recog 2.3.7 → 2.3.12

Sign up to get free protection for your applications and to get access to all the features.
Files changed (81) hide show
  1. checksums.yaml +4 -4
  2. data/.gitignore +9 -2
  3. data/.ruby-gemset +1 -0
  4. data/.ruby-version +1 -0
  5. data/.travis.yml +2 -4
  6. data/CONTRIBUTING.md +136 -37
  7. data/Gemfile +2 -5
  8. data/README.md +18 -16
  9. data/bin/recog_cleanup +16 -0
  10. data/bin/recog_standardize +142 -0
  11. data/cpe-remap.yaml +36 -1
  12. data/features/match.feature +4 -0
  13. data/features/support/aruba.rb +3 -0
  14. data/features/verify.feature +5 -0
  15. data/identifiers/README.md +56 -0
  16. data/identifiers/hw_device.txt +77 -0
  17. data/identifiers/hw_family.txt +96 -0
  18. data/identifiers/hw_product.txt +328 -0
  19. data/identifiers/os_architecture.txt +20 -0
  20. data/identifiers/os_device.txt +94 -0
  21. data/identifiers/os_family.txt +325 -0
  22. data/identifiers/os_product.txt +420 -0
  23. data/identifiers/service_family.txt +272 -0
  24. data/identifiers/service_product.txt +557 -0
  25. data/identifiers/software_class.txt +26 -0
  26. data/identifiers/software_family.txt +91 -0
  27. data/identifiers/software_product.txt +333 -0
  28. data/identifiers/vendor.txt +891 -0
  29. data/lib/recog/version.rb +1 -1
  30. data/requirements.txt +1 -1
  31. data/spec/lib/fingerprint_self_test_spec.rb +1 -1
  32. data/spec/lib/recog/fingerprint/regexp_factory_spec.rb +1 -1
  33. data/update_cpes.py +4 -1
  34. data/xml/apache_modules.xml +292 -5
  35. data/xml/apache_os.xml +50 -2
  36. data/xml/architecture.xml +19 -7
  37. data/xml/dns_versionbind.xml +200 -26
  38. data/xml/favicons.xml +1701 -0
  39. data/xml/ftp_banners.xml +276 -16
  40. data/xml/h323_callresp.xml +112 -12
  41. data/xml/hp_pjl_id.xml +47 -5
  42. data/xml/html_title.xml +1419 -72
  43. data/xml/http_cookies.xml +77 -10
  44. data/xml/http_servers.xml +898 -47
  45. data/xml/http_wwwauth.xml +154 -27
  46. data/xml/imap_banners.xml +23 -13
  47. data/xml/ldap_searchresult.xml +81 -9
  48. data/xml/mdns_device-info_txt.xml +194 -17
  49. data/xml/mdns_workstation_txt.xml +4 -2
  50. data/xml/mysql_banners.xml +554 -45
  51. data/xml/mysql_error.xml +113 -6
  52. data/xml/nntp_banners.xml +10 -2
  53. data/xml/ntp_banners.xml +95 -11
  54. data/xml/operating_system.xml +90 -3
  55. data/xml/pop_banners.xml +32 -31
  56. data/xml/rsh_resp.xml +11 -2
  57. data/xml/rtsp_servers.xml +43 -23
  58. data/xml/sip_banners.xml +9 -14
  59. data/xml/sip_user_agents.xml +69 -3
  60. data/xml/smb_native_lm.xml +10 -2
  61. data/xml/smb_native_os.xml +80 -2
  62. data/xml/smtp_banners.xml +233 -13
  63. data/xml/smtp_debug.xml +6 -4
  64. data/xml/smtp_ehlo.xml +7 -5
  65. data/xml/smtp_expn.xml +13 -4
  66. data/xml/smtp_help.xml +23 -4
  67. data/xml/smtp_mailfrom.xml +5 -2
  68. data/xml/smtp_noop.xml +6 -5
  69. data/xml/smtp_quit.xml +5 -4
  70. data/xml/smtp_rcptto.xml +5 -2
  71. data/xml/smtp_rset.xml +4 -4
  72. data/xml/smtp_turn.xml +4 -4
  73. data/xml/smtp_vrfy.xml +14 -4
  74. data/xml/snmp_sysdescr.xml +776 -52
  75. data/xml/snmp_sysobjid.xml +47 -2
  76. data/xml/ssh_banners.xml +259 -80
  77. data/xml/telnet_banners.xml +376 -23
  78. data/xml/x11_banners.xml +27 -4
  79. data/xml/x509_issuers.xml +37 -13
  80. data/xml/x509_subjects.xml +525 -55
  81. metadata +29 -6
@@ -1,4 +1,4 @@
1
- <?xml version="1.0" encoding="UTF-8"?>
1
+ <?xml version='1.0' encoding='UTF-8'?>
2
2
  <fingerprints matches="x11.vendor" protocol="x11">
3
3
  <!--
4
4
  During X11 connection setup as specified in the X11 protocol
@@ -7,12 +7,14 @@
7
7
  This success response contains a vendor field which can be used to
8
8
  fingerprint systems with the following fingerprints.
9
9
  -->
10
+
10
11
  <fingerprint pattern="^AT&amp;T Laboratories Cambridge$">
11
12
  <description>AT&amp;T Laboratories Cambridge</description>
12
13
  <example>AT&amp;T Laboratories Cambridge</example>
13
14
  <param pos="0" name="service.vendor" value="AT&amp;T Laboratories Cambridge"/>
14
15
  <param pos="0" name="service.product" value="Xvnc"/>
15
16
  </fingerprint>
17
+
16
18
  <fingerprint pattern="^CentOS$">
17
19
  <description>CentOS</description>
18
20
  <example>CentOS</example>
@@ -24,6 +26,7 @@
24
26
  <param pos="0" name="os.family" value="Linux"/>
25
27
  <param pos="0" name="os.cpe23" value="cpe:/o:centos:centos:-"/>
26
28
  </fingerprint>
29
+
27
30
  <fingerprint pattern="^Colin Harrison$">
28
31
  <description>Colin Harrison</description>
29
32
  <example>Colin Harrison</example>
@@ -34,16 +37,18 @@
34
37
  <param pos="0" name="os.family" value="Windows"/>
35
38
  <param pos="0" name="os.cpe23" value="cpe:/o:microsoft:windows:-"/>
36
39
  </fingerprint>
40
+
37
41
  <fingerprint pattern="^DECWINDOWS DigitalEquipmentCorporation, eXcursion$">
38
42
  <description>DECWINDOWS DigitalEquipmentCorporation, eXcursion</description>
39
43
  <example>DECWINDOWS DigitalEquipmentCorporation, eXcursion</example>
40
44
  <param pos="0" name="os.vendor" value="Microsoft"/>
41
45
  <param pos="0" name="service.vendor" value="DEC"/>
42
- <param pos="0" name="service.product" value="DEC eXcursion X server"/>
46
+ <param pos="0" name="service.product" value="DEC eXcursion X Server"/>
43
47
  <param pos="0" name="os.product" value="Windows"/>
44
48
  <param pos="0" name="os.family" value="Windows"/>
45
49
  <param pos="0" name="os.cpe23" value="cpe:/o:microsoft:windows:-"/>
46
50
  </fingerprint>
51
+
47
52
  <fingerprint pattern="^DECWINDOWS Hewlett-Packard Development Company OpenVMS$">
48
53
  <description>DECWINDOWS Hewlett-Packard Development Company OpenVMS</description>
49
54
  <example>DECWINDOWS Hewlett-Packard Development Company OpenVMS</example>
@@ -53,6 +58,7 @@
53
58
  <param pos="0" name="os.product" value="OpenVMS"/>
54
59
  <param pos="0" name="os.family" value="OpenVMS"/>
55
60
  </fingerprint>
61
+
56
62
  <fingerprint pattern="^Fedora Project$">
57
63
  <description>Fedora Project</description>
58
64
  <example>Fedora Project</example>
@@ -64,6 +70,7 @@
64
70
  <param pos="0" name="os.family" value="Linux"/>
65
71
  <param pos="0" name="os.cpe23" value="cpe:/o:redhat:fedora_core:-"/>
66
72
  </fingerprint>
73
+
67
74
  <fingerprint pattern="^freedesktop\.org$">
68
75
  <description>freedesktop.org</description>
69
76
  <example>freedesktop.org</example>
@@ -75,6 +82,7 @@
75
82
  <param pos="0" name="os.family" value="Linux"/>
76
83
  <param pos="0" name="os.cpe23" value="cpe:/o:linux:linux_kernel:-"/>
77
84
  </fingerprint>
85
+
78
86
  <fingerprint pattern="^HC-Consult$">
79
87
  <description>HC-Consult</description>
80
88
  <example>HC-Consult</example>
@@ -85,6 +93,7 @@
85
93
  <param pos="0" name="os.family" value="Windows"/>
86
94
  <param pos="0" name="os.cpe23" value="cpe:/o:microsoft:windows:-"/>
87
95
  </fingerprint>
96
+
88
97
  <fingerprint pattern="^Hummingbird Communications Ltd\.$|^Hummingbird Ltd\.$">
89
98
  <description>Hummingbird Communications Ltd.</description>
90
99
  <example>Hummingbird Communications Ltd.</example>
@@ -96,16 +105,18 @@
96
105
  <param pos="0" name="os.family" value="Windows"/>
97
106
  <param pos="0" name="os.cpe23" value="cpe:/o:microsoft:windows:-"/>
98
107
  </fingerprint>
108
+
99
109
  <fingerprint pattern="^Labtam Inc$">
100
110
  <description>Labtam Inc</description>
101
111
  <example>Labtam Inc</example>
102
112
  <param pos="0" name="os.vendor" value="Microsoft"/>
103
- <param pos="0" name="service.vendor" value="Labtam Inc."/>
113
+ <param pos="0" name="service.vendor" value="Labtam"/>
104
114
  <param pos="0" name="service.product" value="XSecurePro"/>
105
115
  <param pos="0" name="os.product" value="Windows"/>
106
116
  <param pos="0" name="os.family" value="Windows"/>
107
117
  <param pos="0" name="os.cpe23" value="cpe:/o:microsoft:windows:-"/>
108
118
  </fingerprint>
119
+
109
120
  <fingerprint pattern="^Moba\/X$">
110
121
  <description>Moba/X</description>
111
122
  <example>Moba/X</example>
@@ -117,6 +128,7 @@
117
128
  <param pos="0" name="os.family" value="Windows"/>
118
129
  <param pos="0" name="os.cpe23" value="cpe:/o:microsoft:windows:-"/>
119
130
  </fingerprint>
131
+
120
132
  <fingerprint pattern="^MobaXterm$">
121
133
  <description>MobaXterm</description>
122
134
  <example>MobaXterm</example>
@@ -128,6 +140,7 @@
128
140
  <param pos="0" name="os.family" value="Windows"/>
129
141
  <param pos="0" name="os.cpe23" value="cpe:/o:microsoft:windows:-"/>
130
142
  </fingerprint>
143
+
131
144
  <fingerprint pattern="^NetSarang Computer, Inc\.$">
132
145
  <description>NetSarang Computer, Inc.</description>
133
146
  <example>NetSarang Computer, Inc.</example>
@@ -138,6 +151,7 @@
138
151
  <param pos="0" name="os.family" value="Windows"/>
139
152
  <param pos="0" name="os.cpe23" value="cpe:/o:microsoft:windows:-"/>
140
153
  </fingerprint>
154
+
141
155
  <fingerprint pattern="^Open Text$">
142
156
  <description>Open Text</description>
143
157
  <example>Open Text</example>
@@ -148,6 +162,7 @@
148
162
  <param pos="0" name="os.family" value="Windows"/>
149
163
  <param pos="0" name="os.cpe23" value="cpe:/o:microsoft:windows:-"/>
150
164
  </fingerprint>
165
+
151
166
  <fingerprint pattern="^Red Hat, Inc\.$">
152
167
  <description>Red Hat, Inc.</description>
153
168
  <example>Red Hat, Inc.</example>
@@ -159,6 +174,7 @@
159
174
  <param pos="0" name="os.family" value="Linux"/>
160
175
  <param pos="0" name="os.cpe23" value="cpe:/o:redhat:linux:-"/>
161
176
  </fingerprint>
177
+
162
178
  <fingerprint pattern="^Santa Cruz Operation Inc\.$">
163
179
  <description>Santa Cruz Operation Inc.</description>
164
180
  <example>Santa Cruz Operation Inc.</example>
@@ -168,6 +184,7 @@
168
184
  <param pos="0" name="os.product" value="SCO UNIX"/>
169
185
  <param pos="0" name="os.family" value="SCO UNIX"/>
170
186
  </fingerprint>
187
+
171
188
  <fingerprint pattern="^StarNet Communications Corp\.$">
172
189
  <description>StarNet Communications Corp.</description>
173
190
  <example>StarNet Communications Corp.</example>
@@ -178,6 +195,7 @@
178
195
  <param pos="0" name="os.family" value="Windows"/>
179
196
  <param pos="0" name="os.cpe23" value="cpe:/o:microsoft:windows:-"/>
180
197
  </fingerprint>
198
+
181
199
  <fingerprint pattern="^Sun Microsystems, Inc\.$">
182
200
  <description>Sun Microsystems, Inc.</description>
183
201
  <example>Sun Microsystems, Inc.</example>
@@ -188,6 +206,7 @@
188
206
  <param pos="0" name="os.family" value="Solaris"/>
189
207
  <param pos="0" name="os.cpe23" value="cpe:/o:sun:solaris:-"/>
190
208
  </fingerprint>
209
+
191
210
  <fingerprint pattern="^The Cygwin\/X Project$">
192
211
  <description>The Cygwin/X Project</description>
193
212
  <example>The Cygwin/X Project</example>
@@ -199,6 +218,7 @@
199
218
  <param pos="0" name="os.family" value="Windows"/>
200
219
  <param pos="0" name="os.cpe23" value="cpe:/o:microsoft:windows:-"/>
201
220
  </fingerprint>
221
+
202
222
  <fingerprint pattern="^The X\.Org Foundation$">
203
223
  <description>The X.Org Foundation</description>
204
224
  <example>The X.Org Foundation</example>
@@ -209,6 +229,7 @@
209
229
  <param pos="0" name="os.product" value="UNIX"/>
210
230
  <param pos="0" name="os.family" value="UNIX"/>
211
231
  </fingerprint>
232
+
212
233
  <fingerprint pattern="^The XFree86 Project, Inc$">
213
234
  <description>The XFree86 Project, Inc</description>
214
235
  <example>The XFree86 Project, Inc</example>
@@ -219,6 +240,7 @@
219
240
  <param pos="0" name="os.product" value="UNIX"/>
220
241
  <param pos="0" name="os.family" value="UNIX"/>
221
242
  </fingerprint>
243
+
222
244
  <fingerprint pattern="^WRQ, Inc\.$">
223
245
  <description>WRQ, Inc.</description>
224
246
  <example>WRQ, Inc.</example>
@@ -229,4 +251,5 @@
229
251
  <param pos="0" name="os.family" value="Windows"/>
230
252
  <param pos="0" name="os.cpe23" value="cpe:/o:microsoft:windows:-"/>
231
253
  </fingerprint>
232
- </fingerprints>
254
+
255
+ </fingerprints>
@@ -1,15 +1,26 @@
1
- <?xml version="1.0" encoding="UTF-8"?>
1
+ <?xml version='1.0' encoding='UTF-8'?>
2
2
  <fingerprints matches="x509.issuer" protocol="x509">
3
3
  <!--
4
4
  This fingerprint set matches the Issuer field of x509 certificates. These x509
5
5
  certificates may be sourced from any SSL or TLS service. If a particular system
6
6
  has identical subject and issuer fields, the subject field should be preferred.
7
-
8
7
  The format of the Issuer field is built from the x509 distinguished names using
9
8
  a specific order. Please see the comments in x509_subjects.xml for details.
10
-
11
9
  -->
10
+
12
11
  <!-- Chromecast and various devices that support the Cast protocol -->
12
+
13
+ <fingerprint pattern="^CN=Eureka Gen1 ICA,OU=Google TV,O=Google Inc,L=Mountain View,ST=California,C=US$">
14
+ <description>Google Chromecast Gen 1</description>
15
+ <example>CN=Eureka Gen1 ICA,OU=Google TV,O=Google Inc,L=Mountain View,ST=California,C=US</example>
16
+ <param pos="0" name="os.vendor" value="Google"/>
17
+ <param pos="0" name="os.product" value="ChromeOS"/>
18
+ <param pos="0" name="hw.device" value="Media Server"/>
19
+ <param pos="0" name="hw.vendor" value="Google"/>
20
+ <param pos="0" name="hw.product" value="Chromecast"/>
21
+ <param pos="0" name="chromecast.generation" value="1"/>
22
+ </fingerprint>
23
+
13
24
  <fingerprint pattern="^CN=Chromecast ICA (\d+)\s*\(?([^,\)]*)\)?,OU=Cast,O=Google Inc,L=Mountain View,ST=California,C=US$">
14
25
  <description>Google Chromecast</description>
15
26
  <example chromecast.generation="3">CN=Chromecast ICA 3,OU=Cast,O=Google Inc,L=Mountain View,ST=California,C=US</example>
@@ -28,60 +39,67 @@
28
39
  <param pos="1" name="chromecast.generation"/>
29
40
  <param pos="2" name="chromecast.capabilities"/>
30
41
  </fingerprint>
42
+
31
43
  <fingerprint pattern="^CN=Asus fugu Cast ICA,OU=Widevine,O=Google Inc,L=Kirkland,ST=Washington,C=US$">
32
44
  <description>ASUS Nexus Player (Android) with Google Cast</description>
33
45
  <example>CN=Asus fugu Cast ICA,OU=Widevine,O=Google Inc,L=Kirkland,ST=Washington,C=US</example>
34
46
  <param pos="0" name="os.vendor" value="Google"/>
35
- <param pos="0" name="os.cpe23" value="cpe:/o:google:android:-"/>
36
47
  <param pos="0" name="os.family" value="Linux"/>
37
48
  <param pos="0" name="os.product" value="Android"/>
49
+ <param pos="0" name="os.cpe23" value="cpe:/o:google:android:-"/>
38
50
  <param pos="0" name="hw.device" value="Media Server"/>
39
51
  <param pos="0" name="hw.vendor" value="ASUS"/>
40
52
  <param pos="0" name="hw.product" value="Nexus Player"/>
41
53
  </fingerprint>
54
+
42
55
  <fingerprint pattern="^CN=Sony amai Cast ICA,OU=Widevine,O=Google Inc,L=Kirkland,ST=Washington,C=US$">
43
56
  <description>Sony SmartTV (Android) with Google Cast</description>
44
57
  <example>CN=Sony amai Cast ICA,OU=Widevine,O=Google Inc,L=Kirkland,ST=Washington,C=US</example>
45
58
  <param pos="0" name="os.vendor" value="Google"/>
46
- <param pos="0" name="os.cpe23" value="cpe:/o:google:android:-"/>
47
59
  <param pos="0" name="os.family" value="Linux"/>
48
60
  <param pos="0" name="os.product" value="Android"/>
61
+ <param pos="0" name="os.cpe23" value="cpe:/o:google:android:-"/>
49
62
  <param pos="0" name="hw.device" value="Smart TV"/>
50
63
  <param pos="0" name="hw.vendor" value="Sony"/>
51
64
  </fingerprint>
65
+
52
66
  <fingerprint pattern="^CN=Cast TV ICA \(Vizio\),OU=Cast,O=Google Inc,L=Mountain View,ST=California,C=US$">
53
67
  <description>Vizio SmartTV (Android) with Google Cast</description>
54
68
  <example>CN=Cast TV ICA (Vizio),OU=Cast,O=Google Inc,L=Mountain View,ST=California,C=US</example>
55
69
  <param pos="0" name="os.vendor" value="Google"/>
56
- <param pos="0" name="os.cpe23" value="cpe:/o:google:android:-"/>
57
70
  <param pos="0" name="os.family" value="Linux"/>
58
71
  <param pos="0" name="os.product" value="Android"/>
72
+ <param pos="0" name="os.cpe23" value="cpe:/o:google:android:-"/>
59
73
  <param pos="0" name="hw.device" value="Smart TV"/>
60
74
  <param pos="0" name="hw.vendor" value="Vizio"/>
61
75
  </fingerprint>
76
+
62
77
  <fingerprint pattern="^CN=NVidia Shield Cast ICA,OU=Widevine,O=Google Inc,L=Kirkland,ST=Washington,C=US$">
63
78
  <description>NVIDIA SHIELD (Android) with Google Cast</description>
64
79
  <example>CN=NVidia Shield Cast ICA,OU=Widevine,O=Google Inc,L=Kirkland,ST=Washington,C=US</example>
65
80
  <param pos="0" name="os.vendor" value="Google"/>
66
- <param pos="0" name="os.cpe23" value="cpe:/o:google:android:-"/>
67
81
  <param pos="0" name="os.family" value="Linux"/>
68
82
  <param pos="0" name="os.product" value="Android"/>
83
+ <param pos="0" name="os.cpe23" value="cpe:/o:google:android:-"/>
69
84
  <param pos="0" name="hw.device" value="Tablet"/>
70
85
  <param pos="0" name="hw.vendor" value="NVIDIA"/>
71
86
  <param pos="0" name="hw.product" value="SHIELD"/>
72
87
  </fingerprint>
88
+
73
89
  <fingerprint pattern="^CN=NVidia Darcy NVidia Tegra K1-Denver Cast ICA,OU=Widevine,O=Google Inc,L=Kirkland,ST=Washington,C=US$">
74
90
  <description>NVIDIA SHIELD (Android) with Google Cast (Darcy)</description>
75
91
  <example>CN=NVidia Darcy NVidia Tegra K1-Denver Cast ICA,OU=Widevine,O=Google Inc,L=Kirkland,ST=Washington,C=US</example>
76
92
  <param pos="0" name="os.vendor" value="Google"/>
77
- <param pos="0" name="os.cpe23" value="cpe:/o:google:android:-"/>
78
93
  <param pos="0" name="os.family" value="Linux"/>
79
94
  <param pos="0" name="os.product" value="Android"/>
95
+ <param pos="0" name="os.cpe23" value="cpe:/o:google:android:-"/>
80
96
  <param pos="0" name="hw.device" value="Tablet"/>
81
97
  <param pos="0" name="hw.vendor" value="NVIDIA"/>
82
98
  <param pos="0" name="hw.product" value="SHIELD"/>
83
99
  </fingerprint>
100
+
84
101
  <!-- End of Chromecast -->
102
+
85
103
  <fingerprint pattern="^CN=Yealink Equipment Issuing CA,OU=yealink\.com,O=Yealink Network Technology Co\.\\,Ltd.,L=Xiamen,ST=Fujian,C=CN$">
86
104
  <description>Yealink VoIP Phone</description>
87
105
  <example>CN=Yealink Equipment Issuing CA,OU=yealink.com,O=Yealink Network Technology Co.\,Ltd.,L=Xiamen,ST=Fujian,C=CN</example>
@@ -91,12 +109,14 @@
91
109
  <param pos="0" name="hw.device" value="VoIP"/>
92
110
  <param pos="0" name="hw.vendor" value="Yealink"/>
93
111
  </fingerprint>
112
+
94
113
  <fingerprint pattern="^CN=[a-zA-Z0-9]+,OU=Internally Generated Certificate,O=American Power Conversion Corp,L=Default Locality,ST=Default State,C=US$">
95
114
  <description>APC UPS</description>
96
115
  <example>CN=ZA1117619249,OU=Internally Generated Certificate,O=American Power Conversion Corp,L=Default Locality,ST=Default State,C=US</example>
97
116
  <param pos="0" name="hw.device" value="Power device"/>
98
117
  <param pos="0" name="hw.vendor" value="APC"/>
99
118
  </fingerprint>
119
+
100
120
  <fingerprint pattern="^CN=Temporary CA [a-fA-F0-9]{8}\-[a-fA-F0-9]{4}\-[a-fA-F0-9]{4}\-[a-fA-F0-9]{4}\-[a-fA-F0-9]{12},OU=Temporary CA">
101
121
  <description>Cisco Video Communication Server</description>
102
122
  <example>CN=Temporary CA 218131fe-8af4-11e7-aa6e-9950d6bbaf74,OU=Temporary CA 218131fe-8af4-11e7-aa6e-9950d6bbaf74,O=Temporary CA 218131fe-8af4-11e7-aa6e-9950d6bbaf74</example>
@@ -104,31 +124,35 @@
104
124
  <param pos="0" name="hw.vendor" value="Cisco"/>
105
125
  <param pos="0" name="hw.product" value="TelePresence"/>
106
126
  </fingerprint>
127
+
107
128
  <fingerprint pattern="^O=VMware Installer$">
108
129
  <description>VMWare ESXi w/Installer</description>
109
130
  <example>O=VMware Installer</example>
110
- <param pos="0" name="os.vendor" value="VMWare"/>
111
- <param pos="0" name="os.cpe23" value="cpe:/o:vmware:esxi:-"/>
131
+ <param pos="0" name="os.vendor" value="VMware"/>
112
132
  <param pos="0" name="os.product" value="ESXi"/>
113
133
  <param pos="0" name="os.device" value="Hypervisor"/>
134
+ <param pos="0" name="os.cpe23" value="cpe:/o:vmware:esxi:-"/>
114
135
  </fingerprint>
136
+
115
137
  <fingerprint pattern="^CN=CA,OU=VMware Engineering,O=vCenter,ST=California,C=US$">
116
138
  <description>VMWare vCenter</description>
117
139
  <example>CN=CA,OU=VMware Engineering,O=vCenter,ST=California,C=US</example>
118
- <param pos="0" name="service.vendor" value="VMWare"/>
140
+ <param pos="0" name="service.vendor" value="VMware"/>
119
141
  <param pos="0" name="service.product" value="vCenter"/>
120
142
  </fingerprint>
143
+
121
144
  <fingerprint pattern="^CN=Default Issuer \(Do not trust\),OU=ISS,O=Hewlett Packard Enterprise,L=Houston,ST=Texas,C=US$">
122
145
  <description>HP iLO</description>
123
146
  <example>CN=Default Issuer (Do not trust),OU=ISS,O=Hewlett Packard Enterprise,L=Houston,ST=Texas,C=US</example>
124
147
  <param pos="0" name="hw.device" value="Lights Out Management"/>
125
148
  <param pos="0" name="hw.vendor" value="HP"/>
126
149
  <param pos="0" name="hw.family" value="iLO"/>
127
- <param pos="0" name="hw.cpe23" value="cpe:/h:hp:integrated_lights_out:-"/>
128
150
  <param pos="0" name="hw.product" value="iLO"/>
151
+ <param pos="0" name="hw.cpe23" value="cpe:/h:hp:integrated_lights_out:-"/>
129
152
  <param pos="0" name="os.device" value="Lights Out Management"/>
130
153
  <param pos="0" name="os.vendor" value="HP"/>
131
154
  <param pos="0" name="os.family" value="iLO"/>
132
155
  <param pos="0" name="os.product" value="iLO"/>
133
156
  </fingerprint>
134
- </fingerprints>
157
+
158
+ </fingerprints>
@@ -1,16 +1,13 @@
1
- <?xml version="1.0" encoding="UTF-8"?>
1
+ <?xml version='1.0' encoding='UTF-8'?>
2
2
  <fingerprints matches="x509.subject" protocol="x509">
3
3
  <!--
4
4
  This fingerprint set matches the Subject field of x509 certificates. These x509
5
5
  certificates may be sourced from any SSL or TLS service. If a particular system
6
6
  has identical subject and issuer fields, the subject field should be preferred.
7
-
8
7
  The format of the Subject field is built from the x509 distinguished names using
9
8
  a specific order. This order matches the Go implementation at the URL:
10
9
  https://golang.org/src/crypto/x509/pkix/pkix.go#203
11
-
12
10
  The ToRDNSequence() function builds the string in reverse order:
13
-
14
11
  func (n Name) ToRDNSequence() (ret RDNSequence) {
15
12
  ret = n.appendRDNs(ret, n.Country, oidCountry)
16
13
  ret = n.appendRDNs(ret, n.Province, oidProvince)
@@ -28,13 +25,10 @@
28
25
  for _, atv := range n.ExtraNames {
29
26
  ret = append(ret, []AttributeTypeAndValue{atv})
30
27
  }
31
-
32
28
  return ret
33
29
  }
34
-
35
30
  All names are separated by commas and any commas inside a name are escaped with a
36
31
  single backslash character. See RFC 2253 for additional details on formatting.
37
-
38
32
  Practically, most Subjects start with the Common Name (CN=) and then step through
39
33
  Organization Unit (OU), Organization (O), and then some level of location, but
40
34
  typically Locality (L) and Country (C). Names are guaranteed to be listed in
@@ -42,10 +36,9 @@
42
36
  Subjects may start with a Serial Number (SERIALNUMBER=) or even Extra Names, but
43
37
  these are somewhat rare. Keep this name order in mind when working on these
44
38
  fingerprints.
45
-
46
39
  The same constraints also apply to the x509 Issuers (x509_issuers.xml).
47
-
48
40
  -->
41
+
49
42
  <fingerprint pattern="^CN=([0-9a-fA-F]{2}:[0-9a-fA-F]{2}:[0-9a-fA-F]{2}:[0-9a-fA-F]{2}:[0-9a-fA-F]{2}:[0-9a-fA-F]{2}),OU=([^,]+),O=Araknis Networks \(TM\),L=Charlotte,C=US$">
50
43
  <description>Araknis Networks Router</description>
51
44
  <example host.mac="d4:6a:91:7a:a3:c4" hw.product="AN-300-RT-4L2W">CN=d4:6a:91:7a:a3:c4,OU=AN-300-RT-4L2W,O=Araknis Networks (TM),L=Charlotte,C=US</example>
@@ -54,23 +47,26 @@
54
47
  <param pos="2" name="hw.product"/>
55
48
  <param pos="1" name="host.mac"/>
56
49
  </fingerprint>
50
+
57
51
  <fingerprint pattern="^CN=([a-fA-F0-9:]+),OU=([^,]+),O=Cisco-Linksys\\, LLC">
58
52
  <description>Cisco / Linksys Router</description>
59
53
  <example host.mac="00:22:6b:ef:1e:d0" hw.product="RV042">CN=00:22:6b:ef:1e:d0,OU=RV042,O=Cisco-Linksys\, LLC,L=Irvine,C=US</example>
60
- <param pos="0" name="hw.device" value="Broadband Router"/>
54
+ <param pos="0" name="hw.device" value="Broadband router"/>
61
55
  <param pos="0" name="hw.vendor" value="Cisco"/>
62
56
  <param pos="2" name="hw.product"/>
63
57
  <param pos="1" name="host.mac"/>
64
58
  </fingerprint>
59
+
65
60
  <fingerprint pattern="^CN=([a-fA-F0-9\:]+),OU=([^,]+),O=Cisco Systems\\, Inc\.">
66
61
  <description>Cisco Post-Linksys Router</description>
67
62
  <example host.mac="74:a2:e6:5c:99:21" hw.product="RV042G">CN=74:a2:e6:5c:99:21,OU=RV042G,O=Cisco Systems\, Inc.,L=Irvine,C=US</example>
68
63
  <example host.mac="4C4E315901D0" hw.product="RV180">CN=4C4E315901D0,OU=RV180,O=Cisco Systems\, Inc.,C=US</example>
69
- <param pos="0" name="hw.device" value="Broadband Router"/>
64
+ <param pos="0" name="hw.device" value="Broadband router"/>
70
65
  <param pos="0" name="hw.vendor" value="Cisco"/>
71
66
  <param pos="2" name="hw.product"/>
72
67
  <param pos="1" name="host.mac"/>
73
68
  </fingerprint>
69
+
74
70
  <fingerprint pattern="^SERIALNUMBER=PID:([^ ]+) SN:([^,]+),CN=(?:[a-zA-Z0-9\-]+)-SEP([a-fA-F0-9]{12}),OU=[CV]TG,O=Cisco Systems Inc\.$">
75
71
  <description>Cisco IP phone with serial number</description>
76
72
  <example host.mac="B07D47D33A1C" hw.product="CP-8851" cisco.serial_number="FCH1924AHCA">SERIALNUMBER=PID:CP-8851 SN:FCH1924AHCA,CN=CP-8851-SEPB07D47D33A1C,OU=CTG,O=Cisco Systems Inc.</example>
@@ -81,6 +77,15 @@
81
77
  <param pos="2" name="cisco.serial_number"/>
82
78
  <param pos="3" name="host.mac"/>
83
79
  </fingerprint>
80
+
81
+ <fingerprint pattern="^CN=SEP([a-fA-F0-9]{12}),O=TemporaryDefaultCertificate$">
82
+ <description>Cisco IP Phone without serial number</description>
83
+ <example host.mac="1C6A7AE57121">CN=SEP1C6A7AE57121,O=TemporaryDefaultCertificate</example>
84
+ <param pos="0" name="hw.device" value="VoIP"/>
85
+ <param pos="0" name="hw.vendor" value="Cisco"/>
86
+ <param pos="1" name="host.mac"/>
87
+ </fingerprint>
88
+
84
89
  <fingerprint pattern="^CN=Cambium WLAN AP,OU=Products,O=Cambium Networks Inc,L=San Jose,ST=CA,C=US$">
85
90
  <description>Cambium Networks WAP</description>
86
91
  <example>CN=Cambium WLAN AP,OU=Products,O=Cambium Networks Inc,L=San Jose,ST=CA,C=US</example>
@@ -88,6 +93,7 @@
88
93
  <param pos="0" name="hw.vendor" value="Cambium Networks"/>
89
94
  <param pos="0" name="hw.product" value="WLAN AP"/>
90
95
  </fingerprint>
96
+
91
97
  <fingerprint pattern="^CN=([^,]+),OU=Products,O=Cambium Networks Inc,L=San Jose,ST=CA,C=US$">
92
98
  <description>Cambium Networks Router</description>
93
99
  <example hw.product="R190V">CN=R190V,OU=Products,O=Cambium Networks Inc,L=San Jose,ST=CA,C=US</example>
@@ -96,12 +102,14 @@
96
102
  <param pos="0" name="hw.vendor" value="Cambium Networks"/>
97
103
  <param pos="1" name="hw.product"/>
98
104
  </fingerprint>
105
+
99
106
  <fingerprint pattern="^CN=Nepenthes Development Team,OU=anv,O=dionaea\.carnivore\.it,C=DE$">
100
107
  <description>Nepenthes honeypot</description>
101
108
  <example>CN=Nepenthes Development Team,OU=anv,O=dionaea.carnivore.it,C=DE</example>
102
109
  <param pos="0" name="service.family" value="Nepenthes"/>
103
110
  <param pos="0" name="service.product" value="Nepenthes"/>
104
111
  </fingerprint>
112
+
105
113
  <fingerprint pattern="^CN=IPMI,OU=Software,O=Super Micro Computer,ST=California,C=US$">
106
114
  <description>Super Micro IPMI Controller</description>
107
115
  <example>CN=IPMI,OU=Software,O=Super Micro Computer,ST=California,C=US</example>
@@ -111,6 +119,7 @@
111
119
  <param pos="0" name="os.vendor" value="Super Micro"/>
112
120
  <param pos="0" name="os.product" value="ATEN Linux"/>
113
121
  </fingerprint>
122
+
114
123
  <fingerprint pattern="^CN=iDRACdefault([a-fA-F0-9]{12}),OU=iDRAC Group,O=Dell Inc.,L=Round Rock,C=US$">
115
124
  <description>Dell iDRAC Remote Access Controller w/MAC</description>
116
125
  <example host.mac="0023AEF89AD1">CN=iDRACdefault0023AEF89AD1,OU=iDRAC Group,O=Dell Inc.,L=Round Rock,C=US</example>
@@ -121,6 +130,7 @@
121
130
  <param pos="0" name="os.product" value="iDRAC Linux"/>
122
131
  <param pos="1" name="host.mac"/>
123
132
  </fingerprint>
133
+
124
134
  <fingerprint pattern="^CN=idrac-([A-Z0-9]{7}),OU=Remote Access Group,O=Dell Inc\.,L=Round Rock,ST=Texas,C=US$">
125
135
  <description>Dell iDRAC Remote Access Controller w/Service Tag</description>
126
136
  <example dell.service_tag="JXJJC02">CN=idrac-JXJJC02,OU=Remote Access Group,O=Dell Inc.,L=Round Rock,ST=Texas,C=US</example>
@@ -132,6 +142,7 @@
132
142
  <param pos="0" name="os.product" value="iDRAC Linux"/>
133
143
  <param pos="1" name="dell.service_tag"/>
134
144
  </fingerprint>
145
+
135
146
  <fingerprint pattern="^CN=idrac.*,OU=Remote Access Group,O=Dell Inc\.,L=Round Rock,ST=Texas,C=US$">
136
147
  <description>Dell iDRAC Remote Access Controller w/o Service Tag</description>
137
148
  <example>CN=idrac-SVCTAG,OU=Remote Access Group,O=Dell Inc.,L=Round Rock,ST=Texas,C=US</example>
@@ -144,17 +155,19 @@
144
155
  <param pos="0" name="os.vendor" value="Dell"/>
145
156
  <param pos="0" name="os.product" value="iDRAC Linux"/>
146
157
  </fingerprint>
158
+
147
159
  <fingerprint pattern="^CN=(i?DRAC\d+) default certificate,OU=Remote Access Group,O=Dell Inc\.,L=Round Rock,ST=Texas,C=US$">
148
160
  <description>Dell iDRAC Remote Access Controller w/Version</description>
149
- <example>CN=iDRAC7 default certificate,OU=Remote Access Group,O=Dell Inc.,L=Round Rock,ST=Texas,C=US</example>
150
- <example>CN=iDRAC6 default certificate,OU=Remote Access Group,O=Dell Inc.,L=Round Rock,ST=Texas,C=US</example>
151
- <example>CN=DRAC5 default certificate,OU=Remote Access Group,O=Dell Inc.,L=Round Rock,ST=Texas,C=US</example>
161
+ <example hw.product="iDRAC7">CN=iDRAC7 default certificate,OU=Remote Access Group,O=Dell Inc.,L=Round Rock,ST=Texas,C=US</example>
162
+ <example hw.product="iDRAC6">CN=iDRAC6 default certificate,OU=Remote Access Group,O=Dell Inc.,L=Round Rock,ST=Texas,C=US</example>
163
+ <example hw.product="DRAC5">CN=DRAC5 default certificate,OU=Remote Access Group,O=Dell Inc.,L=Round Rock,ST=Texas,C=US</example>
152
164
  <param pos="0" name="hw.device" value="Lights Out Management"/>
153
165
  <param pos="0" name="hw.vendor" value="Dell"/>
154
166
  <param pos="1" name="hw.product"/>
155
167
  <param pos="0" name="os.vendor" value="Dell"/>
156
168
  <param pos="0" name="os.product" value="iDRAC Linux"/>
157
169
  </fingerprint>
170
+
158
171
  <fingerprint pattern="^CN=iDRAC default certificate,OU=Server Firmware Group,O=Dell Inc\.,L=Round Rock,ST=Texas,C=US$">
159
172
  <description>Dell iDRAC Remote Access Controller Default Certificate</description>
160
173
  <example>CN=iDRAC default certificate,OU=Server Firmware Group,O=Dell Inc.,L=Round Rock,ST=Texas,C=US</example>
@@ -164,6 +177,7 @@
164
177
  <param pos="0" name="os.vendor" value="Dell"/>
165
178
  <param pos="0" name="os.product" value="iDRAC Linux"/>
166
179
  </fingerprint>
180
+
167
181
  <fingerprint pattern="^CN=XCC-([a-zA-Z0-9]+)-([a-zA-Z0-9]+),O=System X,L=RTP,ST=NC,C=US$">
168
182
  <description>Lenovo XCC</description>
169
183
  <example lenovo.machine_type="7X06" lenovo.machine_model="J1005NEX">CN=XCC-7X06-J1005NEX,O=System X,L=RTP,ST=NC,C=US</example>
@@ -176,33 +190,36 @@
176
190
  <param pos="1" name="lenovo.machine_type"/>
177
191
  <param pos="2" name="lenovo.machine_model"/>
178
192
  </fingerprint>
193
+
179
194
  <fingerprint pattern="^CN=([A-Za-z0-9\_\-\.]+),OU=ISS,O=Hewlett-Packard Company,L=Houston,ST=Texas,C=US$">
180
195
  <description>HP iLO</description>
181
196
  <example>CN=SERVER-1231,OU=ISS,O=Hewlett-Packard Company,L=Houston,ST=Texas,C=US</example>
182
197
  <param pos="0" name="hw.device" value="Lights Out Management"/>
183
198
  <param pos="0" name="hw.vendor" value="HP"/>
184
199
  <param pos="0" name="hw.family" value="iLO"/>
185
- <param pos="0" name="hw.cpe23" value="cpe:/h:hp:integrated_lights_out:-"/>
186
200
  <param pos="0" name="hw.product" value="iLO"/>
201
+ <param pos="0" name="hw.cpe23" value="cpe:/h:hp:integrated_lights_out:-"/>
187
202
  <param pos="0" name="os.device" value="Lights Out Management"/>
188
203
  <param pos="0" name="os.vendor" value="HP"/>
189
204
  <param pos="0" name="os.family" value="iLO"/>
190
205
  <param pos="0" name="os.product" value="iLO"/>
191
206
  <param pos="1" name="host.name"/>
192
207
  </fingerprint>
208
+
193
209
  <fingerprint pattern="^CN=HP Service Processor,OU=UDU Service Tools,O=Hewlett-Packard Development Company\\, L\.P\.\\ ,L=Fremont,ST=California,C=US$">
194
210
  <description>HP iLO - HP Service Processor</description>
195
211
  <example>CN=HP Service Processor,OU=UDU Service Tools,O=Hewlett-Packard Development Company\, L.P.\ ,L=Fremont,ST=California,C=US</example>
196
212
  <param pos="0" name="hw.device" value="Lights Out Management"/>
197
213
  <param pos="0" name="hw.vendor" value="HP"/>
198
214
  <param pos="0" name="hw.family" value="iLO"/>
199
- <param pos="0" name="hw.cpe23" value="cpe:/h:hp:integrated_lights_out:-"/>
200
215
  <param pos="0" name="hw.product" value="iLO"/>
216
+ <param pos="0" name="hw.cpe23" value="cpe:/h:hp:integrated_lights_out:-"/>
201
217
  <param pos="0" name="os.device" value="Lights Out Management"/>
202
218
  <param pos="0" name="os.vendor" value="HP"/>
203
219
  <param pos="0" name="os.family" value="iLO"/>
204
220
  <param pos="0" name="os.product" value="iLO"/>
205
221
  </fingerprint>
222
+
206
223
  <fingerprint pattern="^CN=OA\-([a-fA-F0-9]+),OU=Onboard Administrator,">
207
224
  <description>HP iLO (Onboard Administrator)</description>
208
225
  <example>CN=OA-001F296E21A3,OU=Onboard Administrator,O=Corp.,L=Location,ST=N/A,C=US</example>
@@ -210,28 +227,30 @@
210
227
  <param pos="0" name="hw.device" value="Lights Out Management"/>
211
228
  <param pos="0" name="hw.vendor" value="HP"/>
212
229
  <param pos="0" name="hw.family" value="iLO"/>
213
- <param pos="0" name="hw.cpe23" value="cpe:/h:hp:integrated_lights_out:-"/>
214
230
  <param pos="0" name="hw.product" value="iLO"/>
231
+ <param pos="0" name="hw.cpe23" value="cpe:/h:hp:integrated_lights_out:-"/>
215
232
  <param pos="0" name="os.device" value="Lights Out Management"/>
216
233
  <param pos="0" name="os.vendor" value="HP"/>
217
234
  <param pos="0" name="os.family" value="iLO"/>
218
235
  <param pos="0" name="os.product" value="iLO"/>
219
236
  <param pos="1" name="host.mac"/>
220
237
  </fingerprint>
238
+
221
239
  <fingerprint pattern="^CN=([A-Za-z0-9\_\-\.]+),OU=Hewlett Packard Enterprise Network Management Software \(SMH\),O=Hewlett Packard Enterprise,L=Houston,ST=Texas,C=US$">
222
240
  <description>HP iLO - Enterprise Mgmt variant</description>
223
241
  <example>CN=bigsrv99,OU=Hewlett Packard Enterprise Network Management Software (SMH),O=Hewlett Packard Enterprise,L=Houston,ST=Texas,C=US</example>
224
242
  <param pos="0" name="hw.device" value="Lights Out Management"/>
225
243
  <param pos="0" name="hw.vendor" value="HP"/>
226
244
  <param pos="0" name="hw.family" value="iLO"/>
227
- <param pos="0" name="hw.cpe23" value="cpe:/h:hp:integrated_lights_out:-"/>
228
245
  <param pos="0" name="hw.product" value="iLO"/>
246
+ <param pos="0" name="hw.cpe23" value="cpe:/h:hp:integrated_lights_out:-"/>
229
247
  <param pos="0" name="os.device" value="Lights Out Management"/>
230
248
  <param pos="0" name="os.vendor" value="HP"/>
231
249
  <param pos="0" name="os.family" value="iLO"/>
232
250
  <param pos="0" name="os.product" value="iLO"/>
233
251
  <param pos="1" name="host.name"/>
234
252
  </fingerprint>
253
+
235
254
  <fingerprint pattern="^CN=Oracle Integrated Lights Out Manager,O=Oracle America\\, Inc\.,L=Redwood Shores,ST=California,C=US$">
236
255
  <description>Oracle iLO</description>
237
256
  <example>CN=Oracle Integrated Lights Out Manager,O=Oracle America\, Inc.,L=Redwood Shores,ST=California,C=US</example>
@@ -244,9 +263,11 @@
244
263
  <param pos="0" name="os.family" value="ILOM"/>
245
264
  <param pos="0" name="os.product" value="ILOM"/>
246
265
  </fingerprint>
247
- <fingerprint pattern="^CN=AMI,OU=Service Processors,O=American Megatrends Inc\.,L=Norcross,ST=Georgia,C=US$">
266
+
267
+ <fingerprint pattern="^CN=AMI,OU=Service Processors,O=American Megatrends Inc">
248
268
  <description>AMI MegaRAC LOM</description>
249
269
  <example>CN=AMI,OU=Service Processors,O=American Megatrends Inc.,L=Norcross,ST=Georgia,C=US</example>
270
+ <example>CN=AMI,OU=Service Processors,O=American Megatrends Inc,L=Atlanta,ST=Georgia,C=US</example>
250
271
  <param pos="0" name="hw.device" value="Lights Out Management"/>
251
272
  <param pos="0" name="hw.vendor" value="AMI"/>
252
273
  <param pos="0" name="hw.family" value="MegaRAC"/>
@@ -256,6 +277,32 @@
256
277
  <param pos="0" name="os.family" value="MegaRAC"/>
257
278
  <param pos="0" name="os.product" value="MegaRAC"/>
258
279
  </fingerprint>
280
+
281
+ <fingerprint pattern="^CN=C-series CIMC,OU=PID:([^ ]+) SERIAL:([^,]+),O=Cisco">
282
+ <description>Cisco Integrated Management Controller</description>
283
+ <example cisco.serial_number="FCH18999AAA" cisco.imc_model="UCSC-C220-M3S">CN=C-series CIMC,OU=PID:UCSC-C220-M3S SERIAL:FCH18999AAA,O=Cisco Self Signed,L=San Jose,ST=California,C=US</example>
284
+ <param pos="0" name="hw.device" value="Lights Out Management"/>
285
+ <param pos="0" name="hw.vendor" value="Cisco"/>
286
+ <param pos="0" name="hw.product" value="IMC"/>
287
+ <param pos="0" name="os.vendor" value="Cisco"/>
288
+ <param pos="0" name="os.family" value="Linux"/>
289
+ <param pos="0" name="os.product" value="IMC"/>
290
+ <param pos="2" name="cisco.serial_number"/>
291
+ <param pos="1" name="cisco.imc_model"/>
292
+ </fingerprint>
293
+
294
+ <fingerprint pattern="^CN=C220-(FCH[^,]+),OU=null,O=Cisco Systems Inc">
295
+ <description>Cisco Integrated Management Controller C220</description>
296
+ <example cisco.serial_number="FCH17999AAA">CN=C220-FCH17999AAA,OU=null,O=Cisco Systems Inc.,L=San Jose,ST=California,C=US</example>
297
+ <param pos="0" name="hw.device" value="Lights Out Management"/>
298
+ <param pos="0" name="hw.vendor" value="Cisco"/>
299
+ <param pos="0" name="hw.product" value="IMC"/>
300
+ <param pos="0" name="os.vendor" value="Cisco"/>
301
+ <param pos="0" name="os.family" value="Linux"/>
302
+ <param pos="0" name="os.product" value="IMC"/>
303
+ <param pos="1" name="cisco.serial_number"/>
304
+ </fingerprint>
305
+
259
306
  <fingerprint pattern="^CN=avocent.com,OU=AESS,O=Avocent,L=Sunrise,ST=FL,C=US$">
260
307
  <description>Avocent KVM</description>
261
308
  <example>CN=avocent.com,OU=AESS,O=Avocent,L=Sunrise,ST=FL,C=US</example>
@@ -264,6 +311,7 @@
264
311
  <param pos="0" name="os.device" value="KVM"/>
265
312
  <param pos="0" name="os.vendor" value="Avocent"/>
266
313
  </fingerprint>
314
+
267
315
  <fingerprint pattern="^CN=Avocent Mergepoint Unity,O=Avocent Mergepoint Unity,L=Huntsville,ST=Alabama,C=US$">
268
316
  <description>Avocent Mergepoint KVM</description>
269
317
  <example>CN=Avocent Mergepoint Unity,O=Avocent Mergepoint Unity,L=Huntsville,ST=Alabama,C=US</example>
@@ -274,6 +322,7 @@
274
322
  <param pos="0" name="os.vendor" value="Avocent"/>
275
323
  <param pos="0" name="os.product" value="Mergepoint"/>
276
324
  </fingerprint>
325
+
277
326
  <fingerprint pattern="^CN=HP Jetdirect [a-zA-Z0-9]+,OU=([a-fA-F0-9]{12})\+OU=([a-zA-Z0-9]+),O=Hewlett-Packard Co\.$">
278
327
  <description>HP Jet Direct - with host MAC and product</description>
279
328
  <example host.mac="2C413883186A" hw.product="J8028E">CN=HP Jetdirect 38831831,OU=2C413883186A+OU=J8028E,O=Hewlett-Packard Co.</example>
@@ -288,6 +337,7 @@
288
337
  <param pos="2" name="hw.product"/>
289
338
  <param pos="2" name="os.product"/>
290
339
  </fingerprint>
340
+
291
341
  <fingerprint pattern="^CN=([a-zA-Z0-9\.\-\_]+),OU=HP-IPG,O=HP,L=Vancouver,ST=Washington,C=US$">
292
342
  <description>HP Jet Direct</description>
293
343
  <example host.name="HPD49F21">CN=HPD49F21,OU=HP-IPG,O=HP,L=Vancouver,ST=Washington,C=US</example>
@@ -299,6 +349,7 @@
299
349
  <param pos="0" name="os.family" value="JetDirect"/>
300
350
  <param pos="1" name="host.name"/>
301
351
  </fingerprint>
352
+
302
353
  <fingerprint pattern="^CN=(?:Sourcefire3D|firepower|ciscoasa),OU=Intrusion Management System,O=(?:Sourcefire\\, Inc.|Cisco Systems\\, Inc),C=US$">
303
354
  <description>Cisco Firepower</description>
304
355
  <example>CN=firepower,OU=Intrusion Management System,O=Cisco Systems\, Inc,C=US</example>
@@ -312,14 +363,55 @@
312
363
  <param pos="0" name="os.product" value="Firepower"/>
313
364
  <param pos="0" name="os.family" value="Linux"/>
314
365
  </fingerprint>
366
+
315
367
  <fingerprint pattern="^CN=ASA Temporary Self Signed Certificate$">
316
- <description>Cisco ASA</description>
368
+ <description>Cisco ASA Temp Cert</description>
317
369
  <example>CN=ASA Temporary Self Signed Certificate</example>
370
+ <param pos="0" name="os.vendor" value="Cisco"/>
371
+ <param pos="0" name="os.family" value="Adaptive Security Appliance"/>
372
+ <param pos="0" name="os.product" value="Adaptive Security Appliance"/>
373
+ <param pos="0" name="os.cpe23" value="cpe:/o:cisco:adaptive_security_appliance:-"/>
374
+ <param pos="0" name="hw.vendor" value="Cisco"/>
375
+ <param pos="0" name="hw.family" value="Adaptive Security Appliance"/>
376
+ <param pos="0" name="hw.product" value="Adaptive Security Appliance"/>
318
377
  <param pos="0" name="hw.device" value="Firewall"/>
319
378
  <param pos="0" name="hw.cpe23" value="cpe:/h:cisco:adaptive_security_appliance:-"/>
379
+ </fingerprint>
380
+
381
+ <fingerprint pattern="^SERIALNUMBER=([a-zA-Z0-9]+),CN=DEVICE-vWLC,O=Cisco Virtual WLC$">
382
+ <description>Cisco vWLC</description>
383
+ <example cisco.serial_number="9C89M2088D1">SERIALNUMBER=9C89M2088D1,CN=DEVICE-vWLC,O=Cisco Virtual WLC</example>
384
+ <param pos="0" name="os.vendor" value="Cisco"/>
385
+ <param pos="0" name="os.device" value="Wireless Controller"/>
386
+ <param pos="0" name="os.product" value="Wireless LAN Controller"/>
387
+ <param pos="0" name="os.cpe23" value="cpe:/o:cisco:wireless_lan_controller:-"/>
388
+ <param pos="1" name="cisco.serial_number"/>
389
+ </fingerprint>
390
+
391
+ <fingerprint pattern="^CN=[a-zA-Z0-9\.\-\_]+,OU=DeviceSSL \(WebAdmin\),O=Cisco Systems Inc\.,C=US$">
392
+ <description>Cisco WLC</description>
393
+ <example>CN=169.254.1.1,OU=DeviceSSL (WebAdmin),O=Cisco Systems Inc.,C=US</example>
394
+ <param pos="0" name="os.vendor" value="Cisco"/>
395
+ <param pos="0" name="os.device" value="Wireless Controller"/>
396
+ <param pos="0" name="os.product" value="Wireless LAN Controller"/>
397
+ <param pos="0" name="os.cpe23" value="cpe:/o:cisco:wireless_lan_controller:-"/>
320
398
  <param pos="0" name="hw.vendor" value="Cisco"/>
321
- <param pos="0" name="hw.product" value="Adaptive Security Appliance"/>
399
+ <param pos="0" name="hw.device" value="Wireless Controller"/>
400
+ <param pos="0" name="hw.product" value="Wireless LAN Controller"/>
401
+ <param pos="0" name="hw.cpe23" value="cpe:/h:cisco:wireless_lan_controller:-"/>
322
402
  </fingerprint>
403
+
404
+ <fingerprint pattern="^CN=pca,OU=Cisco Prime Collaboration Manager,O=Cisco,L=San Jose,ST=California,C=US$">
405
+ <description>Cisco Primary Collaboration Manager</description>
406
+ <example>CN=pca,OU=Cisco Prime Collaboration Manager,O=Cisco,L=San Jose,ST=California,C=US</example>
407
+ <param pos="0" name="os.vendor" value="Cisco"/>
408
+ <param pos="0" name="os.device" value="Network Management Device"/>
409
+ <param pos="0" name="os.product" value="Prime Collaboration Manager"/>
410
+ <param pos="0" name="hw.vendor" value="Cisco"/>
411
+ <param pos="0" name="hw.device" value="Network Management Device"/>
412
+ <param pos="0" name="hw.product" value="Prime Collaboration Manager"/>
413
+ </fingerprint>
414
+
323
415
  <fingerprint pattern="^CN=synology\.com.*,O=Synology Inc\.,L=Taipei.*,C=TW$">
324
416
  <description>Synology NAS</description>
325
417
  <example>CN=synology.com,OU=FTP Team,O=Synology Inc.,L=Taipei,ST=Taiwan,C=TW</example>
@@ -332,6 +424,7 @@
332
424
  <param pos="0" name="os.product" value="DSM"/>
333
425
  <param pos="0" name="os.vendor" value="Synology"/>
334
426
  </fingerprint>
427
+
335
428
  <fingerprint pattern="^CN=(?:\*\.)?([a-zA-Z0-9\.\_\-]+)\.wd2go\.com">
336
429
  <description>Western Digital WD2GO Devices</description>
337
430
  <example wd2go.device_id="device1133796-01b3e3fa">CN=device1133796-01b3e3fa.wd2go.com,OU=Domain Control Validated+OU=Hosted by Western Digital Corporation+OU=COMODO SSL Unified Communications</example>
@@ -344,6 +437,7 @@
344
437
  <param pos="0" name="os.device" value="Storage"/>
345
438
  <param pos="1" name="wd2go.device_id"/>
346
439
  </fingerprint>
440
+
347
441
  <fingerprint pattern="^CN=Seagate Technology LLC,O=Seagate Technology LLC,L=Cupertino,ST=California,C=US$">
348
442
  <description>Seagate NAS</description>
349
443
  <example>CN=Seagate Technology LLC,O=Seagate Technology LLC,L=Cupertino,ST=California,C=US</example>
@@ -352,6 +446,7 @@
352
446
  <param pos="0" name="os.vendor" value="Seagate"/>
353
447
  <param pos="0" name="os.family" value="Linux"/>
354
448
  </fingerprint>
449
+
355
450
  <fingerprint pattern="^CN=[\d\.]+,OU=Q-Series,O=Quantum,ST=CO,C=US$">
356
451
  <description>Seagate Q-Series NAS (previously Quantum)</description>
357
452
  <example>CN=1.1.1.1,OU=Q-Series,O=Quantum,ST=CO,C=US</example>
@@ -360,6 +455,7 @@
360
455
  <param pos="0" name="os.vendor" value="Seagate"/>
361
456
  <param pos="0" name="os.family" value="Linux"/>
362
457
  </fingerprint>
458
+
363
459
  <fingerprint pattern="^CN=QNAP NAS,OU=QTS,O=QNAP Systems\\, Inc\.,L=Taipei,ST=Taipei,C=TW$">
364
460
  <description>QNAP NAS</description>
365
461
  <example>CN=QNAP NAS,OU=QTS,O=QNAP Systems\, Inc.,L=Taipei,ST=Taipei,C=TW</example>
@@ -370,56 +466,77 @@
370
466
  <param pos="0" name="os.vendor" value="QNAP Systems"/>
371
467
  <param pos="0" name="os.device" value="Storage"/>
372
468
  </fingerprint>
469
+
373
470
  <fingerprint pattern="^CN=VMware,OU=VMware,L=Palo Alto,C=US$">
374
471
  <description>VMWare Authentication Daemon</description>
375
472
  <example>CN=VMware,OU=VMware,L=Palo Alto,C=US</example>
376
- <param pos="0" name="service.vendor" value="VMWare"/>
473
+ <param pos="0" name="service.vendor" value="VMware"/>
377
474
  <param pos="0" name="service.product" value="vmauthd"/>
378
475
  </fingerprint>
476
+
379
477
  <fingerprint pattern="^CN=([a-zA-Z0-9\.\-\_]+),OU=VMware ESX Server Default Certificate,O=VMware\\, Inc,L=Palo Alto,ST=California,C=US$">
380
478
  <description>VMWare ESX</description>
381
479
  <example>CN=server99.,OU=VMware ESX Server Default Certificate,O=VMware\, Inc,L=Palo Alto,ST=California,C=US</example>
382
- <param pos="0" name="os.vendor" value="VMWare"/>
383
- <param pos="0" name="os.cpe23" value="cpe:/o:vmware:esx:-"/>
480
+ <param pos="0" name="os.vendor" value="VMware"/>
384
481
  <param pos="0" name="os.product" value="ESX"/>
385
482
  <param pos="0" name="os.device" value="Hypervisor"/>
483
+ <param pos="0" name="os.cpe23" value="cpe:/o:vmware:esx:-"/>
386
484
  <param pos="1" name="host.name"/>
387
485
  </fingerprint>
486
+
487
+ <fingerprint pattern="^CN.*,OU=SRM,O=VMware\\, Inc\.,L=Palo Alto,ST=California,C=US$">
488
+ <description>VMWare SRM</description>
489
+ <example>CN=SRM01,OU=SRM,O=VMware\, Inc.,L=Palo Alto,ST=California,C=US</example>
490
+ <param pos="0" name="os.vendor" value="VMware"/>
491
+ <param pos="0" name="os.product" value="Linux"/>
492
+ <param pos="0" name="hw.vendor" value="VMware"/>
493
+ <param pos="0" name="hw.device" value="Appliance"/>
494
+ <param pos="0" name="hw.product" value="Site Recovery Manager"/>
495
+ <param pos="0" name="service.vendor" value="VMware"/>
496
+ <param pos="0" name="service.product" value="Site Recovery Manager"/>
497
+ </fingerprint>
498
+
388
499
  <fingerprint pattern="^CN=IOS-Self-Signed-Certificate-">
389
500
  <description>Cisco IOS Default Certificate</description>
390
501
  <example>CN=IOS-Self-Signed-Certificate-4163115936</example>
391
502
  <param pos="0" name="os.vendor" value="Cisco"/>
392
- <param pos="0" name="os.cpe23" value="cpe:/o:cisco:ios:-"/>
393
503
  <param pos="0" name="os.family" value="IOS"/>
394
504
  <param pos="0" name="os.product" value="IOS"/>
505
+ <param pos="0" name="os.cpe23" value="cpe:/o:cisco:ios:-"/>
395
506
  <param pos="0" name="hw.vendor" value="Cisco"/>
396
507
  <param pos="0" name="hw.device" value="Router"/>
397
508
  </fingerprint>
398
- <fingerprint pattern="^CN=([a-zA-Z0-9]{5,12}) ([a-zA-Z0-9]{12}),OU=Cast,O=Google Inc,L=Mountain View,ST=California,C=US$">
509
+
510
+ <fingerprint pattern="^CN=([a-zA-Z0-9]{5,12}) ([a-zA-Z0-9]{12}),OU=(?:Cast|Google TV),O=Google Inc,L=Mountain View,ST=California,C=US$">
399
511
  <description>Google Chromecast</description>
400
512
  <example chromecast.serial_number="LVDZG5" host.mac_local="FA8FCA67413D">CN=LVDZG5 FA8FCA67413D,OU=Cast,O=Google Inc,L=Mountain View,ST=California,C=US</example>
513
+ <example chromecast.serial_number="YRBLE" host.mac_local="FA8FCA7DE87D">CN=YRBLE FA8FCA7DE87D,OU=Google TV,O=Google Inc,L=Mountain View,ST=California,C=US</example>
401
514
  <param pos="0" name="os.vendor" value="Google"/>
402
515
  <param pos="0" name="os.product" value="ChromeOS"/>
403
516
  <param pos="0" name="hw.device" value="Media Server"/>
404
517
  <param pos="0" name="hw.vendor" value="Google"/>
405
518
  <param pos="0" name="hw.product" value="Chromecast"/>
406
519
  <param pos="1" name="chromecast.serial_number"/>
407
- <!-- local administered mac address (clear bit 2 of first byte) -->
520
+ <!-- This is the hotspot-mode MAC address (clear bit 2) -->
521
+
408
522
  <param pos="2" name="host.mac_local"/>
409
523
  </fingerprint>
524
+
410
525
  <fingerprint pattern="^CN=([a-zA-Z0-9]{5,12}) ([a-zA-Z0-9]{12}),OU=Cast TV \(Vizio\),O=Google Inc,L=Mountain View,ST=California,C=US$">
411
526
  <description>Vizio SmartTV (Android) with Google Cast</description>
412
527
  <example chromecast.serial_number="9V039WC9" host.mac_local="FA8FCA697898">CN=9V039WC9 FA8FCA697898,OU=Cast TV (Vizio),O=Google Inc,L=Mountain View,ST=California,C=US</example>
413
528
  <param pos="0" name="os.vendor" value="Google"/>
414
- <param pos="0" name="os.cpe23" value="cpe:/o:google:android:-"/>
415
529
  <param pos="0" name="os.family" value="Linux"/>
416
530
  <param pos="0" name="os.product" value="Android"/>
531
+ <param pos="0" name="os.cpe23" value="cpe:/o:google:android:-"/>
417
532
  <param pos="0" name="hw.device" value="Smart TV"/>
418
533
  <param pos="0" name="hw.vendor" value="Vizio"/>
419
534
  <param pos="1" name="chromecast.serial_number"/>
420
- <!-- local administered mac address (clear bit 2 of first byte) -->
535
+ <!-- This is the hotspot-mode MAC address (clear bit 2) -->
536
+
421
537
  <param pos="2" name="host.mac_local"/>
422
538
  </fingerprint>
539
+
423
540
  <fingerprint pattern="^CN=TANDBERG,OU=R&amp;D,O=TANDBERG ASA,L=Lysaker,ST=Askerhus,C=NO$">
424
541
  <description>Cisco (TANDBERG) TelePresence</description>
425
542
  <example>CN=TANDBERG,OU=R&amp;D,O=TANDBERG ASA,L=Lysaker,ST=Askerhus,C=NO</example>
@@ -431,6 +548,7 @@
431
548
  <param pos="0" name="os.product" value="TelePresence"/>
432
549
  <param pos="0" name="os.device" value="Video Conferencing"/>
433
550
  </fingerprint>
551
+
434
552
  <fingerprint pattern="^CN=lifesize.com,C=US$">
435
553
  <description>Lifesize TelePresence</description>
436
554
  <example>CN=lifesize.com,C=US</example>
@@ -442,18 +560,116 @@
442
560
  <param pos="0" name="os.product" value="TelePresence"/>
443
561
  <param pos="0" name="os.device" value="Video Conferencing"/>
444
562
  </fingerprint>
563
+
564
+ <fingerprint pattern="^CN=MERCURY-([a-fA-F0-9]{12}),OU=Engineering,O=Crestron">
565
+ <description>Crestron Mercury</description>
566
+ <example host.mac="00107F1ABAA0">CN=MERCURY-00107F1ABAA0,OU=Engineering,O=Crestron Electronics\, Inc.,L=Rockleigh,ST=NJ,C=US</example>
567
+ <param pos="0" name="hw.vendor" value="Crestron"/>
568
+ <param pos="0" name="hw.device" value="Video Conferencing"/>
569
+ <param pos="0" name="hw.product" value="Mercury"/>
570
+ <param pos="0" name="os.vendor" value="Crestron"/>
571
+ <param pos="0" name="os.family" value="Linux"/>
572
+ <param pos="0" name="os.device" value="Video Conferencing"/>
573
+ <param pos="1" name="host.mac"/>
574
+ </fingerprint>
575
+
576
+ <fingerprint pattern="^CN=(AM-\d+)-([a-fA-F0-9]{12}),OU=Engineering,O=Crestron">
577
+ <description>Crestron AirMedia</description>
578
+ <example hw.product="AM-200" host.mac="00107FB7B1E2">CN=AM-200-00107FB7B1E2,OU=Engineering,O=Crestron Electronics\, Inc.,L=Rockleigh,ST=NJ,C=US</example>
579
+ <param pos="0" name="hw.vendor" value="Crestron"/>
580
+ <param pos="0" name="hw.device" value="Video Conferencing"/>
581
+ <param pos="1" name="hw.product"/>
582
+ <param pos="0" name="os.vendor" value="Crestron"/>
583
+ <param pos="0" name="os.family" value="Linux"/>
584
+ <param pos="0" name="os.device" value="Video Conferencing"/>
585
+ <param pos="2" name="host.mac"/>
586
+ </fingerprint>
587
+
588
+ <fingerprint pattern="^CN=Crestron,OU=Engineering,O=Crestron Electronics\\, Inc\.,L=Rockleigh,ST=NJ,C=US$">
589
+ <description>Crestron Video Conferencing</description>
590
+ <example>CN=Crestron,OU=Engineering,O=Crestron Electronics\, Inc.,L=Rockleigh,ST=NJ,C=US</example>
591
+ <param pos="0" name="hw.vendor" value="Crestron"/>
592
+ <param pos="0" name="hw.device" value="Video Conferencing"/>
593
+ <param pos="0" name="os.vendor" value="Crestron"/>
594
+ <param pos="0" name="os.family" value="Linux"/>
595
+ <param pos="0" name="os.device" value="Video Conferencing"/>
596
+ </fingerprint>
597
+
598
+ <fingerprint pattern="^CN=ClickShare-\d+$">
599
+ <description>ClickShare Wireless Presenter</description>
600
+ <example>CN=ClickShare-4234234324</example>
601
+ <param pos="0" name="hw.vendor" value="Barco"/>
602
+ <param pos="0" name="hw.device" value="Wireless Presenter"/>
603
+ <param pos="0" name="hw.product" value="ClickShare"/>
604
+ <param pos="0" name="os.vendor" value="Barco"/>
605
+ <param pos="0" name="os.family" value="ClickShareOS"/>
606
+ <param pos="0" name="os.device" value="Wireless Presenter"/>
607
+ </fingerprint>
608
+
609
+ <fingerprint pattern="^CN=Solstice,OU=Solstice,O=Mersive Technologies Inc,L=Denver,ST=CO,C=US$">
610
+ <description>SolsticePod</description>
611
+ <example>CN=Solstice,OU=Solstice,O=Mersive Technologies Inc,L=Denver,ST=CO,C=US</example>
612
+ <param pos="0" name="hw.vendor" value="Mersive"/>
613
+ <param pos="0" name="hw.device" value="Wireless Presenter"/>
614
+ <param pos="0" name="hw.product" value="SolsticePod"/>
615
+ </fingerprint>
616
+
617
+ <fingerprint pattern="^CN=Controller,OU=FW,O=ExtronElectronics,ST=CA,C=US$">
618
+ <description>Extron MediaLink Controller</description>
619
+ <example>CN=Controller,OU=FW,O=ExtronElectronics,ST=CA,C=US</example>
620
+ <param pos="0" name="hw.vendor" value="Extron"/>
621
+ <param pos="0" name="hw.device" value="Display Controller"/>
622
+ <param pos="0" name="hw.product" value="MediaLink Controller"/>
623
+ <param pos="0" name="os.vendor" value="Extron"/>
624
+ <param pos="0" name="os.family" value="Linux"/>
625
+ </fingerprint>
626
+
627
+ <fingerprint pattern="^CN=IPLP,OU=ControlSystems,O=ExtronElectronics,L=Anaheim,ST=CA,C=US$">
628
+ <description>Extron IPLP </description>
629
+ <example>CN=IPLP,OU=ControlSystems,O=ExtronElectronics,L=Anaheim,ST=CA,C=US</example>
630
+ <param pos="0" name="hw.vendor" value="Extron"/>
631
+ <param pos="0" name="hw.device" value="Display Controller"/>
632
+ <param pos="0" name="hw.product" value="IP Link Control Processor"/>
633
+ <param pos="0" name="os.vendor" value="Extron"/>
634
+ <param pos="0" name="os.family" value="Linux"/>
635
+ </fingerprint>
636
+
637
+ <fingerprint pattern="^CN=TLP,OU=ControlSystems,O=ExtronElectronics,L=Anaheim,ST=CA,C=US$">
638
+ <description>Extron TLP </description>
639
+ <example>CN=TLP,OU=ControlSystems,O=ExtronElectronics,L=Anaheim,ST=CA,C=US</example>
640
+ <param pos="0" name="hw.vendor" value="Extron"/>
641
+ <param pos="0" name="hw.device" value="Display Controller"/>
642
+ <param pos="0" name="hw.product" value="TouchLink Control Panel"/>
643
+ <param pos="0" name="os.vendor" value="Extron"/>
644
+ <param pos="0" name="os.family" value="Linux"/>
645
+ </fingerprint>
646
+
647
+ <fingerprint pattern="^CN=ShareLink-Pro-.*,OU=AVSystems,O=ExtronElectronics">
648
+ <description>Extron ShareLink Pro </description>
649
+ <example>CN=ShareLink-Pro-18-99-99.local.com,OU=AVSystems,O=ExtronElectronics,L=Anaheim,ST=CA,C=US</example>
650
+ <param pos="0" name="hw.vendor" value="Extron"/>
651
+ <param pos="0" name="hw.device" value="Display Controller"/>
652
+ <param pos="0" name="hw.product" value="ShareLink Pro"/>
653
+ <param pos="0" name="os.vendor" value="Extron"/>
654
+ <param pos="0" name="os.family" value="Linux"/>
655
+ </fingerprint>
656
+
445
657
  <fingerprint pattern="^CN=VMM APIC,OU=VMM\d+,O=Cisco,L=San Jose,ST=CA,C=US$">
446
658
  <description>Cisco APIC</description>
447
659
  <example>CN=VMM APIC,OU=VMM15,O=Cisco,L=San Jose,ST=CA,C=US</example>
448
660
  <param pos="0" name="hw.vendor" value="Cisco"/>
449
661
  <param pos="0" name="hw.product" value="APIC"/>
662
+ <param pos="0" name="hw.device" value="Network Appliance"/>
450
663
  </fingerprint>
664
+
451
665
  <fingerprint pattern="^CN=APIC$">
452
666
  <description>Cisco APIC - bare CN</description>
453
667
  <example>CN=APIC</example>
454
668
  <param pos="0" name="hw.vendor" value="Cisco"/>
455
669
  <param pos="0" name="hw.product" value="APIC"/>
670
+ <param pos="0" name="hw.device" value="Network Appliance"/>
456
671
  </fingerprint>
672
+
457
673
  <fingerprint pattern="^CN=(iPX\d+),OU=I Project,O=Samsung Electronics,L=Suwon,ST=Gyeonggi-do,C=KR$">
458
674
  <description>Samsung Communication Manager</description>
459
675
  <example hw.product="iPX3010">CN=iPX3010,OU=I Project,O=Samsung Electronics,L=Suwon,ST=Gyeonggi-do,C=KR</example>
@@ -464,6 +680,7 @@
464
680
  <param pos="0" name="os.vendor" value="Samsung"/>
465
681
  <param pos="0" name="os.family" value="Linux"/>
466
682
  </fingerprint>
683
+
467
684
  <fingerprint pattern="^CN=www.hikvision.com,OU=DVRNVR,O=HIKVISION,L=HangZhou,ST=ZheJiang,C=CN$">
468
685
  <description>HIKVISION DVR</description>
469
686
  <example>CN=www.hikvision.com,OU=DVRNVR,O=HIKVISION,L=HangZhou,ST=ZheJiang,C=CN</example>
@@ -472,6 +689,7 @@
472
689
  <param pos="0" name="hw.vendor" value="Hikvision"/>
473
690
  <param pos="0" name="hw.device" value="DVR"/>
474
691
  </fingerprint>
692
+
475
693
  <fingerprint pattern="^CN=([a-zA-Z0-9\.\-\_]+),OU=Polatis Switch ([a-zA-Z0-9]+),O=Polatis Inc\.,ST=N/A,C=UK$">
476
694
  <description>Polatis Switch</description>
477
695
  <example host.name="192.168.0.1" hw.product="1591">CN=192.168.0.1,OU=Polatis Switch 1591,O=Polatis Inc.,ST=N/A,C=UK</example>
@@ -483,6 +701,7 @@
483
701
  <param pos="1" name="host.name"/>
484
702
  <param pos="2" name="hw.product"/>
485
703
  </fingerprint>
704
+
486
705
  <fingerprint pattern="^CN=([a-zA-Z0-9\.\-\_]+),O=Fidelis Cybersecurity$">
487
706
  <description>Fidelis CommandPost</description>
488
707
  <example host.name="localhost.localdomain">CN=localhost.localdomain,O=Fidelis Cybersecurity</example>
@@ -493,6 +712,7 @@
493
712
  <param pos="0" name="os.product" value="CommandPost"/>
494
713
  <param pos="1" name="host.name"/>
495
714
  </fingerprint>
715
+
496
716
  <fingerprint pattern="^CN=([a-zA-Z0-9]+\-[a-zA-Z0-9]+)\-([a-zA-Z0-9]+),O=IBM,L=Endicott,ST=New York,C=IN$">
497
717
  <description>IBM POWER System</description>
498
718
  <example hw.product="8284-22A" hw.model="211BAFW">CN=8284-22A-211BAFW,O=IBM,L=Endicott,ST=New York,C=IN</example>
@@ -501,6 +721,7 @@
501
721
  <param pos="1" name="hw.product" value=""/>
502
722
  <param pos="2" name="hw.model"/>
503
723
  </fingerprint>
724
+
504
725
  <fingerprint pattern="^CN=EagleEyeDirectorII.polycom.com,OU=Video Division,O=Polycom Inc.,L=San Jose,ST=California,C=US$">
505
726
  <description>Polycom Eagle Eye Director</description>
506
727
  <example>CN=EagleEyeDirectorII.polycom.com,OU=Video Division,O=Polycom Inc.,L=San Jose,ST=California,C=US</example>
@@ -508,6 +729,7 @@
508
729
  <param pos="0" name="hw.device" value="Video Conferencing"/>
509
730
  <param pos="0" name="hw.product" value="Eagle Eye Director II"/>
510
731
  </fingerprint>
732
+
511
733
  <fingerprint pattern="^CN=([a-zA-Z0-9]+),OU=RD,O=QSC\\, LLC,ST=Colorado,C=US$">
512
734
  <description>Q-SYS Licensing Manager</description>
513
735
  <example host.name="SVRTIP44">CN=SVRTIP44,OU=RD,O=QSC\, LLC,ST=Colorado,C=US</example>
@@ -515,6 +737,7 @@
515
737
  <param pos="0" name="service.product" value="Licensing Manager"/>
516
738
  <param pos="1" name="host.name"/>
517
739
  </fingerprint>
740
+
518
741
  <fingerprint pattern="^CN=([A-Za-z0-9]+),OU=FortiGate,O=Fortinet,L=Sunnyvale,ST=California,C=US$">
519
742
  <description>Fortinet Gateway</description>
520
743
  <example fortinet.serial_number="FG100ETK1800118">CN=FG100ETK1800118,OU=FortiGate,O=Fortinet,L=Sunnyvale,ST=California,C=US</example>
@@ -522,24 +745,26 @@
522
745
  <param pos="0" name="hw.vendor" value="Fortinet"/>
523
746
  <param pos="0" name="hw.device" value="Firewall"/>
524
747
  <param pos="0" name="os.vendor" value="Fortinet"/>
525
- <param pos="0" name="os.cpe23" value="cpe:/o:fortinet:fortios:-"/>
526
748
  <param pos="0" name="os.family" value="Linux"/>
527
749
  <param pos="0" name="os.device" value="Firewall"/>
528
750
  <param pos="0" name="os.product" value="FortiOS"/>
751
+ <param pos="0" name="os.cpe23" value="cpe:/o:fortinet:fortios:-"/>
529
752
  <param pos="1" name="fortinet.serial_number"/>
530
753
  </fingerprint>
754
+
531
755
  <fingerprint pattern="^CN=([A-Za-z0-9]+),O=Fortinet Ltd\.$">
532
756
  <description>Fortinet Gateway (Older)</description>
533
757
  <example fortinet.serial_number="FG100D3G13803999">CN=FG100D3G13803999,O=Fortinet Ltd.</example>
534
758
  <param pos="0" name="hw.vendor" value="Fortinet"/>
535
759
  <param pos="0" name="hw.device" value="Firewall"/>
536
760
  <param pos="0" name="os.vendor" value="Fortinet"/>
537
- <param pos="0" name="os.cpe23" value="cpe:/o:fortinet:fortios:-"/>
538
761
  <param pos="0" name="os.family" value="Linux"/>
539
762
  <param pos="0" name="os.device" value="Firewall"/>
540
763
  <param pos="0" name="os.product" value="FortiOS"/>
764
+ <param pos="0" name="os.cpe23" value="cpe:/o:fortinet:fortios:-"/>
541
765
  <param pos="1" name="fortinet.serial_number"/>
542
766
  </fingerprint>
767
+
543
768
  <fingerprint pattern="^CN=FortiMail,OU=FortiMail,O=Fortinet,L=Sunnyvale,ST=California,C=US$">
544
769
  <description>Fortinet FortiMail Appliance</description>
545
770
  <example>CN=FortiMail,OU=FortiMail,O=Fortinet,L=Sunnyvale,ST=California,C=US</example>
@@ -547,11 +772,12 @@
547
772
  <param pos="0" name="hw.device" value="Appliance"/>
548
773
  <param pos="0" name="hw.product" value="FortiMail"/>
549
774
  <param pos="0" name="os.vendor" value="Fortinet"/>
550
- <param pos="0" name="os.cpe23" value="cpe:/o:fortinet:fortios:-"/>
551
775
  <param pos="0" name="os.family" value="Linux"/>
552
776
  <param pos="0" name="os.product" value="FortiOS"/>
553
777
  <param pos="0" name="os.device" value="Appliance"/>
778
+ <param pos="0" name="os.cpe23" value="cpe:/o:fortinet:fortios:-"/>
554
779
  </fingerprint>
780
+
555
781
  <fingerprint pattern="^CN=.*,OU=FortiManager,O=Fortinet,L=Sunnyvale,ST=California,C=US$">
556
782
  <description>Fortinet FortiManager Appliance</description>
557
783
  <example>CN=FMG-VM0000000000,OU=FortiManager,O=Fortinet,L=Sunnyvale,ST=California,C=US</example>
@@ -559,11 +785,12 @@
559
785
  <param pos="0" name="hw.device" value="Appliance"/>
560
786
  <param pos="0" name="hw.product" value="FortiManager"/>
561
787
  <param pos="0" name="os.vendor" value="Fortinet"/>
562
- <param pos="0" name="os.cpe23" value="cpe:/o:fortinet:fortios:-"/>
563
788
  <param pos="0" name="os.family" value="Linux"/>
564
789
  <param pos="0" name="os.product" value="FortiOS"/>
565
790
  <param pos="0" name="os.device" value="Appliance"/>
791
+ <param pos="0" name="os.cpe23" value="cpe:/o:fortinet:fortios:-"/>
566
792
  </fingerprint>
793
+
567
794
  <fingerprint pattern="^CN=CyberoamApplianceCertificate">
568
795
  <description>Cyberoam SSL VPN</description>
569
796
  <example>CN=CyberoamApplianceCertificate_C35316263111,OU=Cyberoam Appliance,O=Cyberoam,L=Ahmedabad,ST=Gujarat,C=IN</example>
@@ -574,6 +801,7 @@
574
801
  <param pos="0" name="os.vendor" value="Cyberoam"/>
575
802
  <param pos="0" name="os.device" value="VPN"/>
576
803
  </fingerprint>
804
+
577
805
  <fingerprint pattern="^CN=UBNT\-([0-9a-fA-F]{2}:[0-9a-fA-F]{2}:[0-9a-fA-F]{2}:[0-9a-fA-F]{2}:[0-9a-fA-F]{2}:[0-9a-fA-F]{2}),OU=Technical Support,O=Ubiquiti Networks Inc.,L=San Jose,ST=CA,C=US$">
578
806
  <description>Ubiquiti Wireless AP</description>
579
807
  <example host.mac="68:72:51:4B:90:16">CN=UBNT-68:72:51:4B:90:16,OU=Technical Support,O=Ubiquiti Networks Inc.,L=San Jose,ST=CA,C=US</example>
@@ -584,6 +812,7 @@
584
812
  <param pos="0" name="os.device" value="WAP"/>
585
813
  <param pos="1" name="host.mac"/>
586
814
  </fingerprint>
815
+
587
816
  <fingerprint pattern="^CN=unifi$">
588
817
  <description>Ubiquiti Controller - unifi bare</description>
589
818
  <example>CN=unifi</example>
@@ -593,6 +822,7 @@
593
822
  <param pos="0" name="os.family" value="Linux"/>
594
823
  <param pos="0" name="os.device" value="Wireless Controller"/>
595
824
  </fingerprint>
825
+
596
826
  <fingerprint pattern="^CN=UniFi,OU=UniFi,O=ubnt\.com,L=San Jose,ST=CA,C=US$">
597
827
  <description>Ubiquiti Controller - unifi</description>
598
828
  <example>CN=UniFi,OU=UniFi,O=ubnt.com,L=San Jose,ST=CA,C=US</example>
@@ -602,6 +832,28 @@
602
832
  <param pos="0" name="os.family" value="Linux"/>
603
833
  <param pos="0" name="os.device" value="Wireless Controller"/>
604
834
  </fingerprint>
835
+
836
+ <fingerprint pattern="^CN=unifivideo-app$">
837
+ <description>UniFi Video App</description>
838
+ <example>CN=unifivideo-app</example>
839
+ <param pos="0" name="os.vendor" value="Ubiquiti"/>
840
+ <param pos="0" name="os.family" value="Linux"/>
841
+ <param pos="0" name="hw.vendor" value="Ubiquiti"/>
842
+ <param pos="0" name="hw.family" value="UniFi"/>
843
+ <param pos="0" name="hw.device" value="Web cam"/>
844
+ </fingerprint>
845
+
846
+ <fingerprint pattern="^CN=camera\.ubnt\.dev,">
847
+ <description>UniFi Video Camera</description>
848
+ <example>CN=camera.ubnt.dev,OU=devint,O=Ubiquiti Networks Inc.,L=Taipei,C=TW</example>
849
+ <param pos="0" name="hw.vendor" value="Ubiquiti"/>
850
+ <param pos="0" name="hw.device" value="Web cam"/>
851
+ <param pos="0" name="hw.product" value="Camera"/>
852
+ <param pos="0" name="os.vendor" value="Ubiquiti"/>
853
+ <param pos="0" name="os.family" value="Linux"/>
854
+ <param pos="0" name="os.device" value="Web cam"/>
855
+ </fingerprint>
856
+
605
857
  <fingerprint pattern="^CN=UBNT,OU=Technical Support,O=Ubiquiti Networks Inc\.,L=San Jose,ST=CA,C=US$">
606
858
  <description>Ubiquiti Controller</description>
607
859
  <example>CN=UBNT,OU=Technical Support,O=Ubiquiti Networks Inc.,L=San Jose,ST=CA,C=US</example>
@@ -611,6 +863,7 @@
611
863
  <param pos="0" name="os.family" value="Linux"/>
612
864
  <param pos="0" name="os.device" value="Wireless Controller"/>
613
865
  </fingerprint>
866
+
614
867
  <fingerprint pattern="^CN=CloudKey,O=Ubiquiti Networks,L=San Jose,ST=CA,C=US$">
615
868
  <description>Ubiquiti CloudKey Controller</description>
616
869
  <example>CN=CloudKey,O=Ubiquiti Networks,L=San Jose,ST=CA,C=US</example>
@@ -622,6 +875,7 @@
622
875
  <param pos="0" name="os.device" value="Wireless Controller"/>
623
876
  <param pos="0" name="os.product" value="CloudKey"/>
624
877
  </fingerprint>
878
+
625
879
  <fingerprint pattern="^CN=UBNT Router UI,O=Ubiquiti Networks,L=San Jose,ST=CA,C=US$">
626
880
  <description>Ubiquiti Router</description>
627
881
  <example>CN=UBNT Router UI,O=Ubiquiti Networks,L=San Jose,ST=CA,C=US</example>
@@ -631,6 +885,7 @@
631
885
  <param pos="0" name="os.family" value="Linux"/>
632
886
  <param pos="0" name="os.device" value="Router"/>
633
887
  </fingerprint>
888
+
634
889
  <fingerprint pattern="^CN=UniFi-Video Controller,OU=R&amp;D,O=Ubiquiti Networks,L=New York,ST=NY,C=US$">
635
890
  <description>Ubiquiti Video Controller</description>
636
891
  <example>CN=UniFi-Video Controller,OU=R&amp;D,O=Ubiquiti Networks,L=New York,ST=NY,C=US</example>
@@ -641,30 +896,31 @@
641
896
  <param pos="0" name="os.family" value="Linux"/>
642
897
  <param pos="0" name="os.device" value="DVR"/>
643
898
  </fingerprint>
644
- <fingerprint pattern="^CN=camera.ubnt.dev,OU=devint,O=Ubiquiti Networks Inc.,L=Taipei,C=TW$">
645
- <description>Ubiquiti Video Camera</description>
646
- <example>CN=camera.ubnt.dev,OU=devint,O=Ubiquiti Networks Inc.,L=Taipei,C=TW</example>
647
- <param pos="0" name="hw.vendor" value="Ubiquiti"/>
648
- <param pos="0" name="hw.device" value="Web Cam"/>
649
- <param pos="0" name="hw.product" value="Camera"/>
650
- <param pos="0" name="os.vendor" value="Ubiquiti"/>
651
- <param pos="0" name="os.family" value="Linux"/>
652
- <param pos="0" name="os.device" value="Web Cam"/>
653
- </fingerprint>
899
+
654
900
  <fingerprint pattern="^CN=GreenWave Systems,OU=PKI,O=GreenWave Systems,L=Irvine,ST=California,C=US$">
655
901
  <description>Verizon / Greenwave FIOS Router</description>
656
902
  <example>CN=GreenWave Systems,OU=PKI,O=GreenWave Systems,L=Irvine,ST=California,C=US</example>
657
903
  <param pos="0" name="hw.vendor" value="Greenwave Systems"/>
658
- <param pos="0" name="hw.device" value="Broadband Router"/>
904
+ <param pos="0" name="hw.device" value="Broadband router"/>
659
905
  <param pos="0" name="hw.product" value="Verizon FiOS Router"/>
660
906
  </fingerprint>
907
+
661
908
  <fingerprint pattern="^CN=PoliWall,OU=Bandura Labs,O=Bandura\\, LLC\.,L=Lake Saint Louis,ST=Missouri,C=US$">
662
- <description>PoliWall Firewall</description>
909
+ <description>PoliWall Firewall Original</description>
663
910
  <example>CN=PoliWall,OU=Bandura Labs,O=Bandura\, LLC.,L=Lake Saint Louis,ST=Missouri,C=US</example>
664
911
  <param pos="0" name="hw.vendor" value="Bandura Labs"/>
665
912
  <param pos="0" name="hw.device" value="Firewall"/>
666
913
  <param pos="0" name="hw.product" value="PoliWall"/>
667
914
  </fingerprint>
915
+
916
+ <fingerprint pattern="^CN=poliwall,OU=IT,O=Bandura,L=St\. Louis,ST=Missouri,C=US$">
917
+ <description>PoliWall Firewall Newer Cert</description>
918
+ <example>CN=poliwall,OU=IT,O=Bandura,L=St. Louis,ST=Missouri,C=US</example>
919
+ <param pos="0" name="hw.vendor" value="Bandura Labs"/>
920
+ <param pos="0" name="hw.device" value="Firewall"/>
921
+ <param pos="0" name="hw.product" value="PoliWall"/>
922
+ </fingerprint>
923
+
668
924
  <fingerprint pattern="^CN=pfSense-[a-zA-Z0-9]+,O=pfSense webConfigurator Self-Signed Certificate">
669
925
  <description>pfSense Firewall</description>
670
926
  <example>CN=pfSense-58fb5b0b06777,O=pfSense webConfigurator Self-Signed Certificate,L=Locality,ST=State,C=US</example>
@@ -675,6 +931,38 @@
675
931
  <param pos="0" name="os.vendor" value="pfSense"/>
676
932
  <param pos="0" name="os.product" value="FreeBSD"/>
677
933
  </fingerprint>
934
+
935
+ <fingerprint pattern="^CN=Common Name \(eg\\, YOUR name\),OU=Organizational Unit Name \(eg\\, section\),O=CompanyName,L=Somecity,ST=Somewhere,C=US$">
936
+ <description>pfSense Firewall Default Certificate</description>
937
+ <example>CN=Common Name (eg\, YOUR name),OU=Organizational Unit Name (eg\, section),O=CompanyName,L=Somecity,ST=Somewhere,C=US</example>
938
+ <param pos="0" name="hw.vendor" value="pfSense"/>
939
+ <param pos="0" name="hw.device" value="Firewall"/>
940
+ <param pos="0" name="hw.product" value="Firewall"/>
941
+ <param pos="0" name="os.vendor" value="pfSense"/>
942
+ <param pos="0" name="os.product" value="FreeBSD"/>
943
+ </fingerprint>
944
+
945
+ <fingerprint pattern="^O=OPNsense,L=Middelharnis,ST=Zuid-Holland,C=NL$">
946
+ <description>OPNsense Firewall</description>
947
+ <example>O=OPNsense,L=Middelharnis,ST=Zuid-Holland,C=NL</example>
948
+ <param pos="0" name="hw.vendor" value="OPNsense"/>
949
+ <param pos="0" name="hw.device" value="Firewall"/>
950
+ <param pos="0" name="hw.product" value="Firewall"/>
951
+ <param pos="0" name="os.vendor" value="OPNsense"/>
952
+ <param pos="0" name="os.product" value="FreeBSD"/>
953
+ </fingerprint>
954
+
955
+ <fingerprint pattern="^CN=NetVanta,O=ADTRAN\\, Inc\.,L=Huntsville,ST=AL,C=US$" certainty="0.9">
956
+ <description>ADTRAN Netvanta Router</description>
957
+ <example>CN=NetVanta,O=ADTRAN\, Inc.,L=Huntsville,ST=AL,C=US</example>
958
+ <param pos="0" name="os.device" value="Router"/>
959
+ <param pos="0" name="os.vendor" value="ADTRAN"/>
960
+ <param pos="0" name="os.family" value="NetVanta"/>
961
+ <param pos="0" name="hw.device" value="Router"/>
962
+ <param pos="0" name="hw.vendor" value="ADTRAN"/>
963
+ <param pos="0" name="hw.family" value="NetVanta"/>
964
+ </fingerprint>
965
+
678
966
  <fingerprint pattern="^CN=SophosApplianceCertificate">
679
967
  <description>Sophos Appliance</description>
680
968
  <example>CN=SophosApplianceCertificate_C330AC22W713PAF,OU=OU,O=Green House Data,L=Cheyenne,ST=WY,C=US</example>
@@ -683,6 +971,7 @@
683
971
  <param pos="0" name="hw.vendor" value="Sophos"/>
684
972
  <param pos="0" name="hw.device" value="Appliance"/>
685
973
  </fingerprint>
974
+
686
975
  <fingerprint pattern="^CN=Hubitat Elevation,OU=Hub,O=Hubitat\\, Inc\.,L=Scottsdale,ST=Arizona,C=US$">
687
976
  <description>Hubitat Device Hub</description>
688
977
  <example>CN=Hubitat Elevation,OU=Hub,O=Hubitat\, Inc.,L=Scottsdale,ST=Arizona,C=US</example>
@@ -692,15 +981,25 @@
692
981
  <param pos="0" name="os.vendor" value="Hubitat"/>
693
982
  <param pos="0" name="os.product" value="Linux"/>
694
983
  </fingerprint>
984
+
695
985
  <fingerprint pattern="^CN=MAC([a-fA-F0-9]{12}),OU=([^,]+),O=Mercury Security Products\\, LLC,L=Long Beach,ST=CA,C=US$">
696
986
  <description>Mercurity Security (now HID Global)</description>
697
987
  <example hw.product="M5IC" host.mac="000FE507A1F1">CN=MAC000FE507A1F1,OU=M5IC,O=Mercury Security Products\, LLC,L=Long Beach,ST=CA,C=US</example>
698
988
  <example hw.product="EP-1502" host.mac="000FE508BC71">CN=MAC000FE508BC71,OU=EP-1502,O=Mercury Security Products\, LLC,L=Long Beach,ST=CA,C=US</example>
699
989
  <param pos="0" name="hw.vendor" value="Mercury Security"/>
700
- <param pos="0" name="hw.device" value="Access Controller"/>
990
+ <param pos="0" name="hw.device" value="Access Control"/>
701
991
  <param pos="1" name="host.mac"/>
702
992
  <param pos="2" name="hw.product"/>
703
993
  </fingerprint>
994
+
995
+ <fingerprint pattern="^CN=Mercury Security EP-series,O=Mercury Security Corp\.,L=Long Beach,ST=CA,C=US$">
996
+ <description>Mercurity Security (now HID Global) No MAC</description>
997
+ <example>CN=Mercury Security EP-series,O=Mercury Security Corp.,L=Long Beach,ST=CA,C=US</example>
998
+ <param pos="0" name="hw.vendor" value="Mercury Security"/>
999
+ <param pos="0" name="hw.device" value="Access Control"/>
1000
+ <param pos="0" name="hw.product" value="EP-series"/>
1001
+ </fingerprint>
1002
+
704
1003
  <fingerprint pattern="^CN=securelogin.arubanetworks.com,">
705
1004
  <description>Aruba Wireless Controller</description>
706
1005
  <example>CN=securelogin.arubanetworks.com,O=Aruba Networks,C=US</example>
@@ -709,24 +1008,27 @@
709
1008
  <param pos="0" name="hw.device" value="Wireless Controller"/>
710
1009
  <param pos="0" name="hw.product" value="Captive Portal"/>
711
1010
  </fingerprint>
1011
+
712
1012
  <fingerprint pattern="^CN=Fireware web CA,OU=Fireware,O=WatchGuard$">
713
1013
  <description>WatchGuard Firewall</description>
714
1014
  <example>CN=Fireware web CA,OU=Fireware,O=WatchGuard</example>
715
1015
  <param pos="0" name="hw.vendor" value="WatchGuard"/>
716
1016
  <param pos="0" name="hw.device" value="Firewall"/>
717
1017
  <param pos="0" name="os.vendor" value="WatchGuard"/>
718
- <param pos="0" name="os.cpe23" value="cpe:/o:watchguard:fireware:-"/>
719
1018
  <param pos="0" name="os.product" value="Fireware"/>
1019
+ <param pos="0" name="os.cpe23" value="cpe:/o:watchguard:fireware:-"/>
720
1020
  </fingerprint>
1021
+
721
1022
  <fingerprint pattern="^CN=[0-9\.]+,OU=SSL-VPN,O=SonicWALL\\, Inc\.,L=Sunnyvale,ST=CA,C=US$">
722
1023
  <description>SonicWALL Firewall</description>
723
1024
  <example>CN=192.168.200.1,OU=SSL-VPN,O=SonicWALL\, Inc.,L=Sunnyvale,ST=CA,C=US</example>
724
- <param pos="0" name="hw.vendor" value="SonicWALL"/>
1025
+ <param pos="0" name="hw.vendor" value="SonicWall"/>
725
1026
  <param pos="0" name="hw.device" value="VPN"/>
726
- <param pos="0" name="os.vendor" value="SonicWALL"/>
1027
+ <param pos="0" name="os.vendor" value="SonicWall"/>
727
1028
  <param pos="0" name="os.product" value="VPN"/>
728
1029
  <param pos="0" name="os.family" value="VPN"/>
729
1030
  </fingerprint>
1031
+
730
1032
  <fingerprint pattern="^CN=.*\.akamai\.net,O=Akamai Technologies\\, Inc\.,L=Cambridge,ST=Massachusetts,C=US$">
731
1033
  <description>Akamai Global Host</description>
732
1034
  <example>CN=a248.e.akamai.net,O=Akamai Technologies\, Inc.,L=Cambridge,ST=Massachusetts,C=US</example>
@@ -735,6 +1037,7 @@
735
1037
  <param pos="0" name="os.vendor" value="Akamai"/>
736
1038
  <param pos="0" name="os.device" value="Web proxy"/>
737
1039
  </fingerprint>
1040
+
738
1041
  <fingerprint pattern="^CN=HP_3PAR_">
739
1042
  <description>HP 3PAR</description>
740
1043
  <example>CN=HP_3PAR_1626615</example>
@@ -743,6 +1046,7 @@
743
1046
  <param pos="0" name="hw.device" value="Storage"/>
744
1047
  <param pos="0" name="hw.product" value="3PAR"/>
745
1048
  </fingerprint>
1049
+
746
1050
  <fingerprint pattern="^CN=(?:alienvault|VirtualUSMAllInOne)$">
747
1051
  <description>Alienvault OSSIM</description>
748
1052
  <example>CN=alienvault</example>
@@ -752,6 +1056,7 @@
752
1056
  <param pos="0" name="os.product" value="OSSIM"/>
753
1057
  <param pos="0" name="os.family" value="Linux"/>
754
1058
  </fingerprint>
1059
+
755
1060
  <fingerprint pattern="^CN=Canon (iR-[a-zA-Z0-9\.\-\_]+)$">
756
1061
  <description>Canon iR-ADV Printer with product info</description>
757
1062
  <example os.product="iR-ADV">CN=Canon iR-ADV</example>
@@ -762,6 +1067,7 @@
762
1067
  <param pos="1" name="hw.product"/>
763
1068
  <param pos="1" name="os.product"/>
764
1069
  </fingerprint>
1070
+
765
1071
  <fingerprint pattern="^CN=Canon Imaging Product$">
766
1072
  <description>Canon iR-ADV Printer</description>
767
1073
  <example>CN=Canon Imaging Product</example>
@@ -770,6 +1076,29 @@
770
1076
  <param pos="0" name="os.device" value="Printer"/>
771
1077
  <param pos="0" name="os.vendor" value="Canon"/>
772
1078
  </fingerprint>
1079
+
1080
+ <fingerprint pattern="^CN=ScanFront$">
1081
+ <description>Canon ScanFront Simple</description>
1082
+ <example>CN=ScanFront</example>
1083
+ <param pos="0" name="hw.device" value="Scanner"/>
1084
+ <param pos="0" name="hw.vendor" value="Canon"/>
1085
+ <param pos="0" name="hw.product" value="ScanFront"/>
1086
+ <param pos="0" name="os.device" value="Scanner"/>
1087
+ <param pos="0" name="os.vendor" value="Canon"/>
1088
+ <param pos="0" name="os.product" value="ScanFront"/>
1089
+ </fingerprint>
1090
+
1091
+ <fingerprint pattern="^CN=ScanFront,OU=IMS,O=CANON ELECTRONICS INC\.,L=Minato-ku,ST=Tokyo,C=JP$">
1092
+ <description>Canon ScanFront Full</description>
1093
+ <example>CN=ScanFront,OU=IMS,O=CANON ELECTRONICS INC.,L=Minato-ku,ST=Tokyo,C=JP</example>
1094
+ <param pos="0" name="hw.device" value="Scanner"/>
1095
+ <param pos="0" name="hw.vendor" value="Canon"/>
1096
+ <param pos="0" name="hw.product" value="ScanFront"/>
1097
+ <param pos="0" name="os.device" value="Scanner"/>
1098
+ <param pos="0" name="os.vendor" value="Canon"/>
1099
+ <param pos="0" name="os.product" value="ScanFront"/>
1100
+ </fingerprint>
1101
+
773
1102
  <fingerprint pattern="^CN=tnsappliance.*,O=Tenable Network Security\\, Inc\.,L=Columbia,ST=Maryland,C=US$">
774
1103
  <description>Tenable Appliance</description>
775
1104
  <example>CN=tnsappliance-b088a321,OU=--,O=Tenable Network Security\, Inc.,L=Columbia,ST=Maryland,C=US</example>
@@ -781,6 +1110,7 @@
781
1110
  <param pos="0" name="os.vendor" value="Tenable"/>
782
1111
  <param pos="0" name="os.product" value="Tenable Core"/>
783
1112
  </fingerprint>
1113
+
784
1114
  <fingerprint pattern="^CN=extrahop,OU=extrahop\.com,O=ExtraHop,C=US$">
785
1115
  <description>ExtraHop Appliance</description>
786
1116
  <example>CN=extrahop,OU=extrahop.com,O=ExtraHop,C=US</example>
@@ -791,6 +1121,7 @@
791
1121
  <param pos="0" name="os.vendor" value="ExtraHop"/>
792
1122
  <param pos="0" name="os.product" value="Discover"/>
793
1123
  </fingerprint>
1124
+
794
1125
  <fingerprint pattern="^CN=Ruckus Wireless ZoneDirector SN-(\d+),O=Ruckus Wireless\\, Inc\.,ST=CA,C=US$">
795
1126
  <description>Ruckus Zone Director</description>
796
1127
  <example ruckus.serial_number="221301007591">CN=Ruckus Wireless ZoneDirector SN-221301007591,O=Ruckus Wireless\, Inc.,ST=CA,C=US</example>
@@ -802,6 +1133,7 @@
802
1133
  <param pos="0" name="os.product" value="Zone Director"/>
803
1134
  <param pos="1" name="ruckus.serial_number"/>
804
1135
  </fingerprint>
1136
+
805
1137
  <fingerprint pattern="^CN=DT([^\s]+) Series,O=NEC Corporation,ST=Tokyo,C=JP$">
806
1138
  <description>NEC DT Series IP Phone</description>
807
1139
  <example>CN=DT800 Series,O=NEC Corporation,ST=Tokyo,C=JP</example>
@@ -811,6 +1143,7 @@
811
1143
  <param pos="0" name="hw.device" value="VoIP"/>
812
1144
  <param pos="1" name="hw.product"/>
813
1145
  </fingerprint>
1146
+
814
1147
  <fingerprint pattern="^CN=([a-fA-F0-9]{12}),O=Polycom Inc\.$">
815
1148
  <description>Polycom SoundPoint IP Phone</description>
816
1149
  <example host.mac="64167F169981">CN=64167F169981,O=Polycom Inc.</example>
@@ -821,6 +1154,7 @@
821
1154
  <param pos="0" name="hw.product" value="SoundPoint"/>
822
1155
  <param pos="1" name="host.mac"/>
823
1156
  </fingerprint>
1157
+
824
1158
  <fingerprint pattern="^CN=EN Software Production &amp; Release,OU=Enterprise Networks,O=Siemens AG,L=Munich,ST=Germany,C=DE$">
825
1159
  <description>Siemens EN Software</description>
826
1160
  <example>CN=EN Software Production &amp; Release,OU=Enterprise Networks,O=Siemens AG,L=Munich,ST=Germany,C=DE</example>
@@ -829,6 +1163,7 @@
829
1163
  <param pos="0" name="hw.vendor" value="Siemens"/>
830
1164
  <param pos="0" name="hw.device" value="VoIP"/>
831
1165
  </fingerprint>
1166
+
832
1167
  <fingerprint pattern="^CN=SecureConnect server,O=Quest,ST=CA,C=US$">
833
1168
  <description>SecureConnect SSL VPN</description>
834
1169
  <example>CN=SecureConnect server,O=Quest,ST=CA,C=US</example>
@@ -837,6 +1172,7 @@
837
1172
  <param pos="0" name="os.vendor" value="SecureConnect"/>
838
1173
  <param pos="0" name="os.device" value="VPN"/>
839
1174
  </fingerprint>
1175
+
840
1176
  <fingerprint pattern="^CN=RecoverPoint,OU=Data Protection and Availability Division,O=EMC Corporation,L=Hopkinton,ST=Massachusetts,C=US$">
841
1177
  <description>RecoverPoint Appliance</description>
842
1178
  <example>CN=RecoverPoint,OU=Data Protection and Availability Division,O=EMC Corporation,L=Hopkinton,ST=Massachusetts,C=US</example>
@@ -847,6 +1183,7 @@
847
1183
  <param pos="0" name="os.vendor" value="EMC"/>
848
1184
  <param pos="0" name="os.product" value="RecoverPoint"/>
849
1185
  </fingerprint>
1186
+
850
1187
  <fingerprint pattern="^CN=[a-fA-F0-9]+,O=Palo Alto Networks,L=Santa Clara,ST=CA,C=US$">
851
1188
  <description>Palo Alto Firewall</description>
852
1189
  <example>CN=d9fc2294968367a3a8ad1acd4c816c78444e6ea4d69869b40cc9751951fd3693,O=Palo Alto Networks,L=Santa Clara,ST=CA,C=US</example>
@@ -856,12 +1193,14 @@
856
1193
  <param pos="0" name="os.product" value="PANOS"/>
857
1194
  <param pos="0" name="os.device" value="Firewall"/>
858
1195
  </fingerprint>
1196
+
859
1197
  <fingerprint pattern="^CN=VMware default certificate,OU=vCenterServer.*,O=VMware\\, Inc\.$">
860
1198
  <description>VMWare vCenter</description>
861
1199
  <example>CN=VMware default certificate,OU=vCenterServer_2013.09.26_220623,O=VMware\, Inc.</example>
862
- <param pos="0" name="service.vendor" value="VMWare"/>
1200
+ <param pos="0" name="service.vendor" value="VMware"/>
863
1201
  <param pos="0" name="service.product" value="vCenter"/>
864
1202
  </fingerprint>
1203
+
865
1204
  <fingerprint pattern="^CN=selfappliance,OU=Engineering,O=Symplified,L=Boulder,ST=Colorado,C=US$">
866
1205
  <description>Symplified IAM Appliance (now RSA)</description>
867
1206
  <example>CN=selfappliance,OU=Engineering,O=Symplified,L=Boulder,ST=Colorado,C=US</example>
@@ -869,22 +1208,37 @@
869
1208
  <param pos="0" name="hw.device" value="Appliance"/>
870
1209
  <param pos="0" name="hw.product" value="IAM"/>
871
1210
  </fingerprint>
1211
+
872
1212
  <fingerprint pattern="^CN=OpenWrt,L=Leipzig,ST=Saxony,C=DE$">
873
1213
  <description>OpenWRT WAP</description>
874
1214
  <example>CN=OpenWrt,L=Leipzig,ST=Saxony,C=DE</example>
875
1215
  <param pos="0" name="os.vendor" value="OpenWRT"/>
876
1216
  <param pos="0" name="os.device" value="WAP"/>
877
1217
  </fingerprint>
1218
+
878
1219
  <fingerprint pattern="^CN=axis-([a-fA-F0-9]{12}),O=Axis Communications AB$">
879
1220
  <description>Axis Communications Web Cam</description>
880
1221
  <example host.mac="accc8ea31abf">CN=axis-accc8ea31abf,O=Axis Communications AB</example>
881
1222
  <param pos="0" name="hw.vendor" value="AXIS"/>
882
- <param pos="0" name="hw.device" value="Web Cam"/>
1223
+ <param pos="0" name="hw.device" value="Web cam"/>
883
1224
  <param pos="0" name="os.vendor" value="AXIS"/>
884
- <param pos="0" name="os.device" value="Web Cam"/>
1225
+ <param pos="0" name="os.device" value="Web cam"/>
885
1226
  <param pos="0" name="os.family" value="Linux"/>
886
1227
  <param pos="1" name="host.mac"/>
887
1228
  </fingerprint>
1229
+
1230
+ <fingerprint pattern="^CN=([^,]+),OU=Nortek,O=ELAN,L=StuddardMD,ST=[^,]+,C=US$">
1231
+ <description>ELAN Web Cam</description>
1232
+ <example host.name="ServerRoom">CN=ServerRoom,OU=Nortek,O=ELAN,L=StuddardMD,ST=10000,C=US</example>
1233
+ <param pos="0" name="hw.vendor" value="ELAN"/>
1234
+ <param pos="0" name="hw.device" value="Web cam"/>
1235
+ <param pos="0" name="hw.product" value="HDIPCam"/>
1236
+ <param pos="0" name="os.vendor" value="ELAN"/>
1237
+ <param pos="0" name="os.device" value="Web cam"/>
1238
+ <param pos="0" name="os.family" value="Linux"/>
1239
+ <param pos="1" name="host.name"/>
1240
+ </fingerprint>
1241
+
888
1242
  <fingerprint pattern="^CN=Dell_OpenManage.*,OU=PG,O=Dell Inc\.,ST=Texas,C=US$">
889
1243
  <description>Dell OpenManage</description>
890
1244
  <example>CN=Dell_OpenManage01,OU=PG,O=Dell Inc.,ST=Texas,C=US</example>
@@ -895,6 +1249,7 @@
895
1249
  <param pos="0" name="os.device" value="Appliance"/>
896
1250
  <param pos="0" name="os.family" value="Linux"/>
897
1251
  </fingerprint>
1252
+
898
1253
  <fingerprint pattern="^CN=Equallogic PS Array,OU=Dell Equallogic,O=Dell Inc\.,L=Nashua,ST=New Hampshire,C=US$">
899
1254
  <description>Dell EqualLogic PS Array</description>
900
1255
  <example>CN=Equallogic PS Array,OU=Dell Equallogic,O=Dell Inc.,L=Nashua,ST=New Hampshire,C=US</example>
@@ -905,6 +1260,7 @@
905
1260
  <param pos="0" name="os.device" value="Storage"/>
906
1261
  <param pos="0" name="os.product" value="EqualLogic"/>
907
1262
  </fingerprint>
1263
+
908
1264
  <fingerprint pattern="^CN=opennac\.test,L=Madrid,ST=Madrid,C=ES$">
909
1265
  <description>OpenNAC Appliance</description>
910
1266
  <example>CN=opennac.test,L=Madrid,ST=Madrid,C=ES</example>
@@ -915,6 +1271,7 @@
915
1271
  <param pos="0" name="os.family" value="Linux"/>
916
1272
  <param pos="0" name="os.product" value="Linux"/>
917
1273
  </fingerprint>
1274
+
918
1275
  <fingerprint pattern="^CN=SmartEdge Sensor,O=AirMagnet,L=Sunnyvale,ST=California,C=US$">
919
1276
  <description>AirMagnet SmartEdge Sensor</description>
920
1277
  <example>CN=SmartEdge Sensor,O=AirMagnet,L=Sunnyvale,ST=California,C=US</example>
@@ -922,6 +1279,7 @@
922
1279
  <param pos="0" name="hw.device" value="Wireless Controller"/>
923
1280
  <param pos="0" name="hw.product" value="SmartEdge Sensor"/>
924
1281
  </fingerprint>
1282
+
925
1283
  <fingerprint pattern="^CN=Sensor WebUI,O=AirDefense Inc.,L=Alpharetta,ST=GA,C=US$">
926
1284
  <description>AirDefense Inc Sensor</description>
927
1285
  <example>CN=Sensor WebUI,O=AirDefense Inc.,L=Alpharetta,ST=GA,C=US</example>
@@ -929,6 +1287,7 @@
929
1287
  <param pos="0" name="hw.device" value="Wireless Controller"/>
930
1288
  <param pos="0" name="hw.product" value="Sensor"/>
931
1289
  </fingerprint>
1290
+
932
1291
  <fingerprint pattern="^CN=HiveAP,OU=Default,O=Aerohive,ST=California,C=US$">
933
1292
  <description>Aerohive Access Point</description>
934
1293
  <example>CN=HiveAP,OU=Default,O=Aerohive,ST=California,C=US</example>
@@ -939,16 +1298,18 @@
939
1298
  <param pos="0" name="os.family" value="Linux"/>
940
1299
  <param pos="0" name="os.product" value="Linux"/>
941
1300
  </fingerprint>
1301
+
942
1302
  <fingerprint pattern="^CN=(usg[^_]+)_([a-fA-F0-9]{12})$">
943
1303
  <description>ZyWall Router</description>
944
1304
  <example hw.product="usg20w" host.mac="5CF4AB615FAC">CN=usg20w_5CF4AB615FAC</example>
945
1305
  <example hw.product="usg20w" host.mac="5067F0BC1D3C">CN=usg20w_5067F0BC1D3C</example>
946
1306
  <example hw.product="usg20" host.mac="107BEF0AD201">CN=usg20_107BEF0AD201</example>
947
- <param pos="0" name="hw.vendor" value="ZyWall"/>
948
- <param pos="0" name="hw.device" value="Broadband Router"/>
1307
+ <param pos="0" name="hw.vendor" value="Zyxel"/>
1308
+ <param pos="0" name="hw.device" value="Broadband router"/>
949
1309
  <param pos="1" name="hw.product"/>
950
1310
  <param pos="2" name="host.mac"/>
951
1311
  </fingerprint>
1312
+
952
1313
  <fingerprint pattern="^CN=([a-fA-F0-9]{16}),O=Philips Hue,C=NL$">
953
1314
  <description>Philips Hue Personal Wireless Lighting</description>
954
1315
  <example host.mac_eui64="001788fffe4f1999">CN=001788fffe4f1999,O=Philips Hue,C=NL</example>
@@ -957,4 +1318,113 @@
957
1318
  <param pos="0" name="hw.device" value="Light Bulb"/>
958
1319
  <param pos="1" name="host.mac_eui64"/>
959
1320
  </fingerprint>
960
- </fingerprints>
1321
+
1322
+ <fingerprint pattern="^CN=www\.ibm\.com,OU=IBM i Service,L=Rochester,ST=Minnesota,C=US$">
1323
+ <description>IBM iSeries Service Console</description>
1324
+ <example>CN=www.ibm.com,OU=IBM i Service,L=Rochester,ST=Minnesota,C=US</example>
1325
+ <param pos="0" name="os.vendor" value="IBM"/>
1326
+ <param pos="0" name="os.family" value="OS/400"/>
1327
+ <param pos="0" name="os.product" value="OS/400"/>
1328
+ <param pos="0" name="os.cpe23" value="cpe:/o:ibm:os_400:-"/>
1329
+ </fingerprint>
1330
+
1331
+ <fingerprint pattern="^CN=.*\.ip\.kaptivo\.live,">
1332
+ <description>Kaptivo Whiteboard</description>
1333
+ <example>CN=*.ip.kaptivo.live,OU=Domain Control Validated+OU=PositiveSSL Wildcard</example>
1334
+ <param pos="0" name="hw.vendor" value="Kaptivo"/>
1335
+ <param pos="0" name="hw.product" value="Whiteboard"/>
1336
+ <param pos="0" name="hw.device" value="Whiteboard"/>
1337
+ </fingerprint>
1338
+
1339
+ <fingerprint pattern="^CN=.*,OU=Network Security Management,O=FireEye\\, Inc\.,L=Milpitas,ST=California,C=US$">
1340
+ <description>FireEye Appliance</description>
1341
+ <example>CN=noc-feye-ex2,OU=Network Security Management,O=FireEye\, Inc.,L=Milpitas,ST=California,C=US</example>
1342
+ <param pos="0" name="hw.vendor" value="FireEye"/>
1343
+ <param pos="0" name="hw.product" value="Appliance"/>
1344
+ <param pos="0" name="hw.device" value="Security Appliance"/>
1345
+ </fingerprint>
1346
+
1347
+ <fingerprint pattern="^CN=.*,OU=IA,O=FireEye,L=Charlottesville,ST=Virginia,C=US$">
1348
+ <description>FireEye Investigation Analysis System Appliance</description>
1349
+ <example>CN=noc-feye-ia2,OU=IA,O=FireEye,L=Charlottesville,ST=Virginia,C=US</example>
1350
+ <param pos="0" name="hw.vendor" value="FireEye"/>
1351
+ <param pos="0" name="hw.product" value="IA Appliance"/>
1352
+ <param pos="0" name="hw.device" value="Security Appliance"/>
1353
+ </fingerprint>
1354
+
1355
+ <fingerprint pattern="^CN=.*,OU=Gigamon Network Visibility Systems,O=Gigamon Inc\.,L=Santa Clara,ST=California,C=US$">
1356
+ <description>Gigamon GigaVUE Appliance</description>
1357
+ <example>CN=gvue01,OU=Gigamon Network Visibility Systems,O=Gigamon Inc.,L=Santa Clara,ST=California,C=US</example>
1358
+ <param pos="0" name="hw.vendor" value="Gigamon"/>
1359
+ <param pos="0" name="hw.device" value="Monitoring"/>
1360
+ <param pos="0" name="hw.product" value="GigaVUE"/>
1361
+ </fingerprint>
1362
+
1363
+ <fingerprint pattern="^CN=.*,OU=Telliris,O=DAC Systems,L=Shelton,ST=Connecticut,C=US$">
1364
+ <description>Telliris IVR</description>
1365
+ <example>CN=Telliris-IVR,OU=Telliris,O=DAC Systems,L=Shelton,ST=Connecticut,C=US</example>
1366
+ <param pos="0" name="hw.vendor" value="Telliris"/>
1367
+ <param pos="0" name="hw.device" value="Voice Appliance"/>
1368
+ <param pos="0" name="hw.product" value="IVR"/>
1369
+ </fingerprint>
1370
+
1371
+ <fingerprint pattern="^CN=SLS,O=Lantronix,L=Irvine,ST=California,C=US$">
1372
+ <description>Lantronix SLS terminal server</description>
1373
+ <example>CN=SLS,O=Lantronix,L=Irvine,ST=California,C=US</example>
1374
+ <param pos="0" name="hw.vendor" value="Lantronix"/>
1375
+ <param pos="0" name="hw.device" value="Device Server"/>
1376
+ <param pos="0" name="hw.product" value="SLS"/>
1377
+ </fingerprint>
1378
+
1379
+ <fingerprint pattern="^CN=Tintri Default Certificate,OU=Tintri Server Certificate,O=Tintri\\, Inc\.,L=Mountain View,ST=CA,C=US$">
1380
+ <description>Tintri Storage Appliance</description>
1381
+ <example>CN=Tintri Default Certificate,OU=Tintri Server Certificate,O=Tintri\, Inc.,L=Mountain View,ST=CA,C=US</example>
1382
+ <param pos="0" name="hw.vendor" value="Tintro"/>
1383
+ <param pos="0" name="hw.device" value="NAS"/>
1384
+ <param pos="0" name="hw.product" value="Storage Appliance"/>
1385
+ </fingerprint>
1386
+
1387
+ <fingerprint pattern="^CN=axonius,O=Axonius\\, Inc,L=New York City,ST=New York,C=US$">
1388
+ <description>Axonius Appliance</description>
1389
+ <example>CN=axonius,O=Axonius\, Inc,L=New York City,ST=New York,C=US</example>
1390
+ <param pos="0" name="hw.vendor" value="Axonius"/>
1391
+ <param pos="0" name="hw.device" value="Security Appliance"/>
1392
+ <param pos="0" name="hw.product" value="Asset Management"/>
1393
+ </fingerprint>
1394
+
1395
+ <fingerprint pattern="^CN=AVIGILON-CAMERA-([a-zA-Z0-9\.\-]+)-\d+,OU=Certification Manager,O=Avigilon Corporation,L=Vancouver,ST=British Columbia,C=CA$">
1396
+ <description>Avigilon IP Camera</description>
1397
+ <example hw.product="5.0-H3-DP1">CN=AVIGILON-CAMERA-5.0-H3-DP1-1242900,OU=Certification Manager,O=Avigilon Corporation,L=Vancouver,ST=British Columbia,C=CA</example>
1398
+ <param pos="0" name="hw.vendor" value="Avigilon"/>
1399
+ <param pos="0" name="hw.device" value="IP Camera"/>
1400
+ <param pos="1" name="hw.product"/>
1401
+ <param pos="0" name="os.vendor" value="Avigilon"/>
1402
+ <param pos="0" name="os.family" value="Linux"/>
1403
+ <param pos="0" name="os.product" value="Linux"/>
1404
+ </fingerprint>
1405
+
1406
+ <fingerprint pattern="^CN=TCAM,OU=Security,O=Truen,L=Seoul,ST=Seoul,C=KR$">
1407
+ <description>Truen IP Camera (Often Rebranded)</description>
1408
+ <example>CN=TCAM,OU=Security,O=Truen,L=Seoul,ST=Seoul,C=KR</example>
1409
+ <param pos="0" name="hw.certainty" value="0.5"/>
1410
+ <param pos="0" name="hw.vendor" value="Truen"/>
1411
+ <param pos="0" name="hw.device" value="IP Camera"/>
1412
+ <param pos="0" name="os.certainty" value="0.5"/>
1413
+ <param pos="0" name="os.vendor" value="Truen"/>
1414
+ <param pos="0" name="os.family" value="Linux"/>
1415
+ <param pos="0" name="os.product" value="Linux"/>
1416
+ </fingerprint>
1417
+
1418
+ <fingerprint pattern="^CN=device.wilibox.com,OU=R&amp;D,O=WILIBOX UAB,L=Kaunas,ST=-,C=LT$">
1419
+ <description>LigoWave Outdoor AP</description>
1420
+ <example>CN=device.wilibox.com,OU=R&amp;D,O=WILIBOX UAB,L=Kaunas,ST=-,C=LT</example>
1421
+ <param pos="0" name="hw.certainty" value="0.50"/>
1422
+ <param pos="0" name="hw.vendor" value="LigoWave"/>
1423
+ <param pos="0" name="hw.device" value="WAP"/>
1424
+ <param pos="0" name="os.certainty" value="0.5"/>
1425
+ <param pos="0" name="os.vendor" value="LigoWave"/>
1426
+ <param pos="0" name="os.family" value="Linux"/>
1427
+ <param pos="0" name="os.product" value="Linux"/>
1428
+ </fingerprint>
1429
+
1430
+ </fingerprints>