recog 2.3.7 → 2.3.12
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/.gitignore +9 -2
- data/.ruby-gemset +1 -0
- data/.ruby-version +1 -0
- data/.travis.yml +2 -4
- data/CONTRIBUTING.md +136 -37
- data/Gemfile +2 -5
- data/README.md +18 -16
- data/bin/recog_cleanup +16 -0
- data/bin/recog_standardize +142 -0
- data/cpe-remap.yaml +36 -1
- data/features/match.feature +4 -0
- data/features/support/aruba.rb +3 -0
- data/features/verify.feature +5 -0
- data/identifiers/README.md +56 -0
- data/identifiers/hw_device.txt +77 -0
- data/identifiers/hw_family.txt +96 -0
- data/identifiers/hw_product.txt +328 -0
- data/identifiers/os_architecture.txt +20 -0
- data/identifiers/os_device.txt +94 -0
- data/identifiers/os_family.txt +325 -0
- data/identifiers/os_product.txt +420 -0
- data/identifiers/service_family.txt +272 -0
- data/identifiers/service_product.txt +557 -0
- data/identifiers/software_class.txt +26 -0
- data/identifiers/software_family.txt +91 -0
- data/identifiers/software_product.txt +333 -0
- data/identifiers/vendor.txt +891 -0
- data/lib/recog/version.rb +1 -1
- data/requirements.txt +1 -1
- data/spec/lib/fingerprint_self_test_spec.rb +1 -1
- data/spec/lib/recog/fingerprint/regexp_factory_spec.rb +1 -1
- data/update_cpes.py +4 -1
- data/xml/apache_modules.xml +292 -5
- data/xml/apache_os.xml +50 -2
- data/xml/architecture.xml +19 -7
- data/xml/dns_versionbind.xml +200 -26
- data/xml/favicons.xml +1701 -0
- data/xml/ftp_banners.xml +276 -16
- data/xml/h323_callresp.xml +112 -12
- data/xml/hp_pjl_id.xml +47 -5
- data/xml/html_title.xml +1419 -72
- data/xml/http_cookies.xml +77 -10
- data/xml/http_servers.xml +898 -47
- data/xml/http_wwwauth.xml +154 -27
- data/xml/imap_banners.xml +23 -13
- data/xml/ldap_searchresult.xml +81 -9
- data/xml/mdns_device-info_txt.xml +194 -17
- data/xml/mdns_workstation_txt.xml +4 -2
- data/xml/mysql_banners.xml +554 -45
- data/xml/mysql_error.xml +113 -6
- data/xml/nntp_banners.xml +10 -2
- data/xml/ntp_banners.xml +95 -11
- data/xml/operating_system.xml +90 -3
- data/xml/pop_banners.xml +32 -31
- data/xml/rsh_resp.xml +11 -2
- data/xml/rtsp_servers.xml +43 -23
- data/xml/sip_banners.xml +9 -14
- data/xml/sip_user_agents.xml +69 -3
- data/xml/smb_native_lm.xml +10 -2
- data/xml/smb_native_os.xml +80 -2
- data/xml/smtp_banners.xml +233 -13
- data/xml/smtp_debug.xml +6 -4
- data/xml/smtp_ehlo.xml +7 -5
- data/xml/smtp_expn.xml +13 -4
- data/xml/smtp_help.xml +23 -4
- data/xml/smtp_mailfrom.xml +5 -2
- data/xml/smtp_noop.xml +6 -5
- data/xml/smtp_quit.xml +5 -4
- data/xml/smtp_rcptto.xml +5 -2
- data/xml/smtp_rset.xml +4 -4
- data/xml/smtp_turn.xml +4 -4
- data/xml/smtp_vrfy.xml +14 -4
- data/xml/snmp_sysdescr.xml +776 -52
- data/xml/snmp_sysobjid.xml +47 -2
- data/xml/ssh_banners.xml +259 -80
- data/xml/telnet_banners.xml +376 -23
- data/xml/x11_banners.xml +27 -4
- data/xml/x509_issuers.xml +37 -13
- data/xml/x509_subjects.xml +525 -55
- metadata +29 -6
data/xml/x11_banners.xml
CHANGED
@@ -1,4 +1,4 @@
|
|
1
|
-
<?xml version=
|
1
|
+
<?xml version='1.0' encoding='UTF-8'?>
|
2
2
|
<fingerprints matches="x11.vendor" protocol="x11">
|
3
3
|
<!--
|
4
4
|
During X11 connection setup as specified in the X11 protocol
|
@@ -7,12 +7,14 @@
|
|
7
7
|
This success response contains a vendor field which can be used to
|
8
8
|
fingerprint systems with the following fingerprints.
|
9
9
|
-->
|
10
|
+
|
10
11
|
<fingerprint pattern="^AT&T Laboratories Cambridge$">
|
11
12
|
<description>AT&T Laboratories Cambridge</description>
|
12
13
|
<example>AT&T Laboratories Cambridge</example>
|
13
14
|
<param pos="0" name="service.vendor" value="AT&T Laboratories Cambridge"/>
|
14
15
|
<param pos="0" name="service.product" value="Xvnc"/>
|
15
16
|
</fingerprint>
|
17
|
+
|
16
18
|
<fingerprint pattern="^CentOS$">
|
17
19
|
<description>CentOS</description>
|
18
20
|
<example>CentOS</example>
|
@@ -24,6 +26,7 @@
|
|
24
26
|
<param pos="0" name="os.family" value="Linux"/>
|
25
27
|
<param pos="0" name="os.cpe23" value="cpe:/o:centos:centos:-"/>
|
26
28
|
</fingerprint>
|
29
|
+
|
27
30
|
<fingerprint pattern="^Colin Harrison$">
|
28
31
|
<description>Colin Harrison</description>
|
29
32
|
<example>Colin Harrison</example>
|
@@ -34,16 +37,18 @@
|
|
34
37
|
<param pos="0" name="os.family" value="Windows"/>
|
35
38
|
<param pos="0" name="os.cpe23" value="cpe:/o:microsoft:windows:-"/>
|
36
39
|
</fingerprint>
|
40
|
+
|
37
41
|
<fingerprint pattern="^DECWINDOWS DigitalEquipmentCorporation, eXcursion$">
|
38
42
|
<description>DECWINDOWS DigitalEquipmentCorporation, eXcursion</description>
|
39
43
|
<example>DECWINDOWS DigitalEquipmentCorporation, eXcursion</example>
|
40
44
|
<param pos="0" name="os.vendor" value="Microsoft"/>
|
41
45
|
<param pos="0" name="service.vendor" value="DEC"/>
|
42
|
-
<param pos="0" name="service.product" value="DEC eXcursion X
|
46
|
+
<param pos="0" name="service.product" value="DEC eXcursion X Server"/>
|
43
47
|
<param pos="0" name="os.product" value="Windows"/>
|
44
48
|
<param pos="0" name="os.family" value="Windows"/>
|
45
49
|
<param pos="0" name="os.cpe23" value="cpe:/o:microsoft:windows:-"/>
|
46
50
|
</fingerprint>
|
51
|
+
|
47
52
|
<fingerprint pattern="^DECWINDOWS Hewlett-Packard Development Company OpenVMS$">
|
48
53
|
<description>DECWINDOWS Hewlett-Packard Development Company OpenVMS</description>
|
49
54
|
<example>DECWINDOWS Hewlett-Packard Development Company OpenVMS</example>
|
@@ -53,6 +58,7 @@
|
|
53
58
|
<param pos="0" name="os.product" value="OpenVMS"/>
|
54
59
|
<param pos="0" name="os.family" value="OpenVMS"/>
|
55
60
|
</fingerprint>
|
61
|
+
|
56
62
|
<fingerprint pattern="^Fedora Project$">
|
57
63
|
<description>Fedora Project</description>
|
58
64
|
<example>Fedora Project</example>
|
@@ -64,6 +70,7 @@
|
|
64
70
|
<param pos="0" name="os.family" value="Linux"/>
|
65
71
|
<param pos="0" name="os.cpe23" value="cpe:/o:redhat:fedora_core:-"/>
|
66
72
|
</fingerprint>
|
73
|
+
|
67
74
|
<fingerprint pattern="^freedesktop\.org$">
|
68
75
|
<description>freedesktop.org</description>
|
69
76
|
<example>freedesktop.org</example>
|
@@ -75,6 +82,7 @@
|
|
75
82
|
<param pos="0" name="os.family" value="Linux"/>
|
76
83
|
<param pos="0" name="os.cpe23" value="cpe:/o:linux:linux_kernel:-"/>
|
77
84
|
</fingerprint>
|
85
|
+
|
78
86
|
<fingerprint pattern="^HC-Consult$">
|
79
87
|
<description>HC-Consult</description>
|
80
88
|
<example>HC-Consult</example>
|
@@ -85,6 +93,7 @@
|
|
85
93
|
<param pos="0" name="os.family" value="Windows"/>
|
86
94
|
<param pos="0" name="os.cpe23" value="cpe:/o:microsoft:windows:-"/>
|
87
95
|
</fingerprint>
|
96
|
+
|
88
97
|
<fingerprint pattern="^Hummingbird Communications Ltd\.$|^Hummingbird Ltd\.$">
|
89
98
|
<description>Hummingbird Communications Ltd.</description>
|
90
99
|
<example>Hummingbird Communications Ltd.</example>
|
@@ -96,16 +105,18 @@
|
|
96
105
|
<param pos="0" name="os.family" value="Windows"/>
|
97
106
|
<param pos="0" name="os.cpe23" value="cpe:/o:microsoft:windows:-"/>
|
98
107
|
</fingerprint>
|
108
|
+
|
99
109
|
<fingerprint pattern="^Labtam Inc$">
|
100
110
|
<description>Labtam Inc</description>
|
101
111
|
<example>Labtam Inc</example>
|
102
112
|
<param pos="0" name="os.vendor" value="Microsoft"/>
|
103
|
-
<param pos="0" name="service.vendor" value="Labtam
|
113
|
+
<param pos="0" name="service.vendor" value="Labtam"/>
|
104
114
|
<param pos="0" name="service.product" value="XSecurePro"/>
|
105
115
|
<param pos="0" name="os.product" value="Windows"/>
|
106
116
|
<param pos="0" name="os.family" value="Windows"/>
|
107
117
|
<param pos="0" name="os.cpe23" value="cpe:/o:microsoft:windows:-"/>
|
108
118
|
</fingerprint>
|
119
|
+
|
109
120
|
<fingerprint pattern="^Moba\/X$">
|
110
121
|
<description>Moba/X</description>
|
111
122
|
<example>Moba/X</example>
|
@@ -117,6 +128,7 @@
|
|
117
128
|
<param pos="0" name="os.family" value="Windows"/>
|
118
129
|
<param pos="0" name="os.cpe23" value="cpe:/o:microsoft:windows:-"/>
|
119
130
|
</fingerprint>
|
131
|
+
|
120
132
|
<fingerprint pattern="^MobaXterm$">
|
121
133
|
<description>MobaXterm</description>
|
122
134
|
<example>MobaXterm</example>
|
@@ -128,6 +140,7 @@
|
|
128
140
|
<param pos="0" name="os.family" value="Windows"/>
|
129
141
|
<param pos="0" name="os.cpe23" value="cpe:/o:microsoft:windows:-"/>
|
130
142
|
</fingerprint>
|
143
|
+
|
131
144
|
<fingerprint pattern="^NetSarang Computer, Inc\.$">
|
132
145
|
<description>NetSarang Computer, Inc.</description>
|
133
146
|
<example>NetSarang Computer, Inc.</example>
|
@@ -138,6 +151,7 @@
|
|
138
151
|
<param pos="0" name="os.family" value="Windows"/>
|
139
152
|
<param pos="0" name="os.cpe23" value="cpe:/o:microsoft:windows:-"/>
|
140
153
|
</fingerprint>
|
154
|
+
|
141
155
|
<fingerprint pattern="^Open Text$">
|
142
156
|
<description>Open Text</description>
|
143
157
|
<example>Open Text</example>
|
@@ -148,6 +162,7 @@
|
|
148
162
|
<param pos="0" name="os.family" value="Windows"/>
|
149
163
|
<param pos="0" name="os.cpe23" value="cpe:/o:microsoft:windows:-"/>
|
150
164
|
</fingerprint>
|
165
|
+
|
151
166
|
<fingerprint pattern="^Red Hat, Inc\.$">
|
152
167
|
<description>Red Hat, Inc.</description>
|
153
168
|
<example>Red Hat, Inc.</example>
|
@@ -159,6 +174,7 @@
|
|
159
174
|
<param pos="0" name="os.family" value="Linux"/>
|
160
175
|
<param pos="0" name="os.cpe23" value="cpe:/o:redhat:linux:-"/>
|
161
176
|
</fingerprint>
|
177
|
+
|
162
178
|
<fingerprint pattern="^Santa Cruz Operation Inc\.$">
|
163
179
|
<description>Santa Cruz Operation Inc.</description>
|
164
180
|
<example>Santa Cruz Operation Inc.</example>
|
@@ -168,6 +184,7 @@
|
|
168
184
|
<param pos="0" name="os.product" value="SCO UNIX"/>
|
169
185
|
<param pos="0" name="os.family" value="SCO UNIX"/>
|
170
186
|
</fingerprint>
|
187
|
+
|
171
188
|
<fingerprint pattern="^StarNet Communications Corp\.$">
|
172
189
|
<description>StarNet Communications Corp.</description>
|
173
190
|
<example>StarNet Communications Corp.</example>
|
@@ -178,6 +195,7 @@
|
|
178
195
|
<param pos="0" name="os.family" value="Windows"/>
|
179
196
|
<param pos="0" name="os.cpe23" value="cpe:/o:microsoft:windows:-"/>
|
180
197
|
</fingerprint>
|
198
|
+
|
181
199
|
<fingerprint pattern="^Sun Microsystems, Inc\.$">
|
182
200
|
<description>Sun Microsystems, Inc.</description>
|
183
201
|
<example>Sun Microsystems, Inc.</example>
|
@@ -188,6 +206,7 @@
|
|
188
206
|
<param pos="0" name="os.family" value="Solaris"/>
|
189
207
|
<param pos="0" name="os.cpe23" value="cpe:/o:sun:solaris:-"/>
|
190
208
|
</fingerprint>
|
209
|
+
|
191
210
|
<fingerprint pattern="^The Cygwin\/X Project$">
|
192
211
|
<description>The Cygwin/X Project</description>
|
193
212
|
<example>The Cygwin/X Project</example>
|
@@ -199,6 +218,7 @@
|
|
199
218
|
<param pos="0" name="os.family" value="Windows"/>
|
200
219
|
<param pos="0" name="os.cpe23" value="cpe:/o:microsoft:windows:-"/>
|
201
220
|
</fingerprint>
|
221
|
+
|
202
222
|
<fingerprint pattern="^The X\.Org Foundation$">
|
203
223
|
<description>The X.Org Foundation</description>
|
204
224
|
<example>The X.Org Foundation</example>
|
@@ -209,6 +229,7 @@
|
|
209
229
|
<param pos="0" name="os.product" value="UNIX"/>
|
210
230
|
<param pos="0" name="os.family" value="UNIX"/>
|
211
231
|
</fingerprint>
|
232
|
+
|
212
233
|
<fingerprint pattern="^The XFree86 Project, Inc$">
|
213
234
|
<description>The XFree86 Project, Inc</description>
|
214
235
|
<example>The XFree86 Project, Inc</example>
|
@@ -219,6 +240,7 @@
|
|
219
240
|
<param pos="0" name="os.product" value="UNIX"/>
|
220
241
|
<param pos="0" name="os.family" value="UNIX"/>
|
221
242
|
</fingerprint>
|
243
|
+
|
222
244
|
<fingerprint pattern="^WRQ, Inc\.$">
|
223
245
|
<description>WRQ, Inc.</description>
|
224
246
|
<example>WRQ, Inc.</example>
|
@@ -229,4 +251,5 @@
|
|
229
251
|
<param pos="0" name="os.family" value="Windows"/>
|
230
252
|
<param pos="0" name="os.cpe23" value="cpe:/o:microsoft:windows:-"/>
|
231
253
|
</fingerprint>
|
232
|
-
|
254
|
+
|
255
|
+
</fingerprints>
|
data/xml/x509_issuers.xml
CHANGED
@@ -1,15 +1,26 @@
|
|
1
|
-
<?xml version=
|
1
|
+
<?xml version='1.0' encoding='UTF-8'?>
|
2
2
|
<fingerprints matches="x509.issuer" protocol="x509">
|
3
3
|
<!--
|
4
4
|
This fingerprint set matches the Issuer field of x509 certificates. These x509
|
5
5
|
certificates may be sourced from any SSL or TLS service. If a particular system
|
6
6
|
has identical subject and issuer fields, the subject field should be preferred.
|
7
|
-
|
8
7
|
The format of the Issuer field is built from the x509 distinguished names using
|
9
8
|
a specific order. Please see the comments in x509_subjects.xml for details.
|
10
|
-
|
11
9
|
-->
|
10
|
+
|
12
11
|
<!-- Chromecast and various devices that support the Cast protocol -->
|
12
|
+
|
13
|
+
<fingerprint pattern="^CN=Eureka Gen1 ICA,OU=Google TV,O=Google Inc,L=Mountain View,ST=California,C=US$">
|
14
|
+
<description>Google Chromecast Gen 1</description>
|
15
|
+
<example>CN=Eureka Gen1 ICA,OU=Google TV,O=Google Inc,L=Mountain View,ST=California,C=US</example>
|
16
|
+
<param pos="0" name="os.vendor" value="Google"/>
|
17
|
+
<param pos="0" name="os.product" value="ChromeOS"/>
|
18
|
+
<param pos="0" name="hw.device" value="Media Server"/>
|
19
|
+
<param pos="0" name="hw.vendor" value="Google"/>
|
20
|
+
<param pos="0" name="hw.product" value="Chromecast"/>
|
21
|
+
<param pos="0" name="chromecast.generation" value="1"/>
|
22
|
+
</fingerprint>
|
23
|
+
|
13
24
|
<fingerprint pattern="^CN=Chromecast ICA (\d+)\s*\(?([^,\)]*)\)?,OU=Cast,O=Google Inc,L=Mountain View,ST=California,C=US$">
|
14
25
|
<description>Google Chromecast</description>
|
15
26
|
<example chromecast.generation="3">CN=Chromecast ICA 3,OU=Cast,O=Google Inc,L=Mountain View,ST=California,C=US</example>
|
@@ -28,60 +39,67 @@
|
|
28
39
|
<param pos="1" name="chromecast.generation"/>
|
29
40
|
<param pos="2" name="chromecast.capabilities"/>
|
30
41
|
</fingerprint>
|
42
|
+
|
31
43
|
<fingerprint pattern="^CN=Asus fugu Cast ICA,OU=Widevine,O=Google Inc,L=Kirkland,ST=Washington,C=US$">
|
32
44
|
<description>ASUS Nexus Player (Android) with Google Cast</description>
|
33
45
|
<example>CN=Asus fugu Cast ICA,OU=Widevine,O=Google Inc,L=Kirkland,ST=Washington,C=US</example>
|
34
46
|
<param pos="0" name="os.vendor" value="Google"/>
|
35
|
-
<param pos="0" name="os.cpe23" value="cpe:/o:google:android:-"/>
|
36
47
|
<param pos="0" name="os.family" value="Linux"/>
|
37
48
|
<param pos="0" name="os.product" value="Android"/>
|
49
|
+
<param pos="0" name="os.cpe23" value="cpe:/o:google:android:-"/>
|
38
50
|
<param pos="0" name="hw.device" value="Media Server"/>
|
39
51
|
<param pos="0" name="hw.vendor" value="ASUS"/>
|
40
52
|
<param pos="0" name="hw.product" value="Nexus Player"/>
|
41
53
|
</fingerprint>
|
54
|
+
|
42
55
|
<fingerprint pattern="^CN=Sony amai Cast ICA,OU=Widevine,O=Google Inc,L=Kirkland,ST=Washington,C=US$">
|
43
56
|
<description>Sony SmartTV (Android) with Google Cast</description>
|
44
57
|
<example>CN=Sony amai Cast ICA,OU=Widevine,O=Google Inc,L=Kirkland,ST=Washington,C=US</example>
|
45
58
|
<param pos="0" name="os.vendor" value="Google"/>
|
46
|
-
<param pos="0" name="os.cpe23" value="cpe:/o:google:android:-"/>
|
47
59
|
<param pos="0" name="os.family" value="Linux"/>
|
48
60
|
<param pos="0" name="os.product" value="Android"/>
|
61
|
+
<param pos="0" name="os.cpe23" value="cpe:/o:google:android:-"/>
|
49
62
|
<param pos="0" name="hw.device" value="Smart TV"/>
|
50
63
|
<param pos="0" name="hw.vendor" value="Sony"/>
|
51
64
|
</fingerprint>
|
65
|
+
|
52
66
|
<fingerprint pattern="^CN=Cast TV ICA \(Vizio\),OU=Cast,O=Google Inc,L=Mountain View,ST=California,C=US$">
|
53
67
|
<description>Vizio SmartTV (Android) with Google Cast</description>
|
54
68
|
<example>CN=Cast TV ICA (Vizio),OU=Cast,O=Google Inc,L=Mountain View,ST=California,C=US</example>
|
55
69
|
<param pos="0" name="os.vendor" value="Google"/>
|
56
|
-
<param pos="0" name="os.cpe23" value="cpe:/o:google:android:-"/>
|
57
70
|
<param pos="0" name="os.family" value="Linux"/>
|
58
71
|
<param pos="0" name="os.product" value="Android"/>
|
72
|
+
<param pos="0" name="os.cpe23" value="cpe:/o:google:android:-"/>
|
59
73
|
<param pos="0" name="hw.device" value="Smart TV"/>
|
60
74
|
<param pos="0" name="hw.vendor" value="Vizio"/>
|
61
75
|
</fingerprint>
|
76
|
+
|
62
77
|
<fingerprint pattern="^CN=NVidia Shield Cast ICA,OU=Widevine,O=Google Inc,L=Kirkland,ST=Washington,C=US$">
|
63
78
|
<description>NVIDIA SHIELD (Android) with Google Cast</description>
|
64
79
|
<example>CN=NVidia Shield Cast ICA,OU=Widevine,O=Google Inc,L=Kirkland,ST=Washington,C=US</example>
|
65
80
|
<param pos="0" name="os.vendor" value="Google"/>
|
66
|
-
<param pos="0" name="os.cpe23" value="cpe:/o:google:android:-"/>
|
67
81
|
<param pos="0" name="os.family" value="Linux"/>
|
68
82
|
<param pos="0" name="os.product" value="Android"/>
|
83
|
+
<param pos="0" name="os.cpe23" value="cpe:/o:google:android:-"/>
|
69
84
|
<param pos="0" name="hw.device" value="Tablet"/>
|
70
85
|
<param pos="0" name="hw.vendor" value="NVIDIA"/>
|
71
86
|
<param pos="0" name="hw.product" value="SHIELD"/>
|
72
87
|
</fingerprint>
|
88
|
+
|
73
89
|
<fingerprint pattern="^CN=NVidia Darcy NVidia Tegra K1-Denver Cast ICA,OU=Widevine,O=Google Inc,L=Kirkland,ST=Washington,C=US$">
|
74
90
|
<description>NVIDIA SHIELD (Android) with Google Cast (Darcy)</description>
|
75
91
|
<example>CN=NVidia Darcy NVidia Tegra K1-Denver Cast ICA,OU=Widevine,O=Google Inc,L=Kirkland,ST=Washington,C=US</example>
|
76
92
|
<param pos="0" name="os.vendor" value="Google"/>
|
77
|
-
<param pos="0" name="os.cpe23" value="cpe:/o:google:android:-"/>
|
78
93
|
<param pos="0" name="os.family" value="Linux"/>
|
79
94
|
<param pos="0" name="os.product" value="Android"/>
|
95
|
+
<param pos="0" name="os.cpe23" value="cpe:/o:google:android:-"/>
|
80
96
|
<param pos="0" name="hw.device" value="Tablet"/>
|
81
97
|
<param pos="0" name="hw.vendor" value="NVIDIA"/>
|
82
98
|
<param pos="0" name="hw.product" value="SHIELD"/>
|
83
99
|
</fingerprint>
|
100
|
+
|
84
101
|
<!-- End of Chromecast -->
|
102
|
+
|
85
103
|
<fingerprint pattern="^CN=Yealink Equipment Issuing CA,OU=yealink\.com,O=Yealink Network Technology Co\.\\,Ltd.,L=Xiamen,ST=Fujian,C=CN$">
|
86
104
|
<description>Yealink VoIP Phone</description>
|
87
105
|
<example>CN=Yealink Equipment Issuing CA,OU=yealink.com,O=Yealink Network Technology Co.\,Ltd.,L=Xiamen,ST=Fujian,C=CN</example>
|
@@ -91,12 +109,14 @@
|
|
91
109
|
<param pos="0" name="hw.device" value="VoIP"/>
|
92
110
|
<param pos="0" name="hw.vendor" value="Yealink"/>
|
93
111
|
</fingerprint>
|
112
|
+
|
94
113
|
<fingerprint pattern="^CN=[a-zA-Z0-9]+,OU=Internally Generated Certificate,O=American Power Conversion Corp,L=Default Locality,ST=Default State,C=US$">
|
95
114
|
<description>APC UPS</description>
|
96
115
|
<example>CN=ZA1117619249,OU=Internally Generated Certificate,O=American Power Conversion Corp,L=Default Locality,ST=Default State,C=US</example>
|
97
116
|
<param pos="0" name="hw.device" value="Power device"/>
|
98
117
|
<param pos="0" name="hw.vendor" value="APC"/>
|
99
118
|
</fingerprint>
|
119
|
+
|
100
120
|
<fingerprint pattern="^CN=Temporary CA [a-fA-F0-9]{8}\-[a-fA-F0-9]{4}\-[a-fA-F0-9]{4}\-[a-fA-F0-9]{4}\-[a-fA-F0-9]{12},OU=Temporary CA">
|
101
121
|
<description>Cisco Video Communication Server</description>
|
102
122
|
<example>CN=Temporary CA 218131fe-8af4-11e7-aa6e-9950d6bbaf74,OU=Temporary CA 218131fe-8af4-11e7-aa6e-9950d6bbaf74,O=Temporary CA 218131fe-8af4-11e7-aa6e-9950d6bbaf74</example>
|
@@ -104,31 +124,35 @@
|
|
104
124
|
<param pos="0" name="hw.vendor" value="Cisco"/>
|
105
125
|
<param pos="0" name="hw.product" value="TelePresence"/>
|
106
126
|
</fingerprint>
|
127
|
+
|
107
128
|
<fingerprint pattern="^O=VMware Installer$">
|
108
129
|
<description>VMWare ESXi w/Installer</description>
|
109
130
|
<example>O=VMware Installer</example>
|
110
|
-
<param pos="0" name="os.vendor" value="
|
111
|
-
<param pos="0" name="os.cpe23" value="cpe:/o:vmware:esxi:-"/>
|
131
|
+
<param pos="0" name="os.vendor" value="VMware"/>
|
112
132
|
<param pos="0" name="os.product" value="ESXi"/>
|
113
133
|
<param pos="0" name="os.device" value="Hypervisor"/>
|
134
|
+
<param pos="0" name="os.cpe23" value="cpe:/o:vmware:esxi:-"/>
|
114
135
|
</fingerprint>
|
136
|
+
|
115
137
|
<fingerprint pattern="^CN=CA,OU=VMware Engineering,O=vCenter,ST=California,C=US$">
|
116
138
|
<description>VMWare vCenter</description>
|
117
139
|
<example>CN=CA,OU=VMware Engineering,O=vCenter,ST=California,C=US</example>
|
118
|
-
<param pos="0" name="service.vendor" value="
|
140
|
+
<param pos="0" name="service.vendor" value="VMware"/>
|
119
141
|
<param pos="0" name="service.product" value="vCenter"/>
|
120
142
|
</fingerprint>
|
143
|
+
|
121
144
|
<fingerprint pattern="^CN=Default Issuer \(Do not trust\),OU=ISS,O=Hewlett Packard Enterprise,L=Houston,ST=Texas,C=US$">
|
122
145
|
<description>HP iLO</description>
|
123
146
|
<example>CN=Default Issuer (Do not trust),OU=ISS,O=Hewlett Packard Enterprise,L=Houston,ST=Texas,C=US</example>
|
124
147
|
<param pos="0" name="hw.device" value="Lights Out Management"/>
|
125
148
|
<param pos="0" name="hw.vendor" value="HP"/>
|
126
149
|
<param pos="0" name="hw.family" value="iLO"/>
|
127
|
-
<param pos="0" name="hw.cpe23" value="cpe:/h:hp:integrated_lights_out:-"/>
|
128
150
|
<param pos="0" name="hw.product" value="iLO"/>
|
151
|
+
<param pos="0" name="hw.cpe23" value="cpe:/h:hp:integrated_lights_out:-"/>
|
129
152
|
<param pos="0" name="os.device" value="Lights Out Management"/>
|
130
153
|
<param pos="0" name="os.vendor" value="HP"/>
|
131
154
|
<param pos="0" name="os.family" value="iLO"/>
|
132
155
|
<param pos="0" name="os.product" value="iLO"/>
|
133
156
|
</fingerprint>
|
134
|
-
|
157
|
+
|
158
|
+
</fingerprints>
|
data/xml/x509_subjects.xml
CHANGED
@@ -1,16 +1,13 @@
|
|
1
|
-
<?xml version=
|
1
|
+
<?xml version='1.0' encoding='UTF-8'?>
|
2
2
|
<fingerprints matches="x509.subject" protocol="x509">
|
3
3
|
<!--
|
4
4
|
This fingerprint set matches the Subject field of x509 certificates. These x509
|
5
5
|
certificates may be sourced from any SSL or TLS service. If a particular system
|
6
6
|
has identical subject and issuer fields, the subject field should be preferred.
|
7
|
-
|
8
7
|
The format of the Subject field is built from the x509 distinguished names using
|
9
8
|
a specific order. This order matches the Go implementation at the URL:
|
10
9
|
https://golang.org/src/crypto/x509/pkix/pkix.go#203
|
11
|
-
|
12
10
|
The ToRDNSequence() function builds the string in reverse order:
|
13
|
-
|
14
11
|
func (n Name) ToRDNSequence() (ret RDNSequence) {
|
15
12
|
ret = n.appendRDNs(ret, n.Country, oidCountry)
|
16
13
|
ret = n.appendRDNs(ret, n.Province, oidProvince)
|
@@ -28,13 +25,10 @@
|
|
28
25
|
for _, atv := range n.ExtraNames {
|
29
26
|
ret = append(ret, []AttributeTypeAndValue{atv})
|
30
27
|
}
|
31
|
-
|
32
28
|
return ret
|
33
29
|
}
|
34
|
-
|
35
30
|
All names are separated by commas and any commas inside a name are escaped with a
|
36
31
|
single backslash character. See RFC 2253 for additional details on formatting.
|
37
|
-
|
38
32
|
Practically, most Subjects start with the Common Name (CN=) and then step through
|
39
33
|
Organization Unit (OU), Organization (O), and then some level of location, but
|
40
34
|
typically Locality (L) and Country (C). Names are guaranteed to be listed in
|
@@ -42,10 +36,9 @@
|
|
42
36
|
Subjects may start with a Serial Number (SERIALNUMBER=) or even Extra Names, but
|
43
37
|
these are somewhat rare. Keep this name order in mind when working on these
|
44
38
|
fingerprints.
|
45
|
-
|
46
39
|
The same constraints also apply to the x509 Issuers (x509_issuers.xml).
|
47
|
-
|
48
40
|
-->
|
41
|
+
|
49
42
|
<fingerprint pattern="^CN=([0-9a-fA-F]{2}:[0-9a-fA-F]{2}:[0-9a-fA-F]{2}:[0-9a-fA-F]{2}:[0-9a-fA-F]{2}:[0-9a-fA-F]{2}),OU=([^,]+),O=Araknis Networks \(TM\),L=Charlotte,C=US$">
|
50
43
|
<description>Araknis Networks Router</description>
|
51
44
|
<example host.mac="d4:6a:91:7a:a3:c4" hw.product="AN-300-RT-4L2W">CN=d4:6a:91:7a:a3:c4,OU=AN-300-RT-4L2W,O=Araknis Networks (TM),L=Charlotte,C=US</example>
|
@@ -54,23 +47,26 @@
|
|
54
47
|
<param pos="2" name="hw.product"/>
|
55
48
|
<param pos="1" name="host.mac"/>
|
56
49
|
</fingerprint>
|
50
|
+
|
57
51
|
<fingerprint pattern="^CN=([a-fA-F0-9:]+),OU=([^,]+),O=Cisco-Linksys\\, LLC">
|
58
52
|
<description>Cisco / Linksys Router</description>
|
59
53
|
<example host.mac="00:22:6b:ef:1e:d0" hw.product="RV042">CN=00:22:6b:ef:1e:d0,OU=RV042,O=Cisco-Linksys\, LLC,L=Irvine,C=US</example>
|
60
|
-
<param pos="0" name="hw.device" value="Broadband
|
54
|
+
<param pos="0" name="hw.device" value="Broadband router"/>
|
61
55
|
<param pos="0" name="hw.vendor" value="Cisco"/>
|
62
56
|
<param pos="2" name="hw.product"/>
|
63
57
|
<param pos="1" name="host.mac"/>
|
64
58
|
</fingerprint>
|
59
|
+
|
65
60
|
<fingerprint pattern="^CN=([a-fA-F0-9\:]+),OU=([^,]+),O=Cisco Systems\\, Inc\.">
|
66
61
|
<description>Cisco Post-Linksys Router</description>
|
67
62
|
<example host.mac="74:a2:e6:5c:99:21" hw.product="RV042G">CN=74:a2:e6:5c:99:21,OU=RV042G,O=Cisco Systems\, Inc.,L=Irvine,C=US</example>
|
68
63
|
<example host.mac="4C4E315901D0" hw.product="RV180">CN=4C4E315901D0,OU=RV180,O=Cisco Systems\, Inc.,C=US</example>
|
69
|
-
<param pos="0" name="hw.device" value="Broadband
|
64
|
+
<param pos="0" name="hw.device" value="Broadband router"/>
|
70
65
|
<param pos="0" name="hw.vendor" value="Cisco"/>
|
71
66
|
<param pos="2" name="hw.product"/>
|
72
67
|
<param pos="1" name="host.mac"/>
|
73
68
|
</fingerprint>
|
69
|
+
|
74
70
|
<fingerprint pattern="^SERIALNUMBER=PID:([^ ]+) SN:([^,]+),CN=(?:[a-zA-Z0-9\-]+)-SEP([a-fA-F0-9]{12}),OU=[CV]TG,O=Cisco Systems Inc\.$">
|
75
71
|
<description>Cisco IP phone with serial number</description>
|
76
72
|
<example host.mac="B07D47D33A1C" hw.product="CP-8851" cisco.serial_number="FCH1924AHCA">SERIALNUMBER=PID:CP-8851 SN:FCH1924AHCA,CN=CP-8851-SEPB07D47D33A1C,OU=CTG,O=Cisco Systems Inc.</example>
|
@@ -81,6 +77,15 @@
|
|
81
77
|
<param pos="2" name="cisco.serial_number"/>
|
82
78
|
<param pos="3" name="host.mac"/>
|
83
79
|
</fingerprint>
|
80
|
+
|
81
|
+
<fingerprint pattern="^CN=SEP([a-fA-F0-9]{12}),O=TemporaryDefaultCertificate$">
|
82
|
+
<description>Cisco IP Phone without serial number</description>
|
83
|
+
<example host.mac="1C6A7AE57121">CN=SEP1C6A7AE57121,O=TemporaryDefaultCertificate</example>
|
84
|
+
<param pos="0" name="hw.device" value="VoIP"/>
|
85
|
+
<param pos="0" name="hw.vendor" value="Cisco"/>
|
86
|
+
<param pos="1" name="host.mac"/>
|
87
|
+
</fingerprint>
|
88
|
+
|
84
89
|
<fingerprint pattern="^CN=Cambium WLAN AP,OU=Products,O=Cambium Networks Inc,L=San Jose,ST=CA,C=US$">
|
85
90
|
<description>Cambium Networks WAP</description>
|
86
91
|
<example>CN=Cambium WLAN AP,OU=Products,O=Cambium Networks Inc,L=San Jose,ST=CA,C=US</example>
|
@@ -88,6 +93,7 @@
|
|
88
93
|
<param pos="0" name="hw.vendor" value="Cambium Networks"/>
|
89
94
|
<param pos="0" name="hw.product" value="WLAN AP"/>
|
90
95
|
</fingerprint>
|
96
|
+
|
91
97
|
<fingerprint pattern="^CN=([^,]+),OU=Products,O=Cambium Networks Inc,L=San Jose,ST=CA,C=US$">
|
92
98
|
<description>Cambium Networks Router</description>
|
93
99
|
<example hw.product="R190V">CN=R190V,OU=Products,O=Cambium Networks Inc,L=San Jose,ST=CA,C=US</example>
|
@@ -96,12 +102,14 @@
|
|
96
102
|
<param pos="0" name="hw.vendor" value="Cambium Networks"/>
|
97
103
|
<param pos="1" name="hw.product"/>
|
98
104
|
</fingerprint>
|
105
|
+
|
99
106
|
<fingerprint pattern="^CN=Nepenthes Development Team,OU=anv,O=dionaea\.carnivore\.it,C=DE$">
|
100
107
|
<description>Nepenthes honeypot</description>
|
101
108
|
<example>CN=Nepenthes Development Team,OU=anv,O=dionaea.carnivore.it,C=DE</example>
|
102
109
|
<param pos="0" name="service.family" value="Nepenthes"/>
|
103
110
|
<param pos="0" name="service.product" value="Nepenthes"/>
|
104
111
|
</fingerprint>
|
112
|
+
|
105
113
|
<fingerprint pattern="^CN=IPMI,OU=Software,O=Super Micro Computer,ST=California,C=US$">
|
106
114
|
<description>Super Micro IPMI Controller</description>
|
107
115
|
<example>CN=IPMI,OU=Software,O=Super Micro Computer,ST=California,C=US</example>
|
@@ -111,6 +119,7 @@
|
|
111
119
|
<param pos="0" name="os.vendor" value="Super Micro"/>
|
112
120
|
<param pos="0" name="os.product" value="ATEN Linux"/>
|
113
121
|
</fingerprint>
|
122
|
+
|
114
123
|
<fingerprint pattern="^CN=iDRACdefault([a-fA-F0-9]{12}),OU=iDRAC Group,O=Dell Inc.,L=Round Rock,C=US$">
|
115
124
|
<description>Dell iDRAC Remote Access Controller w/MAC</description>
|
116
125
|
<example host.mac="0023AEF89AD1">CN=iDRACdefault0023AEF89AD1,OU=iDRAC Group,O=Dell Inc.,L=Round Rock,C=US</example>
|
@@ -121,6 +130,7 @@
|
|
121
130
|
<param pos="0" name="os.product" value="iDRAC Linux"/>
|
122
131
|
<param pos="1" name="host.mac"/>
|
123
132
|
</fingerprint>
|
133
|
+
|
124
134
|
<fingerprint pattern="^CN=idrac-([A-Z0-9]{7}),OU=Remote Access Group,O=Dell Inc\.,L=Round Rock,ST=Texas,C=US$">
|
125
135
|
<description>Dell iDRAC Remote Access Controller w/Service Tag</description>
|
126
136
|
<example dell.service_tag="JXJJC02">CN=idrac-JXJJC02,OU=Remote Access Group,O=Dell Inc.,L=Round Rock,ST=Texas,C=US</example>
|
@@ -132,6 +142,7 @@
|
|
132
142
|
<param pos="0" name="os.product" value="iDRAC Linux"/>
|
133
143
|
<param pos="1" name="dell.service_tag"/>
|
134
144
|
</fingerprint>
|
145
|
+
|
135
146
|
<fingerprint pattern="^CN=idrac.*,OU=Remote Access Group,O=Dell Inc\.,L=Round Rock,ST=Texas,C=US$">
|
136
147
|
<description>Dell iDRAC Remote Access Controller w/o Service Tag</description>
|
137
148
|
<example>CN=idrac-SVCTAG,OU=Remote Access Group,O=Dell Inc.,L=Round Rock,ST=Texas,C=US</example>
|
@@ -144,17 +155,19 @@
|
|
144
155
|
<param pos="0" name="os.vendor" value="Dell"/>
|
145
156
|
<param pos="0" name="os.product" value="iDRAC Linux"/>
|
146
157
|
</fingerprint>
|
158
|
+
|
147
159
|
<fingerprint pattern="^CN=(i?DRAC\d+) default certificate,OU=Remote Access Group,O=Dell Inc\.,L=Round Rock,ST=Texas,C=US$">
|
148
160
|
<description>Dell iDRAC Remote Access Controller w/Version</description>
|
149
|
-
<example>CN=iDRAC7 default certificate,OU=Remote Access Group,O=Dell Inc.,L=Round Rock,ST=Texas,C=US</example>
|
150
|
-
<example>CN=iDRAC6 default certificate,OU=Remote Access Group,O=Dell Inc.,L=Round Rock,ST=Texas,C=US</example>
|
151
|
-
<example>CN=DRAC5 default certificate,OU=Remote Access Group,O=Dell Inc.,L=Round Rock,ST=Texas,C=US</example>
|
161
|
+
<example hw.product="iDRAC7">CN=iDRAC7 default certificate,OU=Remote Access Group,O=Dell Inc.,L=Round Rock,ST=Texas,C=US</example>
|
162
|
+
<example hw.product="iDRAC6">CN=iDRAC6 default certificate,OU=Remote Access Group,O=Dell Inc.,L=Round Rock,ST=Texas,C=US</example>
|
163
|
+
<example hw.product="DRAC5">CN=DRAC5 default certificate,OU=Remote Access Group,O=Dell Inc.,L=Round Rock,ST=Texas,C=US</example>
|
152
164
|
<param pos="0" name="hw.device" value="Lights Out Management"/>
|
153
165
|
<param pos="0" name="hw.vendor" value="Dell"/>
|
154
166
|
<param pos="1" name="hw.product"/>
|
155
167
|
<param pos="0" name="os.vendor" value="Dell"/>
|
156
168
|
<param pos="0" name="os.product" value="iDRAC Linux"/>
|
157
169
|
</fingerprint>
|
170
|
+
|
158
171
|
<fingerprint pattern="^CN=iDRAC default certificate,OU=Server Firmware Group,O=Dell Inc\.,L=Round Rock,ST=Texas,C=US$">
|
159
172
|
<description>Dell iDRAC Remote Access Controller Default Certificate</description>
|
160
173
|
<example>CN=iDRAC default certificate,OU=Server Firmware Group,O=Dell Inc.,L=Round Rock,ST=Texas,C=US</example>
|
@@ -164,6 +177,7 @@
|
|
164
177
|
<param pos="0" name="os.vendor" value="Dell"/>
|
165
178
|
<param pos="0" name="os.product" value="iDRAC Linux"/>
|
166
179
|
</fingerprint>
|
180
|
+
|
167
181
|
<fingerprint pattern="^CN=XCC-([a-zA-Z0-9]+)-([a-zA-Z0-9]+),O=System X,L=RTP,ST=NC,C=US$">
|
168
182
|
<description>Lenovo XCC</description>
|
169
183
|
<example lenovo.machine_type="7X06" lenovo.machine_model="J1005NEX">CN=XCC-7X06-J1005NEX,O=System X,L=RTP,ST=NC,C=US</example>
|
@@ -176,33 +190,36 @@
|
|
176
190
|
<param pos="1" name="lenovo.machine_type"/>
|
177
191
|
<param pos="2" name="lenovo.machine_model"/>
|
178
192
|
</fingerprint>
|
193
|
+
|
179
194
|
<fingerprint pattern="^CN=([A-Za-z0-9\_\-\.]+),OU=ISS,O=Hewlett-Packard Company,L=Houston,ST=Texas,C=US$">
|
180
195
|
<description>HP iLO</description>
|
181
196
|
<example>CN=SERVER-1231,OU=ISS,O=Hewlett-Packard Company,L=Houston,ST=Texas,C=US</example>
|
182
197
|
<param pos="0" name="hw.device" value="Lights Out Management"/>
|
183
198
|
<param pos="0" name="hw.vendor" value="HP"/>
|
184
199
|
<param pos="0" name="hw.family" value="iLO"/>
|
185
|
-
<param pos="0" name="hw.cpe23" value="cpe:/h:hp:integrated_lights_out:-"/>
|
186
200
|
<param pos="0" name="hw.product" value="iLO"/>
|
201
|
+
<param pos="0" name="hw.cpe23" value="cpe:/h:hp:integrated_lights_out:-"/>
|
187
202
|
<param pos="0" name="os.device" value="Lights Out Management"/>
|
188
203
|
<param pos="0" name="os.vendor" value="HP"/>
|
189
204
|
<param pos="0" name="os.family" value="iLO"/>
|
190
205
|
<param pos="0" name="os.product" value="iLO"/>
|
191
206
|
<param pos="1" name="host.name"/>
|
192
207
|
</fingerprint>
|
208
|
+
|
193
209
|
<fingerprint pattern="^CN=HP Service Processor,OU=UDU Service Tools,O=Hewlett-Packard Development Company\\, L\.P\.\\ ,L=Fremont,ST=California,C=US$">
|
194
210
|
<description>HP iLO - HP Service Processor</description>
|
195
211
|
<example>CN=HP Service Processor,OU=UDU Service Tools,O=Hewlett-Packard Development Company\, L.P.\ ,L=Fremont,ST=California,C=US</example>
|
196
212
|
<param pos="0" name="hw.device" value="Lights Out Management"/>
|
197
213
|
<param pos="0" name="hw.vendor" value="HP"/>
|
198
214
|
<param pos="0" name="hw.family" value="iLO"/>
|
199
|
-
<param pos="0" name="hw.cpe23" value="cpe:/h:hp:integrated_lights_out:-"/>
|
200
215
|
<param pos="0" name="hw.product" value="iLO"/>
|
216
|
+
<param pos="0" name="hw.cpe23" value="cpe:/h:hp:integrated_lights_out:-"/>
|
201
217
|
<param pos="0" name="os.device" value="Lights Out Management"/>
|
202
218
|
<param pos="0" name="os.vendor" value="HP"/>
|
203
219
|
<param pos="0" name="os.family" value="iLO"/>
|
204
220
|
<param pos="0" name="os.product" value="iLO"/>
|
205
221
|
</fingerprint>
|
222
|
+
|
206
223
|
<fingerprint pattern="^CN=OA\-([a-fA-F0-9]+),OU=Onboard Administrator,">
|
207
224
|
<description>HP iLO (Onboard Administrator)</description>
|
208
225
|
<example>CN=OA-001F296E21A3,OU=Onboard Administrator,O=Corp.,L=Location,ST=N/A,C=US</example>
|
@@ -210,28 +227,30 @@
|
|
210
227
|
<param pos="0" name="hw.device" value="Lights Out Management"/>
|
211
228
|
<param pos="0" name="hw.vendor" value="HP"/>
|
212
229
|
<param pos="0" name="hw.family" value="iLO"/>
|
213
|
-
<param pos="0" name="hw.cpe23" value="cpe:/h:hp:integrated_lights_out:-"/>
|
214
230
|
<param pos="0" name="hw.product" value="iLO"/>
|
231
|
+
<param pos="0" name="hw.cpe23" value="cpe:/h:hp:integrated_lights_out:-"/>
|
215
232
|
<param pos="0" name="os.device" value="Lights Out Management"/>
|
216
233
|
<param pos="0" name="os.vendor" value="HP"/>
|
217
234
|
<param pos="0" name="os.family" value="iLO"/>
|
218
235
|
<param pos="0" name="os.product" value="iLO"/>
|
219
236
|
<param pos="1" name="host.mac"/>
|
220
237
|
</fingerprint>
|
238
|
+
|
221
239
|
<fingerprint pattern="^CN=([A-Za-z0-9\_\-\.]+),OU=Hewlett Packard Enterprise Network Management Software \(SMH\),O=Hewlett Packard Enterprise,L=Houston,ST=Texas,C=US$">
|
222
240
|
<description>HP iLO - Enterprise Mgmt variant</description>
|
223
241
|
<example>CN=bigsrv99,OU=Hewlett Packard Enterprise Network Management Software (SMH),O=Hewlett Packard Enterprise,L=Houston,ST=Texas,C=US</example>
|
224
242
|
<param pos="0" name="hw.device" value="Lights Out Management"/>
|
225
243
|
<param pos="0" name="hw.vendor" value="HP"/>
|
226
244
|
<param pos="0" name="hw.family" value="iLO"/>
|
227
|
-
<param pos="0" name="hw.cpe23" value="cpe:/h:hp:integrated_lights_out:-"/>
|
228
245
|
<param pos="0" name="hw.product" value="iLO"/>
|
246
|
+
<param pos="0" name="hw.cpe23" value="cpe:/h:hp:integrated_lights_out:-"/>
|
229
247
|
<param pos="0" name="os.device" value="Lights Out Management"/>
|
230
248
|
<param pos="0" name="os.vendor" value="HP"/>
|
231
249
|
<param pos="0" name="os.family" value="iLO"/>
|
232
250
|
<param pos="0" name="os.product" value="iLO"/>
|
233
251
|
<param pos="1" name="host.name"/>
|
234
252
|
</fingerprint>
|
253
|
+
|
235
254
|
<fingerprint pattern="^CN=Oracle Integrated Lights Out Manager,O=Oracle America\\, Inc\.,L=Redwood Shores,ST=California,C=US$">
|
236
255
|
<description>Oracle iLO</description>
|
237
256
|
<example>CN=Oracle Integrated Lights Out Manager,O=Oracle America\, Inc.,L=Redwood Shores,ST=California,C=US</example>
|
@@ -244,9 +263,11 @@
|
|
244
263
|
<param pos="0" name="os.family" value="ILOM"/>
|
245
264
|
<param pos="0" name="os.product" value="ILOM"/>
|
246
265
|
</fingerprint>
|
247
|
-
|
266
|
+
|
267
|
+
<fingerprint pattern="^CN=AMI,OU=Service Processors,O=American Megatrends Inc">
|
248
268
|
<description>AMI MegaRAC LOM</description>
|
249
269
|
<example>CN=AMI,OU=Service Processors,O=American Megatrends Inc.,L=Norcross,ST=Georgia,C=US</example>
|
270
|
+
<example>CN=AMI,OU=Service Processors,O=American Megatrends Inc,L=Atlanta,ST=Georgia,C=US</example>
|
250
271
|
<param pos="0" name="hw.device" value="Lights Out Management"/>
|
251
272
|
<param pos="0" name="hw.vendor" value="AMI"/>
|
252
273
|
<param pos="0" name="hw.family" value="MegaRAC"/>
|
@@ -256,6 +277,32 @@
|
|
256
277
|
<param pos="0" name="os.family" value="MegaRAC"/>
|
257
278
|
<param pos="0" name="os.product" value="MegaRAC"/>
|
258
279
|
</fingerprint>
|
280
|
+
|
281
|
+
<fingerprint pattern="^CN=C-series CIMC,OU=PID:([^ ]+) SERIAL:([^,]+),O=Cisco">
|
282
|
+
<description>Cisco Integrated Management Controller</description>
|
283
|
+
<example cisco.serial_number="FCH18999AAA" cisco.imc_model="UCSC-C220-M3S">CN=C-series CIMC,OU=PID:UCSC-C220-M3S SERIAL:FCH18999AAA,O=Cisco Self Signed,L=San Jose,ST=California,C=US</example>
|
284
|
+
<param pos="0" name="hw.device" value="Lights Out Management"/>
|
285
|
+
<param pos="0" name="hw.vendor" value="Cisco"/>
|
286
|
+
<param pos="0" name="hw.product" value="IMC"/>
|
287
|
+
<param pos="0" name="os.vendor" value="Cisco"/>
|
288
|
+
<param pos="0" name="os.family" value="Linux"/>
|
289
|
+
<param pos="0" name="os.product" value="IMC"/>
|
290
|
+
<param pos="2" name="cisco.serial_number"/>
|
291
|
+
<param pos="1" name="cisco.imc_model"/>
|
292
|
+
</fingerprint>
|
293
|
+
|
294
|
+
<fingerprint pattern="^CN=C220-(FCH[^,]+),OU=null,O=Cisco Systems Inc">
|
295
|
+
<description>Cisco Integrated Management Controller C220</description>
|
296
|
+
<example cisco.serial_number="FCH17999AAA">CN=C220-FCH17999AAA,OU=null,O=Cisco Systems Inc.,L=San Jose,ST=California,C=US</example>
|
297
|
+
<param pos="0" name="hw.device" value="Lights Out Management"/>
|
298
|
+
<param pos="0" name="hw.vendor" value="Cisco"/>
|
299
|
+
<param pos="0" name="hw.product" value="IMC"/>
|
300
|
+
<param pos="0" name="os.vendor" value="Cisco"/>
|
301
|
+
<param pos="0" name="os.family" value="Linux"/>
|
302
|
+
<param pos="0" name="os.product" value="IMC"/>
|
303
|
+
<param pos="1" name="cisco.serial_number"/>
|
304
|
+
</fingerprint>
|
305
|
+
|
259
306
|
<fingerprint pattern="^CN=avocent.com,OU=AESS,O=Avocent,L=Sunrise,ST=FL,C=US$">
|
260
307
|
<description>Avocent KVM</description>
|
261
308
|
<example>CN=avocent.com,OU=AESS,O=Avocent,L=Sunrise,ST=FL,C=US</example>
|
@@ -264,6 +311,7 @@
|
|
264
311
|
<param pos="0" name="os.device" value="KVM"/>
|
265
312
|
<param pos="0" name="os.vendor" value="Avocent"/>
|
266
313
|
</fingerprint>
|
314
|
+
|
267
315
|
<fingerprint pattern="^CN=Avocent Mergepoint Unity,O=Avocent Mergepoint Unity,L=Huntsville,ST=Alabama,C=US$">
|
268
316
|
<description>Avocent Mergepoint KVM</description>
|
269
317
|
<example>CN=Avocent Mergepoint Unity,O=Avocent Mergepoint Unity,L=Huntsville,ST=Alabama,C=US</example>
|
@@ -274,6 +322,7 @@
|
|
274
322
|
<param pos="0" name="os.vendor" value="Avocent"/>
|
275
323
|
<param pos="0" name="os.product" value="Mergepoint"/>
|
276
324
|
</fingerprint>
|
325
|
+
|
277
326
|
<fingerprint pattern="^CN=HP Jetdirect [a-zA-Z0-9]+,OU=([a-fA-F0-9]{12})\+OU=([a-zA-Z0-9]+),O=Hewlett-Packard Co\.$">
|
278
327
|
<description>HP Jet Direct - with host MAC and product</description>
|
279
328
|
<example host.mac="2C413883186A" hw.product="J8028E">CN=HP Jetdirect 38831831,OU=2C413883186A+OU=J8028E,O=Hewlett-Packard Co.</example>
|
@@ -288,6 +337,7 @@
|
|
288
337
|
<param pos="2" name="hw.product"/>
|
289
338
|
<param pos="2" name="os.product"/>
|
290
339
|
</fingerprint>
|
340
|
+
|
291
341
|
<fingerprint pattern="^CN=([a-zA-Z0-9\.\-\_]+),OU=HP-IPG,O=HP,L=Vancouver,ST=Washington,C=US$">
|
292
342
|
<description>HP Jet Direct</description>
|
293
343
|
<example host.name="HPD49F21">CN=HPD49F21,OU=HP-IPG,O=HP,L=Vancouver,ST=Washington,C=US</example>
|
@@ -299,6 +349,7 @@
|
|
299
349
|
<param pos="0" name="os.family" value="JetDirect"/>
|
300
350
|
<param pos="1" name="host.name"/>
|
301
351
|
</fingerprint>
|
352
|
+
|
302
353
|
<fingerprint pattern="^CN=(?:Sourcefire3D|firepower|ciscoasa),OU=Intrusion Management System,O=(?:Sourcefire\\, Inc.|Cisco Systems\\, Inc),C=US$">
|
303
354
|
<description>Cisco Firepower</description>
|
304
355
|
<example>CN=firepower,OU=Intrusion Management System,O=Cisco Systems\, Inc,C=US</example>
|
@@ -312,14 +363,55 @@
|
|
312
363
|
<param pos="0" name="os.product" value="Firepower"/>
|
313
364
|
<param pos="0" name="os.family" value="Linux"/>
|
314
365
|
</fingerprint>
|
366
|
+
|
315
367
|
<fingerprint pattern="^CN=ASA Temporary Self Signed Certificate$">
|
316
|
-
<description>Cisco ASA</description>
|
368
|
+
<description>Cisco ASA Temp Cert</description>
|
317
369
|
<example>CN=ASA Temporary Self Signed Certificate</example>
|
370
|
+
<param pos="0" name="os.vendor" value="Cisco"/>
|
371
|
+
<param pos="0" name="os.family" value="Adaptive Security Appliance"/>
|
372
|
+
<param pos="0" name="os.product" value="Adaptive Security Appliance"/>
|
373
|
+
<param pos="0" name="os.cpe23" value="cpe:/o:cisco:adaptive_security_appliance:-"/>
|
374
|
+
<param pos="0" name="hw.vendor" value="Cisco"/>
|
375
|
+
<param pos="0" name="hw.family" value="Adaptive Security Appliance"/>
|
376
|
+
<param pos="0" name="hw.product" value="Adaptive Security Appliance"/>
|
318
377
|
<param pos="0" name="hw.device" value="Firewall"/>
|
319
378
|
<param pos="0" name="hw.cpe23" value="cpe:/h:cisco:adaptive_security_appliance:-"/>
|
379
|
+
</fingerprint>
|
380
|
+
|
381
|
+
<fingerprint pattern="^SERIALNUMBER=([a-zA-Z0-9]+),CN=DEVICE-vWLC,O=Cisco Virtual WLC$">
|
382
|
+
<description>Cisco vWLC</description>
|
383
|
+
<example cisco.serial_number="9C89M2088D1">SERIALNUMBER=9C89M2088D1,CN=DEVICE-vWLC,O=Cisco Virtual WLC</example>
|
384
|
+
<param pos="0" name="os.vendor" value="Cisco"/>
|
385
|
+
<param pos="0" name="os.device" value="Wireless Controller"/>
|
386
|
+
<param pos="0" name="os.product" value="Wireless LAN Controller"/>
|
387
|
+
<param pos="0" name="os.cpe23" value="cpe:/o:cisco:wireless_lan_controller:-"/>
|
388
|
+
<param pos="1" name="cisco.serial_number"/>
|
389
|
+
</fingerprint>
|
390
|
+
|
391
|
+
<fingerprint pattern="^CN=[a-zA-Z0-9\.\-\_]+,OU=DeviceSSL \(WebAdmin\),O=Cisco Systems Inc\.,C=US$">
|
392
|
+
<description>Cisco WLC</description>
|
393
|
+
<example>CN=169.254.1.1,OU=DeviceSSL (WebAdmin),O=Cisco Systems Inc.,C=US</example>
|
394
|
+
<param pos="0" name="os.vendor" value="Cisco"/>
|
395
|
+
<param pos="0" name="os.device" value="Wireless Controller"/>
|
396
|
+
<param pos="0" name="os.product" value="Wireless LAN Controller"/>
|
397
|
+
<param pos="0" name="os.cpe23" value="cpe:/o:cisco:wireless_lan_controller:-"/>
|
320
398
|
<param pos="0" name="hw.vendor" value="Cisco"/>
|
321
|
-
<param pos="0" name="hw.
|
399
|
+
<param pos="0" name="hw.device" value="Wireless Controller"/>
|
400
|
+
<param pos="0" name="hw.product" value="Wireless LAN Controller"/>
|
401
|
+
<param pos="0" name="hw.cpe23" value="cpe:/h:cisco:wireless_lan_controller:-"/>
|
322
402
|
</fingerprint>
|
403
|
+
|
404
|
+
<fingerprint pattern="^CN=pca,OU=Cisco Prime Collaboration Manager,O=Cisco,L=San Jose,ST=California,C=US$">
|
405
|
+
<description>Cisco Primary Collaboration Manager</description>
|
406
|
+
<example>CN=pca,OU=Cisco Prime Collaboration Manager,O=Cisco,L=San Jose,ST=California,C=US</example>
|
407
|
+
<param pos="0" name="os.vendor" value="Cisco"/>
|
408
|
+
<param pos="0" name="os.device" value="Network Management Device"/>
|
409
|
+
<param pos="0" name="os.product" value="Prime Collaboration Manager"/>
|
410
|
+
<param pos="0" name="hw.vendor" value="Cisco"/>
|
411
|
+
<param pos="0" name="hw.device" value="Network Management Device"/>
|
412
|
+
<param pos="0" name="hw.product" value="Prime Collaboration Manager"/>
|
413
|
+
</fingerprint>
|
414
|
+
|
323
415
|
<fingerprint pattern="^CN=synology\.com.*,O=Synology Inc\.,L=Taipei.*,C=TW$">
|
324
416
|
<description>Synology NAS</description>
|
325
417
|
<example>CN=synology.com,OU=FTP Team,O=Synology Inc.,L=Taipei,ST=Taiwan,C=TW</example>
|
@@ -332,6 +424,7 @@
|
|
332
424
|
<param pos="0" name="os.product" value="DSM"/>
|
333
425
|
<param pos="0" name="os.vendor" value="Synology"/>
|
334
426
|
</fingerprint>
|
427
|
+
|
335
428
|
<fingerprint pattern="^CN=(?:\*\.)?([a-zA-Z0-9\.\_\-]+)\.wd2go\.com">
|
336
429
|
<description>Western Digital WD2GO Devices</description>
|
337
430
|
<example wd2go.device_id="device1133796-01b3e3fa">CN=device1133796-01b3e3fa.wd2go.com,OU=Domain Control Validated+OU=Hosted by Western Digital Corporation+OU=COMODO SSL Unified Communications</example>
|
@@ -344,6 +437,7 @@
|
|
344
437
|
<param pos="0" name="os.device" value="Storage"/>
|
345
438
|
<param pos="1" name="wd2go.device_id"/>
|
346
439
|
</fingerprint>
|
440
|
+
|
347
441
|
<fingerprint pattern="^CN=Seagate Technology LLC,O=Seagate Technology LLC,L=Cupertino,ST=California,C=US$">
|
348
442
|
<description>Seagate NAS</description>
|
349
443
|
<example>CN=Seagate Technology LLC,O=Seagate Technology LLC,L=Cupertino,ST=California,C=US</example>
|
@@ -352,6 +446,7 @@
|
|
352
446
|
<param pos="0" name="os.vendor" value="Seagate"/>
|
353
447
|
<param pos="0" name="os.family" value="Linux"/>
|
354
448
|
</fingerprint>
|
449
|
+
|
355
450
|
<fingerprint pattern="^CN=[\d\.]+,OU=Q-Series,O=Quantum,ST=CO,C=US$">
|
356
451
|
<description>Seagate Q-Series NAS (previously Quantum)</description>
|
357
452
|
<example>CN=1.1.1.1,OU=Q-Series,O=Quantum,ST=CO,C=US</example>
|
@@ -360,6 +455,7 @@
|
|
360
455
|
<param pos="0" name="os.vendor" value="Seagate"/>
|
361
456
|
<param pos="0" name="os.family" value="Linux"/>
|
362
457
|
</fingerprint>
|
458
|
+
|
363
459
|
<fingerprint pattern="^CN=QNAP NAS,OU=QTS,O=QNAP Systems\\, Inc\.,L=Taipei,ST=Taipei,C=TW$">
|
364
460
|
<description>QNAP NAS</description>
|
365
461
|
<example>CN=QNAP NAS,OU=QTS,O=QNAP Systems\, Inc.,L=Taipei,ST=Taipei,C=TW</example>
|
@@ -370,56 +466,77 @@
|
|
370
466
|
<param pos="0" name="os.vendor" value="QNAP Systems"/>
|
371
467
|
<param pos="0" name="os.device" value="Storage"/>
|
372
468
|
</fingerprint>
|
469
|
+
|
373
470
|
<fingerprint pattern="^CN=VMware,OU=VMware,L=Palo Alto,C=US$">
|
374
471
|
<description>VMWare Authentication Daemon</description>
|
375
472
|
<example>CN=VMware,OU=VMware,L=Palo Alto,C=US</example>
|
376
|
-
<param pos="0" name="service.vendor" value="
|
473
|
+
<param pos="0" name="service.vendor" value="VMware"/>
|
377
474
|
<param pos="0" name="service.product" value="vmauthd"/>
|
378
475
|
</fingerprint>
|
476
|
+
|
379
477
|
<fingerprint pattern="^CN=([a-zA-Z0-9\.\-\_]+),OU=VMware ESX Server Default Certificate,O=VMware\\, Inc,L=Palo Alto,ST=California,C=US$">
|
380
478
|
<description>VMWare ESX</description>
|
381
479
|
<example>CN=server99.,OU=VMware ESX Server Default Certificate,O=VMware\, Inc,L=Palo Alto,ST=California,C=US</example>
|
382
|
-
<param pos="0" name="os.vendor" value="
|
383
|
-
<param pos="0" name="os.cpe23" value="cpe:/o:vmware:esx:-"/>
|
480
|
+
<param pos="0" name="os.vendor" value="VMware"/>
|
384
481
|
<param pos="0" name="os.product" value="ESX"/>
|
385
482
|
<param pos="0" name="os.device" value="Hypervisor"/>
|
483
|
+
<param pos="0" name="os.cpe23" value="cpe:/o:vmware:esx:-"/>
|
386
484
|
<param pos="1" name="host.name"/>
|
387
485
|
</fingerprint>
|
486
|
+
|
487
|
+
<fingerprint pattern="^CN.*,OU=SRM,O=VMware\\, Inc\.,L=Palo Alto,ST=California,C=US$">
|
488
|
+
<description>VMWare SRM</description>
|
489
|
+
<example>CN=SRM01,OU=SRM,O=VMware\, Inc.,L=Palo Alto,ST=California,C=US</example>
|
490
|
+
<param pos="0" name="os.vendor" value="VMware"/>
|
491
|
+
<param pos="0" name="os.product" value="Linux"/>
|
492
|
+
<param pos="0" name="hw.vendor" value="VMware"/>
|
493
|
+
<param pos="0" name="hw.device" value="Appliance"/>
|
494
|
+
<param pos="0" name="hw.product" value="Site Recovery Manager"/>
|
495
|
+
<param pos="0" name="service.vendor" value="VMware"/>
|
496
|
+
<param pos="0" name="service.product" value="Site Recovery Manager"/>
|
497
|
+
</fingerprint>
|
498
|
+
|
388
499
|
<fingerprint pattern="^CN=IOS-Self-Signed-Certificate-">
|
389
500
|
<description>Cisco IOS Default Certificate</description>
|
390
501
|
<example>CN=IOS-Self-Signed-Certificate-4163115936</example>
|
391
502
|
<param pos="0" name="os.vendor" value="Cisco"/>
|
392
|
-
<param pos="0" name="os.cpe23" value="cpe:/o:cisco:ios:-"/>
|
393
503
|
<param pos="0" name="os.family" value="IOS"/>
|
394
504
|
<param pos="0" name="os.product" value="IOS"/>
|
505
|
+
<param pos="0" name="os.cpe23" value="cpe:/o:cisco:ios:-"/>
|
395
506
|
<param pos="0" name="hw.vendor" value="Cisco"/>
|
396
507
|
<param pos="0" name="hw.device" value="Router"/>
|
397
508
|
</fingerprint>
|
398
|
-
|
509
|
+
|
510
|
+
<fingerprint pattern="^CN=([a-zA-Z0-9]{5,12}) ([a-zA-Z0-9]{12}),OU=(?:Cast|Google TV),O=Google Inc,L=Mountain View,ST=California,C=US$">
|
399
511
|
<description>Google Chromecast</description>
|
400
512
|
<example chromecast.serial_number="LVDZG5" host.mac_local="FA8FCA67413D">CN=LVDZG5 FA8FCA67413D,OU=Cast,O=Google Inc,L=Mountain View,ST=California,C=US</example>
|
513
|
+
<example chromecast.serial_number="YRBLE" host.mac_local="FA8FCA7DE87D">CN=YRBLE FA8FCA7DE87D,OU=Google TV,O=Google Inc,L=Mountain View,ST=California,C=US</example>
|
401
514
|
<param pos="0" name="os.vendor" value="Google"/>
|
402
515
|
<param pos="0" name="os.product" value="ChromeOS"/>
|
403
516
|
<param pos="0" name="hw.device" value="Media Server"/>
|
404
517
|
<param pos="0" name="hw.vendor" value="Google"/>
|
405
518
|
<param pos="0" name="hw.product" value="Chromecast"/>
|
406
519
|
<param pos="1" name="chromecast.serial_number"/>
|
407
|
-
<!--
|
520
|
+
<!-- This is the hotspot-mode MAC address (clear bit 2) -->
|
521
|
+
|
408
522
|
<param pos="2" name="host.mac_local"/>
|
409
523
|
</fingerprint>
|
524
|
+
|
410
525
|
<fingerprint pattern="^CN=([a-zA-Z0-9]{5,12}) ([a-zA-Z0-9]{12}),OU=Cast TV \(Vizio\),O=Google Inc,L=Mountain View,ST=California,C=US$">
|
411
526
|
<description>Vizio SmartTV (Android) with Google Cast</description>
|
412
527
|
<example chromecast.serial_number="9V039WC9" host.mac_local="FA8FCA697898">CN=9V039WC9 FA8FCA697898,OU=Cast TV (Vizio),O=Google Inc,L=Mountain View,ST=California,C=US</example>
|
413
528
|
<param pos="0" name="os.vendor" value="Google"/>
|
414
|
-
<param pos="0" name="os.cpe23" value="cpe:/o:google:android:-"/>
|
415
529
|
<param pos="0" name="os.family" value="Linux"/>
|
416
530
|
<param pos="0" name="os.product" value="Android"/>
|
531
|
+
<param pos="0" name="os.cpe23" value="cpe:/o:google:android:-"/>
|
417
532
|
<param pos="0" name="hw.device" value="Smart TV"/>
|
418
533
|
<param pos="0" name="hw.vendor" value="Vizio"/>
|
419
534
|
<param pos="1" name="chromecast.serial_number"/>
|
420
|
-
<!--
|
535
|
+
<!-- This is the hotspot-mode MAC address (clear bit 2) -->
|
536
|
+
|
421
537
|
<param pos="2" name="host.mac_local"/>
|
422
538
|
</fingerprint>
|
539
|
+
|
423
540
|
<fingerprint pattern="^CN=TANDBERG,OU=R&D,O=TANDBERG ASA,L=Lysaker,ST=Askerhus,C=NO$">
|
424
541
|
<description>Cisco (TANDBERG) TelePresence</description>
|
425
542
|
<example>CN=TANDBERG,OU=R&D,O=TANDBERG ASA,L=Lysaker,ST=Askerhus,C=NO</example>
|
@@ -431,6 +548,7 @@
|
|
431
548
|
<param pos="0" name="os.product" value="TelePresence"/>
|
432
549
|
<param pos="0" name="os.device" value="Video Conferencing"/>
|
433
550
|
</fingerprint>
|
551
|
+
|
434
552
|
<fingerprint pattern="^CN=lifesize.com,C=US$">
|
435
553
|
<description>Lifesize TelePresence</description>
|
436
554
|
<example>CN=lifesize.com,C=US</example>
|
@@ -442,18 +560,116 @@
|
|
442
560
|
<param pos="0" name="os.product" value="TelePresence"/>
|
443
561
|
<param pos="0" name="os.device" value="Video Conferencing"/>
|
444
562
|
</fingerprint>
|
563
|
+
|
564
|
+
<fingerprint pattern="^CN=MERCURY-([a-fA-F0-9]{12}),OU=Engineering,O=Crestron">
|
565
|
+
<description>Crestron Mercury</description>
|
566
|
+
<example host.mac="00107F1ABAA0">CN=MERCURY-00107F1ABAA0,OU=Engineering,O=Crestron Electronics\, Inc.,L=Rockleigh,ST=NJ,C=US</example>
|
567
|
+
<param pos="0" name="hw.vendor" value="Crestron"/>
|
568
|
+
<param pos="0" name="hw.device" value="Video Conferencing"/>
|
569
|
+
<param pos="0" name="hw.product" value="Mercury"/>
|
570
|
+
<param pos="0" name="os.vendor" value="Crestron"/>
|
571
|
+
<param pos="0" name="os.family" value="Linux"/>
|
572
|
+
<param pos="0" name="os.device" value="Video Conferencing"/>
|
573
|
+
<param pos="1" name="host.mac"/>
|
574
|
+
</fingerprint>
|
575
|
+
|
576
|
+
<fingerprint pattern="^CN=(AM-\d+)-([a-fA-F0-9]{12}),OU=Engineering,O=Crestron">
|
577
|
+
<description>Crestron AirMedia</description>
|
578
|
+
<example hw.product="AM-200" host.mac="00107FB7B1E2">CN=AM-200-00107FB7B1E2,OU=Engineering,O=Crestron Electronics\, Inc.,L=Rockleigh,ST=NJ,C=US</example>
|
579
|
+
<param pos="0" name="hw.vendor" value="Crestron"/>
|
580
|
+
<param pos="0" name="hw.device" value="Video Conferencing"/>
|
581
|
+
<param pos="1" name="hw.product"/>
|
582
|
+
<param pos="0" name="os.vendor" value="Crestron"/>
|
583
|
+
<param pos="0" name="os.family" value="Linux"/>
|
584
|
+
<param pos="0" name="os.device" value="Video Conferencing"/>
|
585
|
+
<param pos="2" name="host.mac"/>
|
586
|
+
</fingerprint>
|
587
|
+
|
588
|
+
<fingerprint pattern="^CN=Crestron,OU=Engineering,O=Crestron Electronics\\, Inc\.,L=Rockleigh,ST=NJ,C=US$">
|
589
|
+
<description>Crestron Video Conferencing</description>
|
590
|
+
<example>CN=Crestron,OU=Engineering,O=Crestron Electronics\, Inc.,L=Rockleigh,ST=NJ,C=US</example>
|
591
|
+
<param pos="0" name="hw.vendor" value="Crestron"/>
|
592
|
+
<param pos="0" name="hw.device" value="Video Conferencing"/>
|
593
|
+
<param pos="0" name="os.vendor" value="Crestron"/>
|
594
|
+
<param pos="0" name="os.family" value="Linux"/>
|
595
|
+
<param pos="0" name="os.device" value="Video Conferencing"/>
|
596
|
+
</fingerprint>
|
597
|
+
|
598
|
+
<fingerprint pattern="^CN=ClickShare-\d+$">
|
599
|
+
<description>ClickShare Wireless Presenter</description>
|
600
|
+
<example>CN=ClickShare-4234234324</example>
|
601
|
+
<param pos="0" name="hw.vendor" value="Barco"/>
|
602
|
+
<param pos="0" name="hw.device" value="Wireless Presenter"/>
|
603
|
+
<param pos="0" name="hw.product" value="ClickShare"/>
|
604
|
+
<param pos="0" name="os.vendor" value="Barco"/>
|
605
|
+
<param pos="0" name="os.family" value="ClickShareOS"/>
|
606
|
+
<param pos="0" name="os.device" value="Wireless Presenter"/>
|
607
|
+
</fingerprint>
|
608
|
+
|
609
|
+
<fingerprint pattern="^CN=Solstice,OU=Solstice,O=Mersive Technologies Inc,L=Denver,ST=CO,C=US$">
|
610
|
+
<description>SolsticePod</description>
|
611
|
+
<example>CN=Solstice,OU=Solstice,O=Mersive Technologies Inc,L=Denver,ST=CO,C=US</example>
|
612
|
+
<param pos="0" name="hw.vendor" value="Mersive"/>
|
613
|
+
<param pos="0" name="hw.device" value="Wireless Presenter"/>
|
614
|
+
<param pos="0" name="hw.product" value="SolsticePod"/>
|
615
|
+
</fingerprint>
|
616
|
+
|
617
|
+
<fingerprint pattern="^CN=Controller,OU=FW,O=ExtronElectronics,ST=CA,C=US$">
|
618
|
+
<description>Extron MediaLink Controller</description>
|
619
|
+
<example>CN=Controller,OU=FW,O=ExtronElectronics,ST=CA,C=US</example>
|
620
|
+
<param pos="0" name="hw.vendor" value="Extron"/>
|
621
|
+
<param pos="0" name="hw.device" value="Display Controller"/>
|
622
|
+
<param pos="0" name="hw.product" value="MediaLink Controller"/>
|
623
|
+
<param pos="0" name="os.vendor" value="Extron"/>
|
624
|
+
<param pos="0" name="os.family" value="Linux"/>
|
625
|
+
</fingerprint>
|
626
|
+
|
627
|
+
<fingerprint pattern="^CN=IPLP,OU=ControlSystems,O=ExtronElectronics,L=Anaheim,ST=CA,C=US$">
|
628
|
+
<description>Extron IPLP </description>
|
629
|
+
<example>CN=IPLP,OU=ControlSystems,O=ExtronElectronics,L=Anaheim,ST=CA,C=US</example>
|
630
|
+
<param pos="0" name="hw.vendor" value="Extron"/>
|
631
|
+
<param pos="0" name="hw.device" value="Display Controller"/>
|
632
|
+
<param pos="0" name="hw.product" value="IP Link Control Processor"/>
|
633
|
+
<param pos="0" name="os.vendor" value="Extron"/>
|
634
|
+
<param pos="0" name="os.family" value="Linux"/>
|
635
|
+
</fingerprint>
|
636
|
+
|
637
|
+
<fingerprint pattern="^CN=TLP,OU=ControlSystems,O=ExtronElectronics,L=Anaheim,ST=CA,C=US$">
|
638
|
+
<description>Extron TLP </description>
|
639
|
+
<example>CN=TLP,OU=ControlSystems,O=ExtronElectronics,L=Anaheim,ST=CA,C=US</example>
|
640
|
+
<param pos="0" name="hw.vendor" value="Extron"/>
|
641
|
+
<param pos="0" name="hw.device" value="Display Controller"/>
|
642
|
+
<param pos="0" name="hw.product" value="TouchLink Control Panel"/>
|
643
|
+
<param pos="0" name="os.vendor" value="Extron"/>
|
644
|
+
<param pos="0" name="os.family" value="Linux"/>
|
645
|
+
</fingerprint>
|
646
|
+
|
647
|
+
<fingerprint pattern="^CN=ShareLink-Pro-.*,OU=AVSystems,O=ExtronElectronics">
|
648
|
+
<description>Extron ShareLink Pro </description>
|
649
|
+
<example>CN=ShareLink-Pro-18-99-99.local.com,OU=AVSystems,O=ExtronElectronics,L=Anaheim,ST=CA,C=US</example>
|
650
|
+
<param pos="0" name="hw.vendor" value="Extron"/>
|
651
|
+
<param pos="0" name="hw.device" value="Display Controller"/>
|
652
|
+
<param pos="0" name="hw.product" value="ShareLink Pro"/>
|
653
|
+
<param pos="0" name="os.vendor" value="Extron"/>
|
654
|
+
<param pos="0" name="os.family" value="Linux"/>
|
655
|
+
</fingerprint>
|
656
|
+
|
445
657
|
<fingerprint pattern="^CN=VMM APIC,OU=VMM\d+,O=Cisco,L=San Jose,ST=CA,C=US$">
|
446
658
|
<description>Cisco APIC</description>
|
447
659
|
<example>CN=VMM APIC,OU=VMM15,O=Cisco,L=San Jose,ST=CA,C=US</example>
|
448
660
|
<param pos="0" name="hw.vendor" value="Cisco"/>
|
449
661
|
<param pos="0" name="hw.product" value="APIC"/>
|
662
|
+
<param pos="0" name="hw.device" value="Network Appliance"/>
|
450
663
|
</fingerprint>
|
664
|
+
|
451
665
|
<fingerprint pattern="^CN=APIC$">
|
452
666
|
<description>Cisco APIC - bare CN</description>
|
453
667
|
<example>CN=APIC</example>
|
454
668
|
<param pos="0" name="hw.vendor" value="Cisco"/>
|
455
669
|
<param pos="0" name="hw.product" value="APIC"/>
|
670
|
+
<param pos="0" name="hw.device" value="Network Appliance"/>
|
456
671
|
</fingerprint>
|
672
|
+
|
457
673
|
<fingerprint pattern="^CN=(iPX\d+),OU=I Project,O=Samsung Electronics,L=Suwon,ST=Gyeonggi-do,C=KR$">
|
458
674
|
<description>Samsung Communication Manager</description>
|
459
675
|
<example hw.product="iPX3010">CN=iPX3010,OU=I Project,O=Samsung Electronics,L=Suwon,ST=Gyeonggi-do,C=KR</example>
|
@@ -464,6 +680,7 @@
|
|
464
680
|
<param pos="0" name="os.vendor" value="Samsung"/>
|
465
681
|
<param pos="0" name="os.family" value="Linux"/>
|
466
682
|
</fingerprint>
|
683
|
+
|
467
684
|
<fingerprint pattern="^CN=www.hikvision.com,OU=DVRNVR,O=HIKVISION,L=HangZhou,ST=ZheJiang,C=CN$">
|
468
685
|
<description>HIKVISION DVR</description>
|
469
686
|
<example>CN=www.hikvision.com,OU=DVRNVR,O=HIKVISION,L=HangZhou,ST=ZheJiang,C=CN</example>
|
@@ -472,6 +689,7 @@
|
|
472
689
|
<param pos="0" name="hw.vendor" value="Hikvision"/>
|
473
690
|
<param pos="0" name="hw.device" value="DVR"/>
|
474
691
|
</fingerprint>
|
692
|
+
|
475
693
|
<fingerprint pattern="^CN=([a-zA-Z0-9\.\-\_]+),OU=Polatis Switch ([a-zA-Z0-9]+),O=Polatis Inc\.,ST=N/A,C=UK$">
|
476
694
|
<description>Polatis Switch</description>
|
477
695
|
<example host.name="192.168.0.1" hw.product="1591">CN=192.168.0.1,OU=Polatis Switch 1591,O=Polatis Inc.,ST=N/A,C=UK</example>
|
@@ -483,6 +701,7 @@
|
|
483
701
|
<param pos="1" name="host.name"/>
|
484
702
|
<param pos="2" name="hw.product"/>
|
485
703
|
</fingerprint>
|
704
|
+
|
486
705
|
<fingerprint pattern="^CN=([a-zA-Z0-9\.\-\_]+),O=Fidelis Cybersecurity$">
|
487
706
|
<description>Fidelis CommandPost</description>
|
488
707
|
<example host.name="localhost.localdomain">CN=localhost.localdomain,O=Fidelis Cybersecurity</example>
|
@@ -493,6 +712,7 @@
|
|
493
712
|
<param pos="0" name="os.product" value="CommandPost"/>
|
494
713
|
<param pos="1" name="host.name"/>
|
495
714
|
</fingerprint>
|
715
|
+
|
496
716
|
<fingerprint pattern="^CN=([a-zA-Z0-9]+\-[a-zA-Z0-9]+)\-([a-zA-Z0-9]+),O=IBM,L=Endicott,ST=New York,C=IN$">
|
497
717
|
<description>IBM POWER System</description>
|
498
718
|
<example hw.product="8284-22A" hw.model="211BAFW">CN=8284-22A-211BAFW,O=IBM,L=Endicott,ST=New York,C=IN</example>
|
@@ -501,6 +721,7 @@
|
|
501
721
|
<param pos="1" name="hw.product" value=""/>
|
502
722
|
<param pos="2" name="hw.model"/>
|
503
723
|
</fingerprint>
|
724
|
+
|
504
725
|
<fingerprint pattern="^CN=EagleEyeDirectorII.polycom.com,OU=Video Division,O=Polycom Inc.,L=San Jose,ST=California,C=US$">
|
505
726
|
<description>Polycom Eagle Eye Director</description>
|
506
727
|
<example>CN=EagleEyeDirectorII.polycom.com,OU=Video Division,O=Polycom Inc.,L=San Jose,ST=California,C=US</example>
|
@@ -508,6 +729,7 @@
|
|
508
729
|
<param pos="0" name="hw.device" value="Video Conferencing"/>
|
509
730
|
<param pos="0" name="hw.product" value="Eagle Eye Director II"/>
|
510
731
|
</fingerprint>
|
732
|
+
|
511
733
|
<fingerprint pattern="^CN=([a-zA-Z0-9]+),OU=RD,O=QSC\\, LLC,ST=Colorado,C=US$">
|
512
734
|
<description>Q-SYS Licensing Manager</description>
|
513
735
|
<example host.name="SVRTIP44">CN=SVRTIP44,OU=RD,O=QSC\, LLC,ST=Colorado,C=US</example>
|
@@ -515,6 +737,7 @@
|
|
515
737
|
<param pos="0" name="service.product" value="Licensing Manager"/>
|
516
738
|
<param pos="1" name="host.name"/>
|
517
739
|
</fingerprint>
|
740
|
+
|
518
741
|
<fingerprint pattern="^CN=([A-Za-z0-9]+),OU=FortiGate,O=Fortinet,L=Sunnyvale,ST=California,C=US$">
|
519
742
|
<description>Fortinet Gateway</description>
|
520
743
|
<example fortinet.serial_number="FG100ETK1800118">CN=FG100ETK1800118,OU=FortiGate,O=Fortinet,L=Sunnyvale,ST=California,C=US</example>
|
@@ -522,24 +745,26 @@
|
|
522
745
|
<param pos="0" name="hw.vendor" value="Fortinet"/>
|
523
746
|
<param pos="0" name="hw.device" value="Firewall"/>
|
524
747
|
<param pos="0" name="os.vendor" value="Fortinet"/>
|
525
|
-
<param pos="0" name="os.cpe23" value="cpe:/o:fortinet:fortios:-"/>
|
526
748
|
<param pos="0" name="os.family" value="Linux"/>
|
527
749
|
<param pos="0" name="os.device" value="Firewall"/>
|
528
750
|
<param pos="0" name="os.product" value="FortiOS"/>
|
751
|
+
<param pos="0" name="os.cpe23" value="cpe:/o:fortinet:fortios:-"/>
|
529
752
|
<param pos="1" name="fortinet.serial_number"/>
|
530
753
|
</fingerprint>
|
754
|
+
|
531
755
|
<fingerprint pattern="^CN=([A-Za-z0-9]+),O=Fortinet Ltd\.$">
|
532
756
|
<description>Fortinet Gateway (Older)</description>
|
533
757
|
<example fortinet.serial_number="FG100D3G13803999">CN=FG100D3G13803999,O=Fortinet Ltd.</example>
|
534
758
|
<param pos="0" name="hw.vendor" value="Fortinet"/>
|
535
759
|
<param pos="0" name="hw.device" value="Firewall"/>
|
536
760
|
<param pos="0" name="os.vendor" value="Fortinet"/>
|
537
|
-
<param pos="0" name="os.cpe23" value="cpe:/o:fortinet:fortios:-"/>
|
538
761
|
<param pos="0" name="os.family" value="Linux"/>
|
539
762
|
<param pos="0" name="os.device" value="Firewall"/>
|
540
763
|
<param pos="0" name="os.product" value="FortiOS"/>
|
764
|
+
<param pos="0" name="os.cpe23" value="cpe:/o:fortinet:fortios:-"/>
|
541
765
|
<param pos="1" name="fortinet.serial_number"/>
|
542
766
|
</fingerprint>
|
767
|
+
|
543
768
|
<fingerprint pattern="^CN=FortiMail,OU=FortiMail,O=Fortinet,L=Sunnyvale,ST=California,C=US$">
|
544
769
|
<description>Fortinet FortiMail Appliance</description>
|
545
770
|
<example>CN=FortiMail,OU=FortiMail,O=Fortinet,L=Sunnyvale,ST=California,C=US</example>
|
@@ -547,11 +772,12 @@
|
|
547
772
|
<param pos="0" name="hw.device" value="Appliance"/>
|
548
773
|
<param pos="0" name="hw.product" value="FortiMail"/>
|
549
774
|
<param pos="0" name="os.vendor" value="Fortinet"/>
|
550
|
-
<param pos="0" name="os.cpe23" value="cpe:/o:fortinet:fortios:-"/>
|
551
775
|
<param pos="0" name="os.family" value="Linux"/>
|
552
776
|
<param pos="0" name="os.product" value="FortiOS"/>
|
553
777
|
<param pos="0" name="os.device" value="Appliance"/>
|
778
|
+
<param pos="0" name="os.cpe23" value="cpe:/o:fortinet:fortios:-"/>
|
554
779
|
</fingerprint>
|
780
|
+
|
555
781
|
<fingerprint pattern="^CN=.*,OU=FortiManager,O=Fortinet,L=Sunnyvale,ST=California,C=US$">
|
556
782
|
<description>Fortinet FortiManager Appliance</description>
|
557
783
|
<example>CN=FMG-VM0000000000,OU=FortiManager,O=Fortinet,L=Sunnyvale,ST=California,C=US</example>
|
@@ -559,11 +785,12 @@
|
|
559
785
|
<param pos="0" name="hw.device" value="Appliance"/>
|
560
786
|
<param pos="0" name="hw.product" value="FortiManager"/>
|
561
787
|
<param pos="0" name="os.vendor" value="Fortinet"/>
|
562
|
-
<param pos="0" name="os.cpe23" value="cpe:/o:fortinet:fortios:-"/>
|
563
788
|
<param pos="0" name="os.family" value="Linux"/>
|
564
789
|
<param pos="0" name="os.product" value="FortiOS"/>
|
565
790
|
<param pos="0" name="os.device" value="Appliance"/>
|
791
|
+
<param pos="0" name="os.cpe23" value="cpe:/o:fortinet:fortios:-"/>
|
566
792
|
</fingerprint>
|
793
|
+
|
567
794
|
<fingerprint pattern="^CN=CyberoamApplianceCertificate">
|
568
795
|
<description>Cyberoam SSL VPN</description>
|
569
796
|
<example>CN=CyberoamApplianceCertificate_C35316263111,OU=Cyberoam Appliance,O=Cyberoam,L=Ahmedabad,ST=Gujarat,C=IN</example>
|
@@ -574,6 +801,7 @@
|
|
574
801
|
<param pos="0" name="os.vendor" value="Cyberoam"/>
|
575
802
|
<param pos="0" name="os.device" value="VPN"/>
|
576
803
|
</fingerprint>
|
804
|
+
|
577
805
|
<fingerprint pattern="^CN=UBNT\-([0-9a-fA-F]{2}:[0-9a-fA-F]{2}:[0-9a-fA-F]{2}:[0-9a-fA-F]{2}:[0-9a-fA-F]{2}:[0-9a-fA-F]{2}),OU=Technical Support,O=Ubiquiti Networks Inc.,L=San Jose,ST=CA,C=US$">
|
578
806
|
<description>Ubiquiti Wireless AP</description>
|
579
807
|
<example host.mac="68:72:51:4B:90:16">CN=UBNT-68:72:51:4B:90:16,OU=Technical Support,O=Ubiquiti Networks Inc.,L=San Jose,ST=CA,C=US</example>
|
@@ -584,6 +812,7 @@
|
|
584
812
|
<param pos="0" name="os.device" value="WAP"/>
|
585
813
|
<param pos="1" name="host.mac"/>
|
586
814
|
</fingerprint>
|
815
|
+
|
587
816
|
<fingerprint pattern="^CN=unifi$">
|
588
817
|
<description>Ubiquiti Controller - unifi bare</description>
|
589
818
|
<example>CN=unifi</example>
|
@@ -593,6 +822,7 @@
|
|
593
822
|
<param pos="0" name="os.family" value="Linux"/>
|
594
823
|
<param pos="0" name="os.device" value="Wireless Controller"/>
|
595
824
|
</fingerprint>
|
825
|
+
|
596
826
|
<fingerprint pattern="^CN=UniFi,OU=UniFi,O=ubnt\.com,L=San Jose,ST=CA,C=US$">
|
597
827
|
<description>Ubiquiti Controller - unifi</description>
|
598
828
|
<example>CN=UniFi,OU=UniFi,O=ubnt.com,L=San Jose,ST=CA,C=US</example>
|
@@ -602,6 +832,28 @@
|
|
602
832
|
<param pos="0" name="os.family" value="Linux"/>
|
603
833
|
<param pos="0" name="os.device" value="Wireless Controller"/>
|
604
834
|
</fingerprint>
|
835
|
+
|
836
|
+
<fingerprint pattern="^CN=unifivideo-app$">
|
837
|
+
<description>UniFi Video App</description>
|
838
|
+
<example>CN=unifivideo-app</example>
|
839
|
+
<param pos="0" name="os.vendor" value="Ubiquiti"/>
|
840
|
+
<param pos="0" name="os.family" value="Linux"/>
|
841
|
+
<param pos="0" name="hw.vendor" value="Ubiquiti"/>
|
842
|
+
<param pos="0" name="hw.family" value="UniFi"/>
|
843
|
+
<param pos="0" name="hw.device" value="Web cam"/>
|
844
|
+
</fingerprint>
|
845
|
+
|
846
|
+
<fingerprint pattern="^CN=camera\.ubnt\.dev,">
|
847
|
+
<description>UniFi Video Camera</description>
|
848
|
+
<example>CN=camera.ubnt.dev,OU=devint,O=Ubiquiti Networks Inc.,L=Taipei,C=TW</example>
|
849
|
+
<param pos="0" name="hw.vendor" value="Ubiquiti"/>
|
850
|
+
<param pos="0" name="hw.device" value="Web cam"/>
|
851
|
+
<param pos="0" name="hw.product" value="Camera"/>
|
852
|
+
<param pos="0" name="os.vendor" value="Ubiquiti"/>
|
853
|
+
<param pos="0" name="os.family" value="Linux"/>
|
854
|
+
<param pos="0" name="os.device" value="Web cam"/>
|
855
|
+
</fingerprint>
|
856
|
+
|
605
857
|
<fingerprint pattern="^CN=UBNT,OU=Technical Support,O=Ubiquiti Networks Inc\.,L=San Jose,ST=CA,C=US$">
|
606
858
|
<description>Ubiquiti Controller</description>
|
607
859
|
<example>CN=UBNT,OU=Technical Support,O=Ubiquiti Networks Inc.,L=San Jose,ST=CA,C=US</example>
|
@@ -611,6 +863,7 @@
|
|
611
863
|
<param pos="0" name="os.family" value="Linux"/>
|
612
864
|
<param pos="0" name="os.device" value="Wireless Controller"/>
|
613
865
|
</fingerprint>
|
866
|
+
|
614
867
|
<fingerprint pattern="^CN=CloudKey,O=Ubiquiti Networks,L=San Jose,ST=CA,C=US$">
|
615
868
|
<description>Ubiquiti CloudKey Controller</description>
|
616
869
|
<example>CN=CloudKey,O=Ubiquiti Networks,L=San Jose,ST=CA,C=US</example>
|
@@ -622,6 +875,7 @@
|
|
622
875
|
<param pos="0" name="os.device" value="Wireless Controller"/>
|
623
876
|
<param pos="0" name="os.product" value="CloudKey"/>
|
624
877
|
</fingerprint>
|
878
|
+
|
625
879
|
<fingerprint pattern="^CN=UBNT Router UI,O=Ubiquiti Networks,L=San Jose,ST=CA,C=US$">
|
626
880
|
<description>Ubiquiti Router</description>
|
627
881
|
<example>CN=UBNT Router UI,O=Ubiquiti Networks,L=San Jose,ST=CA,C=US</example>
|
@@ -631,6 +885,7 @@
|
|
631
885
|
<param pos="0" name="os.family" value="Linux"/>
|
632
886
|
<param pos="0" name="os.device" value="Router"/>
|
633
887
|
</fingerprint>
|
888
|
+
|
634
889
|
<fingerprint pattern="^CN=UniFi-Video Controller,OU=R&D,O=Ubiquiti Networks,L=New York,ST=NY,C=US$">
|
635
890
|
<description>Ubiquiti Video Controller</description>
|
636
891
|
<example>CN=UniFi-Video Controller,OU=R&D,O=Ubiquiti Networks,L=New York,ST=NY,C=US</example>
|
@@ -641,30 +896,31 @@
|
|
641
896
|
<param pos="0" name="os.family" value="Linux"/>
|
642
897
|
<param pos="0" name="os.device" value="DVR"/>
|
643
898
|
</fingerprint>
|
644
|
-
|
645
|
-
<description>Ubiquiti Video Camera</description>
|
646
|
-
<example>CN=camera.ubnt.dev,OU=devint,O=Ubiquiti Networks Inc.,L=Taipei,C=TW</example>
|
647
|
-
<param pos="0" name="hw.vendor" value="Ubiquiti"/>
|
648
|
-
<param pos="0" name="hw.device" value="Web Cam"/>
|
649
|
-
<param pos="0" name="hw.product" value="Camera"/>
|
650
|
-
<param pos="0" name="os.vendor" value="Ubiquiti"/>
|
651
|
-
<param pos="0" name="os.family" value="Linux"/>
|
652
|
-
<param pos="0" name="os.device" value="Web Cam"/>
|
653
|
-
</fingerprint>
|
899
|
+
|
654
900
|
<fingerprint pattern="^CN=GreenWave Systems,OU=PKI,O=GreenWave Systems,L=Irvine,ST=California,C=US$">
|
655
901
|
<description>Verizon / Greenwave FIOS Router</description>
|
656
902
|
<example>CN=GreenWave Systems,OU=PKI,O=GreenWave Systems,L=Irvine,ST=California,C=US</example>
|
657
903
|
<param pos="0" name="hw.vendor" value="Greenwave Systems"/>
|
658
|
-
<param pos="0" name="hw.device" value="Broadband
|
904
|
+
<param pos="0" name="hw.device" value="Broadband router"/>
|
659
905
|
<param pos="0" name="hw.product" value="Verizon FiOS Router"/>
|
660
906
|
</fingerprint>
|
907
|
+
|
661
908
|
<fingerprint pattern="^CN=PoliWall,OU=Bandura Labs,O=Bandura\\, LLC\.,L=Lake Saint Louis,ST=Missouri,C=US$">
|
662
|
-
<description>PoliWall Firewall</description>
|
909
|
+
<description>PoliWall Firewall Original</description>
|
663
910
|
<example>CN=PoliWall,OU=Bandura Labs,O=Bandura\, LLC.,L=Lake Saint Louis,ST=Missouri,C=US</example>
|
664
911
|
<param pos="0" name="hw.vendor" value="Bandura Labs"/>
|
665
912
|
<param pos="0" name="hw.device" value="Firewall"/>
|
666
913
|
<param pos="0" name="hw.product" value="PoliWall"/>
|
667
914
|
</fingerprint>
|
915
|
+
|
916
|
+
<fingerprint pattern="^CN=poliwall,OU=IT,O=Bandura,L=St\. Louis,ST=Missouri,C=US$">
|
917
|
+
<description>PoliWall Firewall Newer Cert</description>
|
918
|
+
<example>CN=poliwall,OU=IT,O=Bandura,L=St. Louis,ST=Missouri,C=US</example>
|
919
|
+
<param pos="0" name="hw.vendor" value="Bandura Labs"/>
|
920
|
+
<param pos="0" name="hw.device" value="Firewall"/>
|
921
|
+
<param pos="0" name="hw.product" value="PoliWall"/>
|
922
|
+
</fingerprint>
|
923
|
+
|
668
924
|
<fingerprint pattern="^CN=pfSense-[a-zA-Z0-9]+,O=pfSense webConfigurator Self-Signed Certificate">
|
669
925
|
<description>pfSense Firewall</description>
|
670
926
|
<example>CN=pfSense-58fb5b0b06777,O=pfSense webConfigurator Self-Signed Certificate,L=Locality,ST=State,C=US</example>
|
@@ -675,6 +931,38 @@
|
|
675
931
|
<param pos="0" name="os.vendor" value="pfSense"/>
|
676
932
|
<param pos="0" name="os.product" value="FreeBSD"/>
|
677
933
|
</fingerprint>
|
934
|
+
|
935
|
+
<fingerprint pattern="^CN=Common Name \(eg\\, YOUR name\),OU=Organizational Unit Name \(eg\\, section\),O=CompanyName,L=Somecity,ST=Somewhere,C=US$">
|
936
|
+
<description>pfSense Firewall Default Certificate</description>
|
937
|
+
<example>CN=Common Name (eg\, YOUR name),OU=Organizational Unit Name (eg\, section),O=CompanyName,L=Somecity,ST=Somewhere,C=US</example>
|
938
|
+
<param pos="0" name="hw.vendor" value="pfSense"/>
|
939
|
+
<param pos="0" name="hw.device" value="Firewall"/>
|
940
|
+
<param pos="0" name="hw.product" value="Firewall"/>
|
941
|
+
<param pos="0" name="os.vendor" value="pfSense"/>
|
942
|
+
<param pos="0" name="os.product" value="FreeBSD"/>
|
943
|
+
</fingerprint>
|
944
|
+
|
945
|
+
<fingerprint pattern="^O=OPNsense,L=Middelharnis,ST=Zuid-Holland,C=NL$">
|
946
|
+
<description>OPNsense Firewall</description>
|
947
|
+
<example>O=OPNsense,L=Middelharnis,ST=Zuid-Holland,C=NL</example>
|
948
|
+
<param pos="0" name="hw.vendor" value="OPNsense"/>
|
949
|
+
<param pos="0" name="hw.device" value="Firewall"/>
|
950
|
+
<param pos="0" name="hw.product" value="Firewall"/>
|
951
|
+
<param pos="0" name="os.vendor" value="OPNsense"/>
|
952
|
+
<param pos="0" name="os.product" value="FreeBSD"/>
|
953
|
+
</fingerprint>
|
954
|
+
|
955
|
+
<fingerprint pattern="^CN=NetVanta,O=ADTRAN\\, Inc\.,L=Huntsville,ST=AL,C=US$" certainty="0.9">
|
956
|
+
<description>ADTRAN Netvanta Router</description>
|
957
|
+
<example>CN=NetVanta,O=ADTRAN\, Inc.,L=Huntsville,ST=AL,C=US</example>
|
958
|
+
<param pos="0" name="os.device" value="Router"/>
|
959
|
+
<param pos="0" name="os.vendor" value="ADTRAN"/>
|
960
|
+
<param pos="0" name="os.family" value="NetVanta"/>
|
961
|
+
<param pos="0" name="hw.device" value="Router"/>
|
962
|
+
<param pos="0" name="hw.vendor" value="ADTRAN"/>
|
963
|
+
<param pos="0" name="hw.family" value="NetVanta"/>
|
964
|
+
</fingerprint>
|
965
|
+
|
678
966
|
<fingerprint pattern="^CN=SophosApplianceCertificate">
|
679
967
|
<description>Sophos Appliance</description>
|
680
968
|
<example>CN=SophosApplianceCertificate_C330AC22W713PAF,OU=OU,O=Green House Data,L=Cheyenne,ST=WY,C=US</example>
|
@@ -683,6 +971,7 @@
|
|
683
971
|
<param pos="0" name="hw.vendor" value="Sophos"/>
|
684
972
|
<param pos="0" name="hw.device" value="Appliance"/>
|
685
973
|
</fingerprint>
|
974
|
+
|
686
975
|
<fingerprint pattern="^CN=Hubitat Elevation,OU=Hub,O=Hubitat\\, Inc\.,L=Scottsdale,ST=Arizona,C=US$">
|
687
976
|
<description>Hubitat Device Hub</description>
|
688
977
|
<example>CN=Hubitat Elevation,OU=Hub,O=Hubitat\, Inc.,L=Scottsdale,ST=Arizona,C=US</example>
|
@@ -692,15 +981,25 @@
|
|
692
981
|
<param pos="0" name="os.vendor" value="Hubitat"/>
|
693
982
|
<param pos="0" name="os.product" value="Linux"/>
|
694
983
|
</fingerprint>
|
984
|
+
|
695
985
|
<fingerprint pattern="^CN=MAC([a-fA-F0-9]{12}),OU=([^,]+),O=Mercury Security Products\\, LLC,L=Long Beach,ST=CA,C=US$">
|
696
986
|
<description>Mercurity Security (now HID Global)</description>
|
697
987
|
<example hw.product="M5IC" host.mac="000FE507A1F1">CN=MAC000FE507A1F1,OU=M5IC,O=Mercury Security Products\, LLC,L=Long Beach,ST=CA,C=US</example>
|
698
988
|
<example hw.product="EP-1502" host.mac="000FE508BC71">CN=MAC000FE508BC71,OU=EP-1502,O=Mercury Security Products\, LLC,L=Long Beach,ST=CA,C=US</example>
|
699
989
|
<param pos="0" name="hw.vendor" value="Mercury Security"/>
|
700
|
-
<param pos="0" name="hw.device" value="Access
|
990
|
+
<param pos="0" name="hw.device" value="Access Control"/>
|
701
991
|
<param pos="1" name="host.mac"/>
|
702
992
|
<param pos="2" name="hw.product"/>
|
703
993
|
</fingerprint>
|
994
|
+
|
995
|
+
<fingerprint pattern="^CN=Mercury Security EP-series,O=Mercury Security Corp\.,L=Long Beach,ST=CA,C=US$">
|
996
|
+
<description>Mercurity Security (now HID Global) No MAC</description>
|
997
|
+
<example>CN=Mercury Security EP-series,O=Mercury Security Corp.,L=Long Beach,ST=CA,C=US</example>
|
998
|
+
<param pos="0" name="hw.vendor" value="Mercury Security"/>
|
999
|
+
<param pos="0" name="hw.device" value="Access Control"/>
|
1000
|
+
<param pos="0" name="hw.product" value="EP-series"/>
|
1001
|
+
</fingerprint>
|
1002
|
+
|
704
1003
|
<fingerprint pattern="^CN=securelogin.arubanetworks.com,">
|
705
1004
|
<description>Aruba Wireless Controller</description>
|
706
1005
|
<example>CN=securelogin.arubanetworks.com,O=Aruba Networks,C=US</example>
|
@@ -709,24 +1008,27 @@
|
|
709
1008
|
<param pos="0" name="hw.device" value="Wireless Controller"/>
|
710
1009
|
<param pos="0" name="hw.product" value="Captive Portal"/>
|
711
1010
|
</fingerprint>
|
1011
|
+
|
712
1012
|
<fingerprint pattern="^CN=Fireware web CA,OU=Fireware,O=WatchGuard$">
|
713
1013
|
<description>WatchGuard Firewall</description>
|
714
1014
|
<example>CN=Fireware web CA,OU=Fireware,O=WatchGuard</example>
|
715
1015
|
<param pos="0" name="hw.vendor" value="WatchGuard"/>
|
716
1016
|
<param pos="0" name="hw.device" value="Firewall"/>
|
717
1017
|
<param pos="0" name="os.vendor" value="WatchGuard"/>
|
718
|
-
<param pos="0" name="os.cpe23" value="cpe:/o:watchguard:fireware:-"/>
|
719
1018
|
<param pos="0" name="os.product" value="Fireware"/>
|
1019
|
+
<param pos="0" name="os.cpe23" value="cpe:/o:watchguard:fireware:-"/>
|
720
1020
|
</fingerprint>
|
1021
|
+
|
721
1022
|
<fingerprint pattern="^CN=[0-9\.]+,OU=SSL-VPN,O=SonicWALL\\, Inc\.,L=Sunnyvale,ST=CA,C=US$">
|
722
1023
|
<description>SonicWALL Firewall</description>
|
723
1024
|
<example>CN=192.168.200.1,OU=SSL-VPN,O=SonicWALL\, Inc.,L=Sunnyvale,ST=CA,C=US</example>
|
724
|
-
<param pos="0" name="hw.vendor" value="
|
1025
|
+
<param pos="0" name="hw.vendor" value="SonicWall"/>
|
725
1026
|
<param pos="0" name="hw.device" value="VPN"/>
|
726
|
-
<param pos="0" name="os.vendor" value="
|
1027
|
+
<param pos="0" name="os.vendor" value="SonicWall"/>
|
727
1028
|
<param pos="0" name="os.product" value="VPN"/>
|
728
1029
|
<param pos="0" name="os.family" value="VPN"/>
|
729
1030
|
</fingerprint>
|
1031
|
+
|
730
1032
|
<fingerprint pattern="^CN=.*\.akamai\.net,O=Akamai Technologies\\, Inc\.,L=Cambridge,ST=Massachusetts,C=US$">
|
731
1033
|
<description>Akamai Global Host</description>
|
732
1034
|
<example>CN=a248.e.akamai.net,O=Akamai Technologies\, Inc.,L=Cambridge,ST=Massachusetts,C=US</example>
|
@@ -735,6 +1037,7 @@
|
|
735
1037
|
<param pos="0" name="os.vendor" value="Akamai"/>
|
736
1038
|
<param pos="0" name="os.device" value="Web proxy"/>
|
737
1039
|
</fingerprint>
|
1040
|
+
|
738
1041
|
<fingerprint pattern="^CN=HP_3PAR_">
|
739
1042
|
<description>HP 3PAR</description>
|
740
1043
|
<example>CN=HP_3PAR_1626615</example>
|
@@ -743,6 +1046,7 @@
|
|
743
1046
|
<param pos="0" name="hw.device" value="Storage"/>
|
744
1047
|
<param pos="0" name="hw.product" value="3PAR"/>
|
745
1048
|
</fingerprint>
|
1049
|
+
|
746
1050
|
<fingerprint pattern="^CN=(?:alienvault|VirtualUSMAllInOne)$">
|
747
1051
|
<description>Alienvault OSSIM</description>
|
748
1052
|
<example>CN=alienvault</example>
|
@@ -752,6 +1056,7 @@
|
|
752
1056
|
<param pos="0" name="os.product" value="OSSIM"/>
|
753
1057
|
<param pos="0" name="os.family" value="Linux"/>
|
754
1058
|
</fingerprint>
|
1059
|
+
|
755
1060
|
<fingerprint pattern="^CN=Canon (iR-[a-zA-Z0-9\.\-\_]+)$">
|
756
1061
|
<description>Canon iR-ADV Printer with product info</description>
|
757
1062
|
<example os.product="iR-ADV">CN=Canon iR-ADV</example>
|
@@ -762,6 +1067,7 @@
|
|
762
1067
|
<param pos="1" name="hw.product"/>
|
763
1068
|
<param pos="1" name="os.product"/>
|
764
1069
|
</fingerprint>
|
1070
|
+
|
765
1071
|
<fingerprint pattern="^CN=Canon Imaging Product$">
|
766
1072
|
<description>Canon iR-ADV Printer</description>
|
767
1073
|
<example>CN=Canon Imaging Product</example>
|
@@ -770,6 +1076,29 @@
|
|
770
1076
|
<param pos="0" name="os.device" value="Printer"/>
|
771
1077
|
<param pos="0" name="os.vendor" value="Canon"/>
|
772
1078
|
</fingerprint>
|
1079
|
+
|
1080
|
+
<fingerprint pattern="^CN=ScanFront$">
|
1081
|
+
<description>Canon ScanFront Simple</description>
|
1082
|
+
<example>CN=ScanFront</example>
|
1083
|
+
<param pos="0" name="hw.device" value="Scanner"/>
|
1084
|
+
<param pos="0" name="hw.vendor" value="Canon"/>
|
1085
|
+
<param pos="0" name="hw.product" value="ScanFront"/>
|
1086
|
+
<param pos="0" name="os.device" value="Scanner"/>
|
1087
|
+
<param pos="0" name="os.vendor" value="Canon"/>
|
1088
|
+
<param pos="0" name="os.product" value="ScanFront"/>
|
1089
|
+
</fingerprint>
|
1090
|
+
|
1091
|
+
<fingerprint pattern="^CN=ScanFront,OU=IMS,O=CANON ELECTRONICS INC\.,L=Minato-ku,ST=Tokyo,C=JP$">
|
1092
|
+
<description>Canon ScanFront Full</description>
|
1093
|
+
<example>CN=ScanFront,OU=IMS,O=CANON ELECTRONICS INC.,L=Minato-ku,ST=Tokyo,C=JP</example>
|
1094
|
+
<param pos="0" name="hw.device" value="Scanner"/>
|
1095
|
+
<param pos="0" name="hw.vendor" value="Canon"/>
|
1096
|
+
<param pos="0" name="hw.product" value="ScanFront"/>
|
1097
|
+
<param pos="0" name="os.device" value="Scanner"/>
|
1098
|
+
<param pos="0" name="os.vendor" value="Canon"/>
|
1099
|
+
<param pos="0" name="os.product" value="ScanFront"/>
|
1100
|
+
</fingerprint>
|
1101
|
+
|
773
1102
|
<fingerprint pattern="^CN=tnsappliance.*,O=Tenable Network Security\\, Inc\.,L=Columbia,ST=Maryland,C=US$">
|
774
1103
|
<description>Tenable Appliance</description>
|
775
1104
|
<example>CN=tnsappliance-b088a321,OU=--,O=Tenable Network Security\, Inc.,L=Columbia,ST=Maryland,C=US</example>
|
@@ -781,6 +1110,7 @@
|
|
781
1110
|
<param pos="0" name="os.vendor" value="Tenable"/>
|
782
1111
|
<param pos="0" name="os.product" value="Tenable Core"/>
|
783
1112
|
</fingerprint>
|
1113
|
+
|
784
1114
|
<fingerprint pattern="^CN=extrahop,OU=extrahop\.com,O=ExtraHop,C=US$">
|
785
1115
|
<description>ExtraHop Appliance</description>
|
786
1116
|
<example>CN=extrahop,OU=extrahop.com,O=ExtraHop,C=US</example>
|
@@ -791,6 +1121,7 @@
|
|
791
1121
|
<param pos="0" name="os.vendor" value="ExtraHop"/>
|
792
1122
|
<param pos="0" name="os.product" value="Discover"/>
|
793
1123
|
</fingerprint>
|
1124
|
+
|
794
1125
|
<fingerprint pattern="^CN=Ruckus Wireless ZoneDirector SN-(\d+),O=Ruckus Wireless\\, Inc\.,ST=CA,C=US$">
|
795
1126
|
<description>Ruckus Zone Director</description>
|
796
1127
|
<example ruckus.serial_number="221301007591">CN=Ruckus Wireless ZoneDirector SN-221301007591,O=Ruckus Wireless\, Inc.,ST=CA,C=US</example>
|
@@ -802,6 +1133,7 @@
|
|
802
1133
|
<param pos="0" name="os.product" value="Zone Director"/>
|
803
1134
|
<param pos="1" name="ruckus.serial_number"/>
|
804
1135
|
</fingerprint>
|
1136
|
+
|
805
1137
|
<fingerprint pattern="^CN=DT([^\s]+) Series,O=NEC Corporation,ST=Tokyo,C=JP$">
|
806
1138
|
<description>NEC DT Series IP Phone</description>
|
807
1139
|
<example>CN=DT800 Series,O=NEC Corporation,ST=Tokyo,C=JP</example>
|
@@ -811,6 +1143,7 @@
|
|
811
1143
|
<param pos="0" name="hw.device" value="VoIP"/>
|
812
1144
|
<param pos="1" name="hw.product"/>
|
813
1145
|
</fingerprint>
|
1146
|
+
|
814
1147
|
<fingerprint pattern="^CN=([a-fA-F0-9]{12}),O=Polycom Inc\.$">
|
815
1148
|
<description>Polycom SoundPoint IP Phone</description>
|
816
1149
|
<example host.mac="64167F169981">CN=64167F169981,O=Polycom Inc.</example>
|
@@ -821,6 +1154,7 @@
|
|
821
1154
|
<param pos="0" name="hw.product" value="SoundPoint"/>
|
822
1155
|
<param pos="1" name="host.mac"/>
|
823
1156
|
</fingerprint>
|
1157
|
+
|
824
1158
|
<fingerprint pattern="^CN=EN Software Production & Release,OU=Enterprise Networks,O=Siemens AG,L=Munich,ST=Germany,C=DE$">
|
825
1159
|
<description>Siemens EN Software</description>
|
826
1160
|
<example>CN=EN Software Production & Release,OU=Enterprise Networks,O=Siemens AG,L=Munich,ST=Germany,C=DE</example>
|
@@ -829,6 +1163,7 @@
|
|
829
1163
|
<param pos="0" name="hw.vendor" value="Siemens"/>
|
830
1164
|
<param pos="0" name="hw.device" value="VoIP"/>
|
831
1165
|
</fingerprint>
|
1166
|
+
|
832
1167
|
<fingerprint pattern="^CN=SecureConnect server,O=Quest,ST=CA,C=US$">
|
833
1168
|
<description>SecureConnect SSL VPN</description>
|
834
1169
|
<example>CN=SecureConnect server,O=Quest,ST=CA,C=US</example>
|
@@ -837,6 +1172,7 @@
|
|
837
1172
|
<param pos="0" name="os.vendor" value="SecureConnect"/>
|
838
1173
|
<param pos="0" name="os.device" value="VPN"/>
|
839
1174
|
</fingerprint>
|
1175
|
+
|
840
1176
|
<fingerprint pattern="^CN=RecoverPoint,OU=Data Protection and Availability Division,O=EMC Corporation,L=Hopkinton,ST=Massachusetts,C=US$">
|
841
1177
|
<description>RecoverPoint Appliance</description>
|
842
1178
|
<example>CN=RecoverPoint,OU=Data Protection and Availability Division,O=EMC Corporation,L=Hopkinton,ST=Massachusetts,C=US</example>
|
@@ -847,6 +1183,7 @@
|
|
847
1183
|
<param pos="0" name="os.vendor" value="EMC"/>
|
848
1184
|
<param pos="0" name="os.product" value="RecoverPoint"/>
|
849
1185
|
</fingerprint>
|
1186
|
+
|
850
1187
|
<fingerprint pattern="^CN=[a-fA-F0-9]+,O=Palo Alto Networks,L=Santa Clara,ST=CA,C=US$">
|
851
1188
|
<description>Palo Alto Firewall</description>
|
852
1189
|
<example>CN=d9fc2294968367a3a8ad1acd4c816c78444e6ea4d69869b40cc9751951fd3693,O=Palo Alto Networks,L=Santa Clara,ST=CA,C=US</example>
|
@@ -856,12 +1193,14 @@
|
|
856
1193
|
<param pos="0" name="os.product" value="PANOS"/>
|
857
1194
|
<param pos="0" name="os.device" value="Firewall"/>
|
858
1195
|
</fingerprint>
|
1196
|
+
|
859
1197
|
<fingerprint pattern="^CN=VMware default certificate,OU=vCenterServer.*,O=VMware\\, Inc\.$">
|
860
1198
|
<description>VMWare vCenter</description>
|
861
1199
|
<example>CN=VMware default certificate,OU=vCenterServer_2013.09.26_220623,O=VMware\, Inc.</example>
|
862
|
-
<param pos="0" name="service.vendor" value="
|
1200
|
+
<param pos="0" name="service.vendor" value="VMware"/>
|
863
1201
|
<param pos="0" name="service.product" value="vCenter"/>
|
864
1202
|
</fingerprint>
|
1203
|
+
|
865
1204
|
<fingerprint pattern="^CN=selfappliance,OU=Engineering,O=Symplified,L=Boulder,ST=Colorado,C=US$">
|
866
1205
|
<description>Symplified IAM Appliance (now RSA)</description>
|
867
1206
|
<example>CN=selfappliance,OU=Engineering,O=Symplified,L=Boulder,ST=Colorado,C=US</example>
|
@@ -869,22 +1208,37 @@
|
|
869
1208
|
<param pos="0" name="hw.device" value="Appliance"/>
|
870
1209
|
<param pos="0" name="hw.product" value="IAM"/>
|
871
1210
|
</fingerprint>
|
1211
|
+
|
872
1212
|
<fingerprint pattern="^CN=OpenWrt,L=Leipzig,ST=Saxony,C=DE$">
|
873
1213
|
<description>OpenWRT WAP</description>
|
874
1214
|
<example>CN=OpenWrt,L=Leipzig,ST=Saxony,C=DE</example>
|
875
1215
|
<param pos="0" name="os.vendor" value="OpenWRT"/>
|
876
1216
|
<param pos="0" name="os.device" value="WAP"/>
|
877
1217
|
</fingerprint>
|
1218
|
+
|
878
1219
|
<fingerprint pattern="^CN=axis-([a-fA-F0-9]{12}),O=Axis Communications AB$">
|
879
1220
|
<description>Axis Communications Web Cam</description>
|
880
1221
|
<example host.mac="accc8ea31abf">CN=axis-accc8ea31abf,O=Axis Communications AB</example>
|
881
1222
|
<param pos="0" name="hw.vendor" value="AXIS"/>
|
882
|
-
<param pos="0" name="hw.device" value="Web
|
1223
|
+
<param pos="0" name="hw.device" value="Web cam"/>
|
883
1224
|
<param pos="0" name="os.vendor" value="AXIS"/>
|
884
|
-
<param pos="0" name="os.device" value="Web
|
1225
|
+
<param pos="0" name="os.device" value="Web cam"/>
|
885
1226
|
<param pos="0" name="os.family" value="Linux"/>
|
886
1227
|
<param pos="1" name="host.mac"/>
|
887
1228
|
</fingerprint>
|
1229
|
+
|
1230
|
+
<fingerprint pattern="^CN=([^,]+),OU=Nortek,O=ELAN,L=StuddardMD,ST=[^,]+,C=US$">
|
1231
|
+
<description>ELAN Web Cam</description>
|
1232
|
+
<example host.name="ServerRoom">CN=ServerRoom,OU=Nortek,O=ELAN,L=StuddardMD,ST=10000,C=US</example>
|
1233
|
+
<param pos="0" name="hw.vendor" value="ELAN"/>
|
1234
|
+
<param pos="0" name="hw.device" value="Web cam"/>
|
1235
|
+
<param pos="0" name="hw.product" value="HDIPCam"/>
|
1236
|
+
<param pos="0" name="os.vendor" value="ELAN"/>
|
1237
|
+
<param pos="0" name="os.device" value="Web cam"/>
|
1238
|
+
<param pos="0" name="os.family" value="Linux"/>
|
1239
|
+
<param pos="1" name="host.name"/>
|
1240
|
+
</fingerprint>
|
1241
|
+
|
888
1242
|
<fingerprint pattern="^CN=Dell_OpenManage.*,OU=PG,O=Dell Inc\.,ST=Texas,C=US$">
|
889
1243
|
<description>Dell OpenManage</description>
|
890
1244
|
<example>CN=Dell_OpenManage01,OU=PG,O=Dell Inc.,ST=Texas,C=US</example>
|
@@ -895,6 +1249,7 @@
|
|
895
1249
|
<param pos="0" name="os.device" value="Appliance"/>
|
896
1250
|
<param pos="0" name="os.family" value="Linux"/>
|
897
1251
|
</fingerprint>
|
1252
|
+
|
898
1253
|
<fingerprint pattern="^CN=Equallogic PS Array,OU=Dell Equallogic,O=Dell Inc\.,L=Nashua,ST=New Hampshire,C=US$">
|
899
1254
|
<description>Dell EqualLogic PS Array</description>
|
900
1255
|
<example>CN=Equallogic PS Array,OU=Dell Equallogic,O=Dell Inc.,L=Nashua,ST=New Hampshire,C=US</example>
|
@@ -905,6 +1260,7 @@
|
|
905
1260
|
<param pos="0" name="os.device" value="Storage"/>
|
906
1261
|
<param pos="0" name="os.product" value="EqualLogic"/>
|
907
1262
|
</fingerprint>
|
1263
|
+
|
908
1264
|
<fingerprint pattern="^CN=opennac\.test,L=Madrid,ST=Madrid,C=ES$">
|
909
1265
|
<description>OpenNAC Appliance</description>
|
910
1266
|
<example>CN=opennac.test,L=Madrid,ST=Madrid,C=ES</example>
|
@@ -915,6 +1271,7 @@
|
|
915
1271
|
<param pos="0" name="os.family" value="Linux"/>
|
916
1272
|
<param pos="0" name="os.product" value="Linux"/>
|
917
1273
|
</fingerprint>
|
1274
|
+
|
918
1275
|
<fingerprint pattern="^CN=SmartEdge Sensor,O=AirMagnet,L=Sunnyvale,ST=California,C=US$">
|
919
1276
|
<description>AirMagnet SmartEdge Sensor</description>
|
920
1277
|
<example>CN=SmartEdge Sensor,O=AirMagnet,L=Sunnyvale,ST=California,C=US</example>
|
@@ -922,6 +1279,7 @@
|
|
922
1279
|
<param pos="0" name="hw.device" value="Wireless Controller"/>
|
923
1280
|
<param pos="0" name="hw.product" value="SmartEdge Sensor"/>
|
924
1281
|
</fingerprint>
|
1282
|
+
|
925
1283
|
<fingerprint pattern="^CN=Sensor WebUI,O=AirDefense Inc.,L=Alpharetta,ST=GA,C=US$">
|
926
1284
|
<description>AirDefense Inc Sensor</description>
|
927
1285
|
<example>CN=Sensor WebUI,O=AirDefense Inc.,L=Alpharetta,ST=GA,C=US</example>
|
@@ -929,6 +1287,7 @@
|
|
929
1287
|
<param pos="0" name="hw.device" value="Wireless Controller"/>
|
930
1288
|
<param pos="0" name="hw.product" value="Sensor"/>
|
931
1289
|
</fingerprint>
|
1290
|
+
|
932
1291
|
<fingerprint pattern="^CN=HiveAP,OU=Default,O=Aerohive,ST=California,C=US$">
|
933
1292
|
<description>Aerohive Access Point</description>
|
934
1293
|
<example>CN=HiveAP,OU=Default,O=Aerohive,ST=California,C=US</example>
|
@@ -939,16 +1298,18 @@
|
|
939
1298
|
<param pos="0" name="os.family" value="Linux"/>
|
940
1299
|
<param pos="0" name="os.product" value="Linux"/>
|
941
1300
|
</fingerprint>
|
1301
|
+
|
942
1302
|
<fingerprint pattern="^CN=(usg[^_]+)_([a-fA-F0-9]{12})$">
|
943
1303
|
<description>ZyWall Router</description>
|
944
1304
|
<example hw.product="usg20w" host.mac="5CF4AB615FAC">CN=usg20w_5CF4AB615FAC</example>
|
945
1305
|
<example hw.product="usg20w" host.mac="5067F0BC1D3C">CN=usg20w_5067F0BC1D3C</example>
|
946
1306
|
<example hw.product="usg20" host.mac="107BEF0AD201">CN=usg20_107BEF0AD201</example>
|
947
|
-
<param pos="0" name="hw.vendor" value="
|
948
|
-
<param pos="0" name="hw.device" value="Broadband
|
1307
|
+
<param pos="0" name="hw.vendor" value="Zyxel"/>
|
1308
|
+
<param pos="0" name="hw.device" value="Broadband router"/>
|
949
1309
|
<param pos="1" name="hw.product"/>
|
950
1310
|
<param pos="2" name="host.mac"/>
|
951
1311
|
</fingerprint>
|
1312
|
+
|
952
1313
|
<fingerprint pattern="^CN=([a-fA-F0-9]{16}),O=Philips Hue,C=NL$">
|
953
1314
|
<description>Philips Hue Personal Wireless Lighting</description>
|
954
1315
|
<example host.mac_eui64="001788fffe4f1999">CN=001788fffe4f1999,O=Philips Hue,C=NL</example>
|
@@ -957,4 +1318,113 @@
|
|
957
1318
|
<param pos="0" name="hw.device" value="Light Bulb"/>
|
958
1319
|
<param pos="1" name="host.mac_eui64"/>
|
959
1320
|
</fingerprint>
|
960
|
-
|
1321
|
+
|
1322
|
+
<fingerprint pattern="^CN=www\.ibm\.com,OU=IBM i Service,L=Rochester,ST=Minnesota,C=US$">
|
1323
|
+
<description>IBM iSeries Service Console</description>
|
1324
|
+
<example>CN=www.ibm.com,OU=IBM i Service,L=Rochester,ST=Minnesota,C=US</example>
|
1325
|
+
<param pos="0" name="os.vendor" value="IBM"/>
|
1326
|
+
<param pos="0" name="os.family" value="OS/400"/>
|
1327
|
+
<param pos="0" name="os.product" value="OS/400"/>
|
1328
|
+
<param pos="0" name="os.cpe23" value="cpe:/o:ibm:os_400:-"/>
|
1329
|
+
</fingerprint>
|
1330
|
+
|
1331
|
+
<fingerprint pattern="^CN=.*\.ip\.kaptivo\.live,">
|
1332
|
+
<description>Kaptivo Whiteboard</description>
|
1333
|
+
<example>CN=*.ip.kaptivo.live,OU=Domain Control Validated+OU=PositiveSSL Wildcard</example>
|
1334
|
+
<param pos="0" name="hw.vendor" value="Kaptivo"/>
|
1335
|
+
<param pos="0" name="hw.product" value="Whiteboard"/>
|
1336
|
+
<param pos="0" name="hw.device" value="Whiteboard"/>
|
1337
|
+
</fingerprint>
|
1338
|
+
|
1339
|
+
<fingerprint pattern="^CN=.*,OU=Network Security Management,O=FireEye\\, Inc\.,L=Milpitas,ST=California,C=US$">
|
1340
|
+
<description>FireEye Appliance</description>
|
1341
|
+
<example>CN=noc-feye-ex2,OU=Network Security Management,O=FireEye\, Inc.,L=Milpitas,ST=California,C=US</example>
|
1342
|
+
<param pos="0" name="hw.vendor" value="FireEye"/>
|
1343
|
+
<param pos="0" name="hw.product" value="Appliance"/>
|
1344
|
+
<param pos="0" name="hw.device" value="Security Appliance"/>
|
1345
|
+
</fingerprint>
|
1346
|
+
|
1347
|
+
<fingerprint pattern="^CN=.*,OU=IA,O=FireEye,L=Charlottesville,ST=Virginia,C=US$">
|
1348
|
+
<description>FireEye Investigation Analysis System Appliance</description>
|
1349
|
+
<example>CN=noc-feye-ia2,OU=IA,O=FireEye,L=Charlottesville,ST=Virginia,C=US</example>
|
1350
|
+
<param pos="0" name="hw.vendor" value="FireEye"/>
|
1351
|
+
<param pos="0" name="hw.product" value="IA Appliance"/>
|
1352
|
+
<param pos="0" name="hw.device" value="Security Appliance"/>
|
1353
|
+
</fingerprint>
|
1354
|
+
|
1355
|
+
<fingerprint pattern="^CN=.*,OU=Gigamon Network Visibility Systems,O=Gigamon Inc\.,L=Santa Clara,ST=California,C=US$">
|
1356
|
+
<description>Gigamon GigaVUE Appliance</description>
|
1357
|
+
<example>CN=gvue01,OU=Gigamon Network Visibility Systems,O=Gigamon Inc.,L=Santa Clara,ST=California,C=US</example>
|
1358
|
+
<param pos="0" name="hw.vendor" value="Gigamon"/>
|
1359
|
+
<param pos="0" name="hw.device" value="Monitoring"/>
|
1360
|
+
<param pos="0" name="hw.product" value="GigaVUE"/>
|
1361
|
+
</fingerprint>
|
1362
|
+
|
1363
|
+
<fingerprint pattern="^CN=.*,OU=Telliris,O=DAC Systems,L=Shelton,ST=Connecticut,C=US$">
|
1364
|
+
<description>Telliris IVR</description>
|
1365
|
+
<example>CN=Telliris-IVR,OU=Telliris,O=DAC Systems,L=Shelton,ST=Connecticut,C=US</example>
|
1366
|
+
<param pos="0" name="hw.vendor" value="Telliris"/>
|
1367
|
+
<param pos="0" name="hw.device" value="Voice Appliance"/>
|
1368
|
+
<param pos="0" name="hw.product" value="IVR"/>
|
1369
|
+
</fingerprint>
|
1370
|
+
|
1371
|
+
<fingerprint pattern="^CN=SLS,O=Lantronix,L=Irvine,ST=California,C=US$">
|
1372
|
+
<description>Lantronix SLS terminal server</description>
|
1373
|
+
<example>CN=SLS,O=Lantronix,L=Irvine,ST=California,C=US</example>
|
1374
|
+
<param pos="0" name="hw.vendor" value="Lantronix"/>
|
1375
|
+
<param pos="0" name="hw.device" value="Device Server"/>
|
1376
|
+
<param pos="0" name="hw.product" value="SLS"/>
|
1377
|
+
</fingerprint>
|
1378
|
+
|
1379
|
+
<fingerprint pattern="^CN=Tintri Default Certificate,OU=Tintri Server Certificate,O=Tintri\\, Inc\.,L=Mountain View,ST=CA,C=US$">
|
1380
|
+
<description>Tintri Storage Appliance</description>
|
1381
|
+
<example>CN=Tintri Default Certificate,OU=Tintri Server Certificate,O=Tintri\, Inc.,L=Mountain View,ST=CA,C=US</example>
|
1382
|
+
<param pos="0" name="hw.vendor" value="Tintro"/>
|
1383
|
+
<param pos="0" name="hw.device" value="NAS"/>
|
1384
|
+
<param pos="0" name="hw.product" value="Storage Appliance"/>
|
1385
|
+
</fingerprint>
|
1386
|
+
|
1387
|
+
<fingerprint pattern="^CN=axonius,O=Axonius\\, Inc,L=New York City,ST=New York,C=US$">
|
1388
|
+
<description>Axonius Appliance</description>
|
1389
|
+
<example>CN=axonius,O=Axonius\, Inc,L=New York City,ST=New York,C=US</example>
|
1390
|
+
<param pos="0" name="hw.vendor" value="Axonius"/>
|
1391
|
+
<param pos="0" name="hw.device" value="Security Appliance"/>
|
1392
|
+
<param pos="0" name="hw.product" value="Asset Management"/>
|
1393
|
+
</fingerprint>
|
1394
|
+
|
1395
|
+
<fingerprint pattern="^CN=AVIGILON-CAMERA-([a-zA-Z0-9\.\-]+)-\d+,OU=Certification Manager,O=Avigilon Corporation,L=Vancouver,ST=British Columbia,C=CA$">
|
1396
|
+
<description>Avigilon IP Camera</description>
|
1397
|
+
<example hw.product="5.0-H3-DP1">CN=AVIGILON-CAMERA-5.0-H3-DP1-1242900,OU=Certification Manager,O=Avigilon Corporation,L=Vancouver,ST=British Columbia,C=CA</example>
|
1398
|
+
<param pos="0" name="hw.vendor" value="Avigilon"/>
|
1399
|
+
<param pos="0" name="hw.device" value="IP Camera"/>
|
1400
|
+
<param pos="1" name="hw.product"/>
|
1401
|
+
<param pos="0" name="os.vendor" value="Avigilon"/>
|
1402
|
+
<param pos="0" name="os.family" value="Linux"/>
|
1403
|
+
<param pos="0" name="os.product" value="Linux"/>
|
1404
|
+
</fingerprint>
|
1405
|
+
|
1406
|
+
<fingerprint pattern="^CN=TCAM,OU=Security,O=Truen,L=Seoul,ST=Seoul,C=KR$">
|
1407
|
+
<description>Truen IP Camera (Often Rebranded)</description>
|
1408
|
+
<example>CN=TCAM,OU=Security,O=Truen,L=Seoul,ST=Seoul,C=KR</example>
|
1409
|
+
<param pos="0" name="hw.certainty" value="0.5"/>
|
1410
|
+
<param pos="0" name="hw.vendor" value="Truen"/>
|
1411
|
+
<param pos="0" name="hw.device" value="IP Camera"/>
|
1412
|
+
<param pos="0" name="os.certainty" value="0.5"/>
|
1413
|
+
<param pos="0" name="os.vendor" value="Truen"/>
|
1414
|
+
<param pos="0" name="os.family" value="Linux"/>
|
1415
|
+
<param pos="0" name="os.product" value="Linux"/>
|
1416
|
+
</fingerprint>
|
1417
|
+
|
1418
|
+
<fingerprint pattern="^CN=device.wilibox.com,OU=R&D,O=WILIBOX UAB,L=Kaunas,ST=-,C=LT$">
|
1419
|
+
<description>LigoWave Outdoor AP</description>
|
1420
|
+
<example>CN=device.wilibox.com,OU=R&D,O=WILIBOX UAB,L=Kaunas,ST=-,C=LT</example>
|
1421
|
+
<param pos="0" name="hw.certainty" value="0.50"/>
|
1422
|
+
<param pos="0" name="hw.vendor" value="LigoWave"/>
|
1423
|
+
<param pos="0" name="hw.device" value="WAP"/>
|
1424
|
+
<param pos="0" name="os.certainty" value="0.5"/>
|
1425
|
+
<param pos="0" name="os.vendor" value="LigoWave"/>
|
1426
|
+
<param pos="0" name="os.family" value="Linux"/>
|
1427
|
+
<param pos="0" name="os.product" value="Linux"/>
|
1428
|
+
</fingerprint>
|
1429
|
+
|
1430
|
+
</fingerprints>
|