6"/>
230
244
  </fingerprint>
245
+
231
246
  <fingerprint pattern="^.*processor=&quot;([^&quot;]+)&quot;.*system=&quot;BSD/OS([\d.]+)&quot;" flags="REG_DOT_NEWLINE,REG_ICASE">
232
247
  <description>BSD/OS with a version and arch</description>
233
248
  <example os.arch="i386" os.version="4.3.1">
@@ -238,6 +253,7 @@
238
253
  <param pos="1" name="os.arch"/>
239
254
  <param pos="2" name="os.version"/>
240
255
  </fingerprint>
256
+
241
257
  <fingerprint pattern="^.*system=&quot;BSD/OS&quot;" flags="REG_DOT_NEWLINE,REG_ICASE">
242
258
  <description>BSD/OS without a version or arch</description>
243
259
  <example>
@@ -246,6 +262,7 @@
246
262
  <param pos="0" name="os.vendor" value="Berkeley Software Design Inc."/>
247
263
  <param pos="0" name="os.product" value="BSD/OS"/>
248
264
  </fingerprint>
265
+
249
266
  <fingerprint pattern="^.*version=&quot;ntpd ([^ ]+)[^&quot;]+&quot;,.*processor=&quot;([^&quot;]+)&quot;,.*system=&quot;Darwin/?11\.([^&quot;]+)&quot;" flags="REG_DOT_NEWLINE,REG_ICASE">
250
267
  <description>ntpd running on Mac OSX 10.7/Lion</description>
251
268
  <example>
@@ -264,6 +281,7 @@
264
281
  <param pos="0" name="os.certainty" value="0.9"/>
265
282
  <param pos="0" name="os.cpe23" value="cpe:/o:apple:mac_os_x:10.7"/>
266
283
  </fingerprint>
284
+
267
285
  <fingerprint pattern="^.*version=&quot;ntpd ([^ ]+)[^&quot;]+&quot;,.*processor=&quot;([^&quot;]+)&quot;,.*system=&quot;Darwin/?12\.([^&quot;]+)&quot;" flags="REG_DOT_NEWLINE,REG_ICASE">
268
286
  <description>ntpd running on Mac OSX 10.8/Mountain Lion</description>
269
287
  <example service.version="4.2.6@1.2089-o" os.arch="x86_64" os.version.version="1.0">
@@ -282,6 +300,7 @@
282
300
  <param pos="0" name="os.certainty" value="0.9"/>
283
301
  <param pos="0" name="os.cpe23" value="cpe:/o:apple:mac_os_x:10.8"/>
284
302
  </fingerprint>
303
+
285
304
  <fingerprint pattern="^.*version=&quot;ntpd ([^ ]+)[^&quot;]+&quot;,.*processor=&quot;([^&quot;]+)&quot;,.*system=&quot;Darwin/?13\.([^&quot;]+)&quot;" flags="REG_DOT_NEWLINE,REG_ICASE">
286
305
  <description>ntpd running on Mac OSX 10.9/Mavericks</description>
287
306
  <example service.version="4.2.6@1.2089-o" os.arch="x86_64" os.version.version="4.0">
@@ -300,6 +319,7 @@
300
319
  <param pos="0" name="os.certainty" value="0.9"/>
301
320
  <param pos="0" name="os.cpe23" value="cpe:/o:apple:mac_os_x:10.9"/>
302
321
  </fingerprint>
322
+
303
323
  <fingerprint pattern="^.*version=&quot;ntpd ([^ ]+)[^&quot;]+&quot;,.*processor=&quot;([^&quot;]+)&quot;,.*system=&quot;Darwin/?14\.([^&quot;]+)&quot;" flags="REG_DOT_NEWLINE,REG_ICASE">
304
324
  <description>ntpd running on Mac OSX 10.10/Yosemite</description>
305
325
  <example service.version="4.2.6@1.2089-o" os.arch="x86_64" os.version.version="3.0">
@@ -318,20 +338,30 @@
318
338
  <param pos="0" name="os.certainty" value="0.9"/>
319
339
  <param pos="0" name="os.cpe23" value="cpe:/o:apple:mac_os_x:10.10"/>
320
340
  </fingerprint>
321
- <fingerprint pattern="^.*version=&quot;ntpd ([^ ]+)[^&quot;]+&quot;,.*processor=&quot;([^ ]+)&quot;,.*system=&quot;FreeBSD/?(?:[^ ]+-NETSCALER-([^ ]+))&quot;" flags="REG_DOT_NEWLINE,REG_ICASE">
341
+
342
+ <fingerprint pattern="^.*version=&quot;ntpd ([^ p]+)(:?p[^ &quot;]+)?[^&quot;]+&quot;,.*processor=&quot;([^ ]+)&quot;,.*system=&quot;FreeBSD/?(?:[^ ]+-NETSCALER-([^ ]+))&quot;" flags="REG_DOT_NEWLINE,REG_ICASE">
322
343
  <description>ntpd running on Citrix Netscaler, which is based on FreeBSD</description>
323
- <example>
344
+ <example service.version="4.2.6" service.version.version="p2@1.2194" os.arch="i386" os.version="9.3">
324
345
  version="ntpd 4.2.6p2@1.2194 Wed Nov 24 15:54:11 UTC 2010 (1)",
325
346
  processor="i386", system="FreeBSD/6.3-NETSCALER-9.3", leap=00, stratum=3,
326
347
  </example>
327
- <param pos="0" name="service.family" value="NTP"/>
328
- <param pos="0" name="service.product" value="NTP"/>
348
+ <example service.version="4.2.6" service.version.version="p3-a" os.arch="amd64" os.version="10.5">
349
+ version="ntpd 4.2.6p3-a (1)", processor="amd64", system="FreeBSD/8.4-NETSCALER-10.5",
350
+ leap=3, stratum=16, precision=-21, rootdelay=0.000, rootdisp=1264777.230,
351
+ </example>
329
352
  <param pos="1" name="service.version"/>
353
+ <param pos="2" name="service.version.version"/>
354
+ <param pos="0" name="service.vendor" value="NTP"/>
355
+ <param pos="0" name="service.product" value="NTP"/>
356
+ <param pos="0" name="service.cpe23" value="cpe:/a:ntp:ntp:{service.version}"/>
330
357
  <param pos="0" name="os.vendor" value="Citrix"/>
358
+ <param pos="0" name="os.family" value="NetScaler"/>
359
+ <param pos="0" name="os.device" value="Network Management Device"/>
331
360
  <param pos="0" name="os.product" value="NetScaler"/>
332
- <param pos="2" name="os.arch"/>
333
- <param pos="3" name="os.version"/>
361
+ <param pos="3" name="os.arch"/>
362
+ <param pos="4" name="os.version"/>
334
363
  </fingerprint>
364
+
335
365
  <fingerprint pattern="^.*version=&quot;ntpd ([^ ]+)[^&quot;]+&quot;,.*processor=&quot;([^ ]+)&quot;,.*system=&quot;FreeBSD/?([^ ]+)&quot;" flags="REG_DOT_NEWLINE,REG_ICASE">
336
366
  <description>ntpd running on FreeBSD</description>
337
367
  <example>
@@ -348,6 +378,7 @@
348
378
  <param pos="3" name="os.version"/>
349
379
  <param pos="0" name="os.cpe23" value="cpe:/o:freebsd:freebsd:{os.version}"/>
350
380
  </fingerprint>
381
+
351
382
  <fingerprint pattern="^.*processor=&quot;([^ ]+)&quot;,.*system=&quot;FreeBSD/?([^ ]+)&quot;" flags="REG_DOT_NEWLINE,REG_ICASE">
352
383
  <description>ntp without a version on FreeBSD</description>
353
384
  <example os.arch="i386" os.version="4.1-RELEASE">
@@ -363,6 +394,7 @@
363
394
  <param pos="2" name="os.version"/>
364
395
  <param pos="0" name="os.cpe23" value="cpe:/o:freebsd:freebsd:{os.version}"/>
365
396
  </fingerprint>
397
+
366
398
  <fingerprint pattern="^.*version=&quot;ntpd ([^ ]+)[^&quot;]+&quot;,.*processor=&quot;([^ ]+)&quot;,.*system=&quot;NetBSD/?([^ ]+)&quot;" flags="REG_DOT_NEWLINE,REG_ICASE">
367
399
  <description>ntpd running on NetBSD</description>
368
400
  <example>
@@ -379,6 +411,7 @@
379
411
  <param pos="3" name="os.version"/>
380
412
  <param pos="0" name="os.cpe23" value="cpe:/o:netbsd:netbsd:{os.version}"/>
381
413
  </fingerprint>
414
+
382
415
  <fingerprint pattern="^.*processor=&quot;([^ ]+)&quot;,.*system=&quot;NetBSD/?([^ ]+)&quot;" flags="REG_DOT_NEWLINE,REG_ICASE">
383
416
  <description>ntpd running on NetBSD - variant 2</description>
384
417
  <example os.arch="i386" os.version="1.5.3">
@@ -421,6 +454,7 @@
421
454
  <param pos="2" name="os.version"/>
422
455
  <param pos="0" name="os.cpe23" value="cpe:/o:netbsd:netbsd:{os.version}"/>
423
456
  </fingerprint>
457
+
424
458
  <fingerprint pattern="^.*system=&quot;NetWare&quot;" flags="REG_DOT_NEWLINE,REG_ICASE">
425
459
  <description>NetWare</description>
426
460
  <example>
@@ -431,6 +465,7 @@
431
465
  <param pos="0" name="os.product" value="NetWare"/>
432
466
  <param pos="0" name="os.cpe23" value="cpe:/o:novell:netware:-"/>
433
467
  </fingerprint>
468
+
434
469
  <fingerprint pattern="^.*version=&quot;ntpd ([^ ]+)[^&quot;]+&quot;,.*processor=&quot;([^ ]+)&quot;,.*system=&quot;SunOS/?5.0&quot;" flags="REG_DOT_NEWLINE,REG_ICASE">
435
470
  <description>ntpd running on Solaris 2.0 (SunOS/5.0) </description>
436
471
  <example service.version="4.2.0@1.1161-r" os.arch="sun4u">
@@ -451,6 +486,7 @@
451
486
  <param pos="2" name="os.arch"/>
452
487
  <param pos="0" name="os.cpe23" value="cpe:/o:sun:solaris:2.0"/>
453
488
  </fingerprint>
489
+
454
490
  <fingerprint pattern="^.*version=&quot;ntpd ([^ ]+)[^&quot;]+&quot;,.*processor=&quot;([^ ]+)&quot;,.*system=&quot;SunOS/?5.1&quot;" flags="REG_DOT_NEWLINE,REG_ICASE">
455
491
  <description> ntpd running on Solaris 2.1 (SunOS/5.1) </description>
456
492
  <example service.version="4.2.0@1.1161-r" os.arch="sun4u">
@@ -471,6 +507,7 @@
471
507
  <param pos="2" name="os.arch"/>
472
508
  <param pos="0" name="os.cpe23" value="cpe:/o:sun:solaris:2.1"/>
473
509
  </fingerprint>
510
+
474
511
  <fingerprint pattern="^.*version=&quot;ntpd ([^ ]+)[^&quot;]+&quot;,.*processor=&quot;([^ ]+)&quot;,.*system=&quot;SunOS/?5.2&quot;" flags="REG_DOT_NEWLINE,REG_ICASE">
475
512
  <description> ntpd running on Solaris 2.2 (SunOS/5.2) </description>
476
513
  <example service.version="4.2.0@1.1161-r" os.arch="sun4u">
@@ -491,6 +528,7 @@
491
528
  <param pos="2" name="os.arch"/>
492
529
  <param pos="0" name="os.cpe23" value="cpe:/o:sun:solaris:2.2"/>
493
530
  </fingerprint>
531
+
494
532
  <fingerprint pattern="^.*version=&quot;ntpd ([^ ]+)[^&quot;]+&quot;,.*processor=&quot;([^ ]+)&quot;,.*system=&quot;SunOS/?5.3&quot;" flags="REG_DOT_NEWLINE,REG_ICASE">
495
533
  <description> ntpd running on Solaris 2.3 (SunOS/5.3) </description>
496
534
  <example service.version="4.2.0@1.1161-r" os.arch="sun4u">
@@ -511,6 +549,7 @@
511
549
  <param pos="2" name="os.arch"/>
512
550
  <param pos="0" name="os.cpe23" value="cpe:/o:sun:solaris:2.3"/>
513
551
  </fingerprint>
552
+
514
553
  <fingerprint pattern="^.*version=&quot;ntpd ([^ ]+)[^&quot;]+&quot;,.*processor=&quot;([^ ]+)&quot;,.*system=&quot;SunOS/?5.4&quot;" flags="REG_DOT_NEWLINE,REG_ICASE">
515
554
  <description>ntpd running on Solaris 2.4 (SunOS/5.4) </description>
516
555
  <example service.version="4.2.0@1.1161-r" os.arch="sun4u">
@@ -531,6 +570,7 @@
531
570
  <param pos="2" name="os.arch"/>
532
571
  <param pos="0" name="os.cpe23" value="cpe:/o:sun:solaris:2.4"/>
533
572
  </fingerprint>
573
+
534
574
  <fingerprint pattern="^.*version=&quot;ntpd ([^ ]+)[^&quot;]+&quot;,.*processor=&quot;([^ ]+)&quot;,.*system=&quot;SunOS/?5.5&quot;" flags="REG_DOT_NEWLINE,REG_ICASE">
535
575
  <description>ntpd running on Solaris 2.5 (SunOS/5.5) </description>
536
576
  <example service.version="4.2.0@1.1161-r" os.arch="sun4u">
@@ -551,6 +591,7 @@
551
591
  <param pos="2" name="os.arch"/>
552
592
  <param pos="0" name="os.cpe23" value="cpe:/o:sun:solaris:2.5"/>
553
593
  </fingerprint>
594
+
554
595
  <fingerprint pattern="^.*version=&quot;ntpd ([^ ]+)[^&quot;]+&quot;,.*processor=&quot;([^ ]+)&quot;,.*system=&quot;SunOS/?5.6&quot;" flags="REG_DOT_NEWLINE,REG_ICASE">
555
596
  <description>ntpd running on Solaris 2.6 (SunOS/5.6) </description>
556
597
  <example service.version="4.2.0@1.1161-r" os.arch="sun4u">
@@ -571,6 +612,7 @@
571
612
  <param pos="2" name="os.arch"/>
572
613
  <param pos="0" name="os.cpe23" value="cpe:/o:sun:solaris:2.6"/>
573
614
  </fingerprint>
615
+
574
616
  <fingerprint pattern="^.*version=&quot;ntpd ([^ ]+)[^&quot;]+&quot;,.*processor=&quot;([^ ]+)&quot;,.*system=&quot;SunOS/?5.(1[1-9])&quot;" flags="REG_DOT_NEWLINE,REG_ICASE">
575
617
  <description>ntpd running on Solaris 11 or above (SunOS/5.11 and above) </description>
576
618
  <example service.version="4.2.0@1.1161-r" os.arch="sun4u" os.version="11">
@@ -591,6 +633,7 @@
591
633
  <param pos="3" name="os.version"/>
592
634
  <param pos="0" name="os.cpe23" value="cpe:/o:oracle:solaris:{os.version}"/>
593
635
  </fingerprint>
636
+
594
637
  <fingerprint pattern="^.*version=&quot;ntpd ([^ ]+)[^&quot;]+&quot;,.*processor=&quot;([^ ]+)&quot;,.*system=&quot;SunOS/?5.([789]|10)&quot;" flags="REG_DOT_NEWLINE,REG_ICASE">
595
638
  <description>ntpd running on Solaris 7-Solaris 10 (SunOS/5.7 - SunOS/5.10) </description>
596
639
  <example service.version="4.2.0@1.1161-r" os.arch="sun4u" os.version="7">
@@ -619,6 +662,7 @@
619
662
  <param pos="3" name="os.version"/>
620
663
  <param pos="0" name="os.cpe23" value="cpe:/o:sun:solaris:{os.version}"/>
621
664
  </fingerprint>
665
+
622
666
  <fingerprint pattern="^.*processor=&quot;([^ ]+)&quot;,.*system=&quot;SunOS/?5.0&quot;" flags="REG_DOT_NEWLINE,REG_ICASE">
623
667
  <description>Solaris 2.0 (SunOS/5.0) with no ntp version</description>
624
668
  <example os.arch="sun4m">
@@ -634,6 +678,7 @@
634
678
  <param pos="1" name="os.arch"/>
635
679
  <param pos="0" name="os.cpe23" value="cpe:/o:sun:solaris:2.0"/>
636
680
  </fingerprint>
681
+
637
682
  <fingerprint pattern="^.*processor=&quot;([^ ]+)&quot;,.*system=&quot;SunOS/?5.1&quot;" flags="REG_DOT_NEWLINE,REG_ICASE">
638
683
  <description>Solaris 2.1 (SunOS/5.1) with no ntp version</description>
639
684
  <example os.arch="sun4m">
@@ -649,6 +694,7 @@
649
694
  <param pos="1" name="os.arch"/>
650
695
  <param pos="0" name="os.cpe23" value="cpe:/o:sun:solaris:2.1"/>
651
696
  </fingerprint>
697
+
652
698
  <fingerprint pattern="^.*processor=&quot;([^ ]+)&quot;,.*system=&quot;SunOS/?5.2&quot;" flags="REG_DOT_NEWLINE,REG_ICASE">
653
699
  <description>Solaris 2.2 (SunOS/5.2) with no ntp version</description>
654
700
  <example os.arch="sun4m">
@@ -664,6 +710,7 @@
664
710
  <param pos="1" name="os.arch"/>
665
711
  <param pos="0" name="os.cpe23" value="cpe:/o:sun:solaris:2.2"/>
666
712
  </fingerprint>
713
+
667
714
  <fingerprint pattern="^.*processor=&quot;([^ ]+)&quot;,.*system=&quot;SunOS/?5.3&quot;" flags="REG_DOT_NEWLINE,REG_ICASE">
668
715
  <description>Solaris 2.3 (SunOS/5.3) with no ntp version</description>
669
716
  <example os.arch="sun4m">
@@ -679,6 +726,7 @@
679
726
  <param pos="1" name="os.arch"/>
680
727
  <param pos="0" name="os.cpe23" value="cpe:/o:sun:solaris:2.3"/>
681
728
  </fingerprint>
729
+
682
730
  <fingerprint pattern="^.*processor=&quot;([^ ]+)&quot;,.*system=&quot;SunOS/?5.4&quot;" flags="REG_DOT_NEWLINE,REG_ICASE">
683
731
  <description>Solaris 2.4 (SunOS/5.4) with no ntp version</description>
684
732
  <example os.arch="sun4m">
@@ -694,6 +742,7 @@
694
742
  <param pos="1" name="os.arch"/>
695
743
  <param pos="0" name="os.cpe23" value="cpe:/o:sun:solaris:2.4"/>
696
744
  </fingerprint>
745
+
697
746
  <fingerprint pattern="^.*processor=&quot;([^ ]+)&quot;,.*system=&quot;SunOS/?5.5&quot;" flags="REG_DOT_NEWLINE,REG_ICASE">
698
747
  <description>Solaris 2.5 (SunOS/5.5) with no ntp version</description>
699
748
  <example os.arch="sun4m">
@@ -709,6 +758,7 @@
709
758
  <param pos="1" name="os.arch"/>
710
759
  <param pos="0" name="os.cpe23" value="cpe:/o:sun:solaris:2.5"/>
711
760
  </fingerprint>
761
+
712
762
  <fingerprint pattern="^.*processor=&quot;([^ ]+)&quot;,.*system=&quot;SunOS/?5.6&quot;" flags="REG_DOT_NEWLINE,REG_ICASE">
713
763
  <description>Solaris 2.6 (SunOS/5.6) with no ntp version</description>
714
764
  <example os.arch="sun4m">
@@ -724,6 +774,7 @@
724
774
  <param pos="1" name="os.arch"/>
725
775
  <param pos="0" name="os.cpe23" value="cpe:/o:sun:solaris:2.6"/>
726
776
  </fingerprint>
777
+
727
778
  <fingerprint pattern="^.*processor=&quot;([^ ]+)&quot;,.*system=&quot;SunOS/?5.([789]|10)&quot;" flags="REG_DOT_NEWLINE,REG_ICASE">
728
779
  <description>Solaris 7-10 (SunOS/5.7 - SunOS/5.10) with no ntp version</description>
729
780
  <example os.arch="sun4m" os.version="7">
@@ -745,6 +796,7 @@
745
796
  <param pos="2" name="os.version"/>
746
797
  <param pos="0" name="os.cpe23" value="cpe:/o:sun:solaris:{os.version}"/>
747
798
  </fingerprint>
799
+
748
800
  <fingerprint pattern="^.*processor=&quot;([^ ]+)&quot;,.*system=&quot;SunOS/?5.(1[1-9])&quot;" flags="REG_DOT_NEWLINE,REG_ICASE">
749
801
  <description>Solaris 11 and up with no ntp version</description>
750
802
  <example os.arch="sun4m" os.version="11">
@@ -760,6 +812,7 @@
760
812
  <param pos="2" name="os.version"/>
761
813
  <param pos="0" name="os.cpe23" value="cpe:/o:oracle:solaris:{os.version}"/>
762
814
  </fingerprint>
815
+
763
816
  <fingerprint pattern="^.*system=&quot;UNIX/SunOS ([^ ]+)&quot;" flags="REG_DOT_NEWLINE,REG_ICASE">
764
817
  <description>SunOS with no ntp version</description>
765
818
  <example>
@@ -771,6 +824,7 @@
771
824
  <param pos="1" name="os.version"/>
772
825
  <param pos="0" name="os.cpe23" value="cpe:/o:sun:solaris:{os.version}"/>
773
826
  </fingerprint>
827
+
774
828
  <fingerprint pattern="^.*version=&quot;ntpd ([^ ]+)[^&quot;]+&quot;,.*processor=&quot;([^ ]+)&quot;,.*system=&quot;JUNOS/?([^ ]+)&quot;" flags="REG_DOT_NEWLINE,REG_ICASE">
775
829
  <description>ntpd running on Juniper/Netscreen JunOS</description>
776
830
  <example>
@@ -787,6 +841,7 @@
787
841
  <param pos="3" name="os.version"/>
788
842
  <param pos="0" name="os.cpe23" value="cpe:/o:juniper:junos:{os.version}"/>
789
843
  </fingerprint>
844
+
790
845
  <fingerprint pattern="processor=&quot;([^ ]+)&quot;,.*system=&quot;JUNOS/?([^ ]+)&quot;" flags="REG_DOT_NEWLINE,REG_ICASE">
791
846
  <description>Juniper/Netscreen JunOS NTP without a version</description>
792
847
  <example os.arch="i386" os.version="7.0R2.7">processor="i386", system="JUNOS7.0R2.7", leap=0, stratum=3</example>
@@ -799,6 +854,7 @@
799
854
  <param pos="2" name="os.version"/>
800
855
  <param pos="0" name="os.cpe23" value="cpe:/o:juniper:junos:{os.version}"/>
801
856
  </fingerprint>
857
+
802
858
  <fingerprint pattern="^.*version=&quot;ntpd ([^ ]+)[^&quot;]+&quot;,.*processor=&quot;([^ ]+)&quot;,.*system=&quot;Windows/?([^ ]+)?&quot;" flags="REG_DOT_NEWLINE,REG_ICASE">
803
859
  <description>ntpd running on Windows</description>
804
860
  <example>
@@ -819,6 +875,7 @@
819
875
  <param pos="3" name="os.version"/>
820
876
  <param pos="0" name="os.cpe23" value="cpe:/o:microsoft:windows:{os.version}"/>
821
877
  </fingerprint>
878
+
822
879
  <fingerprint pattern="^.*version=&quot;ntpd ([^ ]+)[^&quot;]+&quot;,.*processor=&quot;([^ ]+)&quot;,.*system=&quot;HP-UX/?([^ ]+)?&quot;" flags="REG_DOT_NEWLINE,REG_ICASE">
823
880
  <description>ntpd running on HP-UX</description>
824
881
  <example>
@@ -835,6 +892,7 @@
835
892
  <param pos="3" name="os.version"/>
836
893
  <param pos="0" name="os.cpe23" value="cpe:/o:hp:hp-ux:{os.version}"/>
837
894
  </fingerprint>
895
+
838
896
  <fingerprint pattern="^.*version=&quot;ntpd ([^ ]+)[^&quot;]+&quot;,.*processor=,.*system=&quot;HP-UX/&quot;" flags="REG_DOT_NEWLINE,REG_ICASE">
839
897
  <description>ntpd running on HP-UX with an empty processor</description>
840
898
  <example service.version="4.2.6">
@@ -849,6 +907,7 @@
849
907
  <param pos="0" name="os.product" value="HP-UX"/>
850
908
  <param pos="0" name="os.cpe23" value="cpe:/o:hp:hp-ux:-"/>
851
909
  </fingerprint>
910
+
852
911
  <fingerprint pattern="^.*version=&quot;ntpd ([^ ]+)[^&quot;]+&quot;,.*processor=&quot;[^ ]+&quot;,.*system=&quot;([^ ]+)-hp-hpux([^ ]+)&quot;" flags="REG_DOT_NEWLINE,REG_ICASE">
853
912
  <description>ntpd running on HP-UX, where the processor is in the 'system' variable</description>
854
913
  <example>
@@ -865,6 +924,7 @@
865
924
  <param pos="3" name="os.version"/>
866
925
  <param pos="0" name="os.cpe23" value="cpe:/o:hp:hp-ux:{os.version}"/>
867
926
  </fingerprint>
927
+
868
928
  <fingerprint pattern="^.*version=&quot;ntpd ([^ ]+)[^&quot;]+&quot;,.*processor=&quot;([^ ]+)&quot;,.*system=&quot;VMkernel/?([^ ]+)?&quot;" flags="REG_DOT_NEWLINE,REG_ICASE">
869
929
  <description>ntpd running on VMware ESXi</description>
870
930
  <example>
@@ -881,6 +941,7 @@
881
941
  <param pos="3" name="os.version"/>
882
942
  <param pos="0" name="os.cpe23" value="cpe:/o:vmware:esxi:{os.version}"/>
883
943
  </fingerprint>
944
+
884
945
  <fingerprint pattern=".*processor=&quot;([^ ]+)&quot;,.*system=&quot;OSF1[/V]?([^ ]+)&quot;" flags="REG_DOT_NEWLINE,REG_ICASE">
885
946
  <description>ntpd running on OSF/1</description>
886
947
  <example os.arch="alpha" os.version="4.0">
@@ -893,6 +954,7 @@
893
954
  <param pos="2" name="os.version"/>
894
955
  <param pos="1" name="os.arch"/>
895
956
  </fingerprint>
957
+
896
958
  <fingerprint pattern=".*system=&quot;UNIX/DECOSF1&quot;" flags="REG_DOT_NEWLINE,REG_ICASE">
897
959
  <description>DEC OSF/1</description>
898
960
  <example>
@@ -901,6 +963,7 @@
901
963
  <param pos="0" name="os.vendor" value="DEC"/>
902
964
  <param pos="0" name="os.product" value="OSF/1"/>
903
965
  </fingerprint>
966
+
904
967
  <fingerprint pattern="^.*system=&quot;Linux&quot;" flags="REG_DOT_NEWLINE,REG_ICASE">
905
968
  <description>Linux with NTP enabled, no processor/version</description>
906
969
  <example>
@@ -913,6 +976,7 @@
913
976
  <param pos="0" name="service.family" value="NTP"/>
914
977
  <param pos="0" name="service.product" value="NTP"/>
915
978
  </fingerprint>
979
+
916
980
  <fingerprint pattern="^.*system=&quot;UNIX/AIX&quot;" flags="REG_DOT_NEWLINE,REG_ICASE">
917
981
  <description>AIX with NTP enabled, no processor/version</description>
918
982
  <example>
@@ -926,6 +990,7 @@
926
990
  <param pos="0" name="service.product" value="NTP"/>
927
991
  <param pos="0" name="service.vendor" value="IBM"/>
928
992
  </fingerprint>
993
+
929
994
  <fingerprint pattern="^.*system=&quot;SunOS&quot;" flags="REG_DOT_NEWLINE,REG_ICASE">
930
995
  <description>Solaris with NTP enabled, no processor/version</description>
931
996
  <example>
@@ -939,6 +1004,7 @@
939
1004
  <param pos="0" name="service.product" value="NTP"/>
940
1005
  <param pos="0" name="service.vendor" value="Sun"/>
941
1006
  </fingerprint>
1007
+
942
1008
  <fingerprint pattern="^.*system=&quot;cisco&quot;" flags="REG_DOT_NEWLINE,REG_ICASE">
943
1009
  <description>Cisco IOS with NTP enabled</description>
944
1010
  <example>
@@ -952,6 +1018,7 @@
952
1018
  <param pos="0" name="service.product" value="NTP"/>
953
1019
  <param pos="0" name="service.vendor" value="Cisco"/>
954
1020
  </fingerprint>
1021
+
955
1022
  <fingerprint pattern="^.*system=&quot;Data ONTAP/+(\S+)&quot;.*$" flags="REG_DOT_NEWLINE,REG_ICASE">
956
1023
  <description>NetApp file servers</description>
957
1024
  <example>
@@ -964,6 +1031,7 @@
964
1031
  <param pos="1" name="os.version"/>
965
1032
  <param pos="0" name="os.cpe23" value="cpe:/o:netapp:data_ontap:{os.version}"/>
966
1033
  </fingerprint>
1034
+
967
1035
  <fingerprint pattern="system=&quot;UNIX/HPUX&quot;" flags="REG_ICASE">
968
1036
  <description>Generic HPUX</description>
969
1037
  <example>
@@ -977,6 +1045,7 @@
977
1045
  <param pos="0" name="os.product" value="HP-UX"/>
978
1046
  <param pos="0" name="os.cpe23" value="cpe:/o:hp:hp-ux:-"/>
979
1047
  </fingerprint>
1048
+
980
1049
  <fingerprint pattern="system=&quot;UNIX&quot;" flags="REG_ICASE">
981
1050
  <description>Generic UNIX</description>
982
1051
  <example>
@@ -986,6 +1055,7 @@
986
1055
  <param pos="0" name="os.product" value="UNIX"/>
987
1056
  <param pos="0" name="os.certainty" value="0.5"/>
988
1057
  </fingerprint>
1058
+
989
1059
  <fingerprint pattern="system=&quot;VxWorks(?:/TORNADO)?&quot;" flags="REG_ICASE">
990
1060
  <description>Generic VxWorks</description>
991
1061
  <example>
@@ -1001,6 +1071,7 @@
1001
1071
  <param pos="0" name="os.product" value="VxWorks"/>
1002
1072
  <param pos="0" name="os.cpe23" value="cpe:/o:windriver:vxworks:-"/>
1003
1073
  </fingerprint>
1074
+
1004
1075
  <fingerprint pattern="system=&quot;arm-wrs-vxworks&quot;" flags="REG_ICASE">
1005
1076
  <description>VxWorks ARM, cross-compiled on Linux</description>
1006
1077
  <example>
@@ -1008,9 +1079,10 @@
1008
1079
  </example>
1009
1080
  <param pos="0" name="os.vendor" value="Wind River"/>
1010
1081
  <param pos="0" name="os.product" value="VxWorks"/>
1011
- <param pos="0" name="os.arch" value="arm"/>
1082
+ <param pos="0" name="os.arch" value="ARM"/>
1012
1083
  <param pos="0" name="os.cpe23" value="cpe:/o:windriver:vxworks:-"/>
1013
1084
  </fingerprint>
1085
+
1014
1086
  <fingerprint pattern="system=&quot;i386-wrs-vxworks&quot;" flags="REG_ICASE">
1015
1087
  <description>VxWorks x86, cross-compiled on Linux</description>
1016
1088
  <example>
@@ -1018,9 +1090,10 @@
1018
1090
  </example>
1019
1091
  <param pos="0" name="os.vendor" value="Wind River"/>
1020
1092
  <param pos="0" name="os.product" value="VxWorks"/>
1021
- <param pos="0" name="os.arch" value="i386"/>
1093
+ <param pos="0" name="os.arch" value="x86"/>
1022
1094
  <param pos="0" name="os.cpe23" value="cpe:/o:windriver:vxworks:-"/>
1023
1095
  </fingerprint>
1096
+
1024
1097
  <fingerprint pattern="system=&quot;UNIX/Unixware([^ ]+)&quot;" flags="REG_ICASE">
1025
1098
  <description>SCO Unixware NTP</description>
1026
1099
  <example>
@@ -1033,6 +1106,7 @@
1033
1106
  <param pos="0" name="os.vendor" value="SCO"/>
1034
1107
  <param pos="1" name="os.product"/>
1035
1108
  </fingerprint>
1109
+
1036
1110
  <fingerprint pattern="^.*processor=&quot;([^&quot;]+)&quot;, system=&quot;SCO_SV([\d\.]+)&quot;" flags="REG_DOT_NEWLINE,REG_ICASE">
1037
1111
  <description>SCO Unixware NTP - SCO_SV variant</description>
1038
1112
  <example os.version="3.2" os.arch="i386">
@@ -1043,6 +1117,7 @@
1043
1117
  <param pos="1" name="os.arch"/>
1044
1118
  <param pos="2" name="os.version"/>
1045
1119
  </fingerprint>
1120
+
1046
1121
  <fingerprint pattern="^.*version=&quot;ntpd ([^ ]+)[^&quot;]+&quot;,.*\s*processor=&quot;([^ ]+)&quot;,.*system=&quot;SecureOS/([^ ]+)&quot;" flags="REG_DOT_NEWLINE,REG_ICASE">
1047
1122
  <description>McAfee Network Firewall Enterprise NTP (SecureOS)</description>
1048
1123
  <example>
@@ -1069,6 +1144,7 @@
1069
1144
  <param pos="2" name="os.arch"/>
1070
1145
  <param pos="3" name="os.version"/>
1071
1146
  </fingerprint>
1147
+
1072
1148
  <fingerprint pattern="^.*processor=&quot;([^ ]+)&quot;.*system=&quot;Linux([^ ]+)&quot;" flags="REG_DOT_NEWLINE,REG_ICASE">
1073
1149
  <description>ntpd running on linux</description>
1074
1150
  <example>
@@ -1095,6 +1171,7 @@
1095
1171
  <param pos="2" name="os.version"/>
1096
1172
  <param pos="0" name="os.cpe23" value="cpe:/o:linux:linux_kernel:{os.version}"/>
1097
1173
  </fingerprint>
1174
+
1098
1175
  <fingerprint pattern=".*version=&quot;ntpd (\S+)[^&quot;]+&quot;,.*\s*processor=&quot;([^ ]+)&quot;.*system=&quot;Isilon OneFS/v([^ ]+)&quot;" flags="REG_DOT_NEWLINE,REG_ICASE">
1099
1176
  <description>Isilon OneFS NTP Server</description>
1100
1177
  <example>
@@ -1113,6 +1190,7 @@
1113
1190
  <param pos="2" name="os.arch"/>
1114
1191
  <param pos="3" name="os.version"/>
1115
1192
  </fingerprint>
1193
+
1116
1194
  <fingerprint pattern="system=&quot;IPSO&quot;" flags="REG_DOT_NEWLINE,REG_ICASE">
1117
1195
  <description>Nokia IPSO NTP</description>
1118
1196
  <example>
@@ -1133,6 +1211,7 @@
1133
1211
  <param pos="0" name="os.device" value="Firewall"/>
1134
1212
  <param pos="0" name="os.cpe23" value="cpe:/o:nokia:ipso:-"/>
1135
1213
  </fingerprint>
1214
+
1136
1215
  <fingerprint pattern="system=&quot;UNIX/Solaris\s[^ ]+&quot;" flags="REG_DOT_NEWLINE,REG_ICASE">
1137
1216
  <description>Sun Solaris NTP</description>
1138
1217
  <example>
@@ -1155,6 +1234,7 @@
1155
1234
  <param pos="0" name="service.product" value="NTP"/>
1156
1235
  <param pos="0" name="service.vendor" value="Sun"/>
1157
1236
  </fingerprint>
1237
+
1158
1238
  <fingerprint pattern="version=&quot;ntpd version = ([^ ]+)&quot;,\s*processor=&quot;([A-Z0-9]+)&quot;,\s*system=&quot;OpenVMS/V([A-Z0-9.-]+)" flags="REG_DOT_NEWLINE,REG_ICASE">
1159
1239
  <description>OpenVMS NTP Server</description>
1160
1240
  <example service.version="4.2.0" os.arch="PHMNFP" os.version="8.3">
@@ -1181,6 +1261,7 @@
1181
1261
  <param pos="3" name="os.version"/>
1182
1262
  <param pos="0" name="os.cpe23" value="cpe:/o:hp:openvms:{os.version}"/>
1183
1263
  </fingerprint>
1264
+
1184
1265
  <fingerprint pattern="version=&quot;ntpd version = ([^ ]+)&quot;,\s*processor=&quot;unknown&quot;,\s*system=&quot;OpenVMS AXP&quot;" flags="REG_DOT_NEWLINE,REG_ICASE">
1185
1266
  <description>OpenVMS AXP (Alpha) NTP Server</description>
1186
1267
  <example service.version="4.1.0" os.arch="Alpha">
@@ -1193,6 +1274,7 @@
1193
1274
  <param pos="0" name="os.product" value="OpenVMS"/>
1194
1275
  <param pos="0" name="os.arch" value="Alpha"/>
1195
1276
  </fingerprint>
1277
+
1196
1278
  <fingerprint pattern=".*version=&quot;ntpd ([^ ]+)[^&quot;]+&quot;,\s*processor=&quot;([^ ]+)&quot;,\s*system=&quot;BIG-IPBIG-IP\s+([^&quot;]+)&quot;" flags="REG_DOT_NEWLINE,REG_ICASE">
1197
1279
  <description>F5 Big-IP Load Balancers NTP</description>
1198
1280
  <example service.version="4.1.1a@1.791" os.arch="i386" os.version="4.5PTF-0">
@@ -1211,6 +1293,7 @@
1211
1293
  <param pos="2" name="os.arch"/>
1212
1294
  <param pos="3" name="os.version"/>
1213
1295
  </fingerprint>
1296
+
1214
1297
  <fingerprint pattern=".*version=&quot;ntpd ([^ ]+)[^&quot;]+&quot;,\s*processor,\s*system=&quot;/&quot;" flags="REG_DOT_NEWLINE,REG_ICASE">
1215
1298
  <description>NTP on an unknown system</description>
1216
1299
  <example service.version="4.2.6p2-RC4@1.2180-o">
@@ -1220,4 +1303,5 @@
1220
1303
  <param pos="0" name="service.product" value="NTP"/>
1221
1304
  <param pos="1" name="service.version"/>
1222
1305
  </fingerprint>
1223
- </fingerprints>
1306
+
1307
+ </fingerprints>