recog 2.3.7 → 2.3.8

data/xml/ntp_banners.xml

@@ -318,19 +318,27 @@
     <param pos="0" name="os.certainty" value="0.9"/>
     <param pos="0" name="os.cpe23" value="cpe:/o:apple:mac_os_x:10.10"/>
   </fingerprint>
-  <fingerprint pattern="^.*version=&quot;ntpd ([^ ]+)[^&quot;]+&quot;,.*processor=&quot;([^ ]+)&quot;,.*system=&quot;FreeBSD/?(?:[^ ]+-NETSCALER-([^ ]+))&quot;" flags="REG_DOT_NEWLINE,REG_ICASE">
+  <fingerprint pattern="^.*version=&quot;ntpd ([^ p]+)(:?p[^ &quot;]+)?[^&quot;]+&quot;,.*processor=&quot;([^ ]+)&quot;,.*system=&quot;FreeBSD/?(?:[^ ]+-NETSCALER-([^ ]+))&quot;" flags="REG_DOT_NEWLINE,REG_ICASE">
     <description>ntpd running on Citrix Netscaler, which is based on FreeBSD</description>
-    <example>
+    <example service.version="4.2.6" service.version.version="p2@1.2194" os.arch="i386" os.version="9.3">
       version="ntpd 4.2.6p2@1.2194 Wed Nov 24 15:54:11 UTC 2010 (1)",
       processor="i386", system="FreeBSD/6.3-NETSCALER-9.3", leap=00, stratum=3,
     </example>
-    <param pos="0" name="service.family" value="NTP"/>
-    <param pos="0" name="service.product" value="NTP"/>
+    <example service.version="4.2.6" service.version.version="p3-a" os.arch="amd64" os.version="10.5">
+      version="ntpd 4.2.6p3-a (1)", processor="amd64", system="FreeBSD/8.4-NETSCALER-10.5",
+      leap=3, stratum=16, precision=-21, rootdelay=0.000, rootdisp=1264777.230,
+    </example>
     <param pos="1" name="service.version"/>
+    <param pos="2" name="service.version.version"/>
+    <param pos="0" name="service.vendor" value="NTP"/>
+    <param pos="0" name="service.product" value="NTP"/>
+    <param pos="0" name="service.cpe23" value="cpe:/a:ntp:ntp:{service.version}:{service.version.version}"/>
     <param pos="0" name="os.vendor" value="Citrix"/>
+    <param pos="0" name="os.family" value="NetScaler"/>
+    <param pos="0" name="os.device" value="Network Management Device"/>
     <param pos="0" name="os.product" value="NetScaler"/>
-    <param pos="2" name="os.arch"/>
-    <param pos="3" name="os.version"/>
+    <param pos="3" name="os.arch"/>
+    <param pos="4" name="os.version"/>
   </fingerprint>
   <fingerprint pattern="^.*version=&quot;ntpd ([^ ]+)[^&quot;]+&quot;,.*processor=&quot;([^ ]+)&quot;,.*system=&quot;FreeBSD/?([^ ]+)&quot;" flags="REG_DOT_NEWLINE,REG_ICASE">
     <description>ntpd running on FreeBSD</description>
@@ -1008,7 +1016,7 @@
     </example>
     <param pos="0" name="os.vendor" value="Wind River"/>
     <param pos="0" name="os.product" value="VxWorks"/>
-    <param pos="0" name="os.arch" value="arm"/>
+    <param pos="0" name="os.arch" value="ARM"/>
     <param pos="0" name="os.cpe23" value="cpe:/o:windriver:vxworks:-"/>
   </fingerprint>
   <fingerprint pattern="system=&quot;i386-wrs-vxworks&quot;" flags="REG_ICASE">
@@ -1018,7 +1026,7 @@
     </example>
     <param pos="0" name="os.vendor" value="Wind River"/>
     <param pos="0" name="os.product" value="VxWorks"/>
-    <param pos="0" name="os.arch" value="i386"/>
+    <param pos="0" name="os.arch" value="x86"/>
     <param pos="0" name="os.cpe23" value="cpe:/o:windriver:vxworks:-"/>
   </fingerprint>
   <fingerprint pattern="system=&quot;UNIX/Unixware([^ ]+)&quot;" flags="REG_ICASE">

data/xml/operating_system.xml

@@ -32,6 +32,7 @@
     <param pos="0" name="os.product" value="Windows 10 Mobile"/>
     <param pos="1" name="os.edition"/>
     <param pos="0" name="os.device" value="Mobile"/>
+    <param pos="0" name="os.cpe23" value="cpe:/o:microsoft:windows_10_mobile:-"/>
   </fingerprint>
   <fingerprint pattern="^(?i:(?:Microsoft )?(Windows (?:XP|Vista|7|8|8.1|10))(?:\s)?((?:[a-z]+|[a-z]+, )?(?:[a-z]+|[a-z]+\s[a-z]+)?)?(?: Edition)?(?:\s)?(SP\d|SP \d|Service Pack \d)?)$">
     <description>Windows Desktop XP and later</description>

data/xml/rtsp_servers.xml

@@ -5,39 +5,39 @@
     <example service.version="19.04">Flussonic (http://www.flussonic.com/) 19.04</example>
     <example service.version="20.01">Flussonic (http://www.flussonic.com/) 20.01</example>
     <param pos="0" name="service.vendor" value="Flussonic"/>
-    <param pos="0" name="service.product" value="Flussonic Media Server" />
-    <param pos="1" name="service.version" />
+    <param pos="0" name="service.product" value="Flussonic Media Server"/>
+    <param pos="1" name="service.version"/>
   </fingerprint>
   <fingerprint pattern="^Hipcam RealServer\/V([\d\.]+)$">
     <description>Hipcam IP camera running the RealServer RTSP server.</description>
     <example service.version="1.0">Hipcam RealServer/V1.0</example>
     <param pos="0" name="service.vendor" value="RealNetworks"/>
-    <param pos="0" name="service.product" value="RealServer" />
-    <param pos="1" name="service.version" />
-    <param pos="0" name="hw.vendor" value="Hipcam" />
-    <param pos="0" name="hw.device" value="IP Camera" />
+    <param pos="0" name="service.product" value="RealServer"/>
+    <param pos="1" name="service.version"/>
+    <param pos="0" name="hw.vendor" value="Hipcam"/>
+    <param pos="0" name="hw.device" value="IP Camera"/>
   </fingerprint>
   <fingerprint pattern="^Dahua Rtsp Server$">
     <description>Dahua IP Camera</description>
     <example>Dahua Rtsp Server</example>
     <param pos="0" name="service.vendor" value="Dahua"/>
-    <param pos="0" name="hw.vendor" value="Dahua" />
-    <param pos="0" name="hw.device" value="IP Camera" />
+    <param pos="0" name="hw.vendor" value="Dahua"/>
+    <param pos="0" name="hw.device" value="IP Camera"/>
   </fingerprint>
   <fingerprint pattern="^GStreamer RTSP server$">
     <description>GStreamer RTSP Server (https://github.com/GStreamer/gst-rtsp-server)</description>
     <example>GStreamer RTSP server</example>
     <param pos="0" name="service.vendor" value="GStreamer"/>
-    <param pos="0" name="service.product" value="GStreamer RTSP Server" />
+    <param pos="0" name="service.product" value="GStreamer RTSP Server"/>
   </fingerprint>
   <fingerprint pattern="^WMServer\/([\d\.]+)$">
     <description>Windows Media Server</description>
     <example service.version="9.1.1.3862">WMServer/9.1.1.3862</example>
     <example service.version="9.5.6001.22609">WMServer/9.5.6001.22609</example>
     <param pos="0" name="service.vendor" value="Microsoft"/>
-    <param pos="0" name="service.product" value="Windows Media Server" />
+    <param pos="0" name="service.product" value="Windows Media Server"/>
     <param pos="0" name="service.family" value="Windows Media Server"/>
-    <param pos="1" name="service.version" />
+    <param pos="1" name="service.version"/>
     <param pos="0" name="os.vendor" value="Microsoft"/>
     <param pos="0" name="os.family" value="Windows"/>
   </fingerprint>
@@ -46,31 +46,31 @@
     <example service.version="4.7.7" service.version.version="20181108145350" service.product="Streaming Engine">Wowza Streaming Engine 4.7.7 build20181108145350</example>
     <example service.version="3.6.4" service.version.version="9641" service.product="Media Server">Wowza Media Server 3.6.4 build9641</example>
     <param pos="0" name="service.vendor" value="Wowza Media Systems"/>
-    <param pos="1" name="service.product" />
-    <param pos="2" name="service.version" />
-    <param pos="3" name="service.version.version" />
+    <param pos="1" name="service.product"/>
+    <param pos="2" name="service.version"/>
+    <param pos="3" name="service.version.version"/>
   </fingerprint>
   <fingerprint pattern="^HiIpcam\/V\d+R\d+ VodServer\/[\d\.]+$">
     <description>Foscam IP Camera</description>
     <example>HiIpcam/V100R003 VodServer/1.0.0</example>
-    <param pos="0" name="hw.vendor" value="Foscam" />
-    <param pos="0" name="hw.device" value="IP Camera" />
+    <param pos="0" name="hw.vendor" value="Foscam"/>
+    <param pos="0" name="hw.device" value="IP Camera"/>
   </fingerprint>
   <fingerprint pattern="^Indigo\-Security\/[\d\.]+$">
     <description>Indigo Security IP Camera</description>
     <example>Indigo-Security/1.0</example>
-    <param pos="0" name="hw.vendor" value="Indigo Security" />
-    <param pos="0" name="hw.device" value="IP Camera" />
+    <param pos="0" name="hw.vendor" value="Indigo Security"/>
+    <param pos="0" name="hw.device" value="IP Camera"/>
   </fingerprint>
   <fingerprint pattern="^Cisco MediaSense Media Server$">
     <description>Cisco MediaSense Media Server (RTSP)</description>
     <example>Cisco MediaSense Media Server</example>
     <param pos="0" name="service.vendor" value="Cisco"/>
-    <param pos="0" name="service.product" value="MediaSense Media Server"/>
-    <param pos="0" name="service.cpe23" value="cpe:2.3:a:cisco:mediasense:-"/>
+    <param pos="0" name="service.product" value="MediaSense"/>
+    <param pos="0" name="service.cpe23" value="cpe:/a:cisco:mediasense:-"/>
     <param pos="0" name="os.vendor" value="Cisco"/>
     <param pos="0" name="hw.vendor" value="Cisco"/>
     <param pos="0" name="hw.device" value="SIP Gateway"/>
-    <param pos="0" name="hw.product" value="MediaSense Server"/>
+    <param pos="0" name="hw.product" value="MediaSense"/>
   </fingerprint>
 </fingerprints>

data/xml/sip_banners.xml

@@ -3,16 +3,14 @@
   <!--
   SIP Server header values are matched against these patterns to fingerprint SIP devices.
   -->
-
   <!-- Cisco/Tandberg Products -->
-  
   <fingerprint pattern="^Cisco-SIPGateway/IOS-(\S+)\.x$">
     <description>Cisco IOS SIP Gateway w/ Vague Version</description>
     <example os.version="12">Cisco-SIPGateway/IOS-12.x</example>
     <param pos="0" name="service.vendor" value="Cisco"/>
     <param pos="0" name="service.family" value="IOS"/>
     <param pos="0" name="service.product" value="IOS"/>
-    <param pos="0" name="service.cpe23" value="cpe:/a:cisco:ios:{os.version}"/>
+    <param pos="0" name="service.cpe23" value="cpe:/a:cisco:ios:-"/>
     <param pos="0" name="os.vendor" value="Cisco"/>
     <param pos="0" name="os.family" value="IOS"/>
     <param pos="0" name="os.product" value="IOS"/>
@@ -22,7 +20,6 @@
     <param pos="0" name="hw.vendor" value="Cisco"/>
     <param pos="0" name="hw.device" value="Router"/>
   </fingerprint>
-
   <fingerprint pattern="^Cisco-SIPGateway/IOS-(\S+)$">
     <description>Cisco IOS SIP Gateway w/ Full Version</description>
     <example os.version="15.2.4.M3">Cisco-SIPGateway/IOS-15.2.4.M3</example>
@@ -30,11 +27,11 @@
     <example os.version="15.2.3.T">Cisco-SIPGateway/IOS-15.2.3.T</example>
     <example os.version="15.4.3.S5">Cisco-SIPGateway/IOS-15.4.3.S5</example>
     <example os.version="15.6.3.M0a">Cisco-SIPGateway/IOS-15.6.3.M0a</example>
-    <example os.version="16.3.6">Cisco-SIPGateway/IOS-16.3.6</example>    
+    <example os.version="16.3.6">Cisco-SIPGateway/IOS-16.3.6</example>
     <param pos="0" name="service.vendor" value="Cisco"/>
     <param pos="0" name="service.family" value="IOS"/>
     <param pos="0" name="service.product" value="IOS"/>
-    <param pos="0" name="service.cpe23" value="cpe:/a:cisco:ios:{os.version}"/>
+    <param pos="0" name="service.cpe23" value="cpe:/a:cisco:ios:-"/>
     <param pos="0" name="os.vendor" value="Cisco"/>
     <param pos="0" name="os.family" value="IOS"/>
     <param pos="0" name="os.product" value="IOS"/>
@@ -44,7 +41,6 @@
     <param pos="0" name="hw.vendor" value="Cisco"/>
     <param pos="0" name="hw.device" value="Router"/>
   </fingerprint>
-
   <fingerprint pattern="^Cisco-CP-?(\d+G?)(?:-\S+)?/([\d\.]+)">
     <description>Cisco CP VoIP Phone</description>
     <example hw.model="7960G" hw.version="8.0">Cisco-CP7960G/8.0</example>
@@ -59,7 +55,6 @@
     <param pos="1" name="hw.model"/>
     <param pos="2" name="hw.version"/>
   </fingerprint>
-
   <fingerprint pattern="(?:Cisco|Linksys)/(SPA\d+[DG]?\d?)-([\d\.a-zA-Z]+)">
     <description>Cisco/Linksys SPA VoIP Phone</description>
     <example hw.model="SPA112" hw.version="1.4.1SR1">Cisco/SPA112-1.4.1SR1(002)d-hisec</example>
@@ -77,7 +72,6 @@
     <param pos="1" name="hw.model"/>
     <param pos="2" name="hw.version"/>
   </fingerprint>
-
   <fingerprint pattern="(?:Cisco|Linksys)(?: |/)(PAP2T?)(?:-|/)(\S+)$">
     <description>Cisco/Linksys VoIP / Internet Phone adapter</description>
     <example hw.version="3.1.22(LS)" hw.model="PAP2">PhoneSystems.net aabbccddeeff Linksys/PAP2-3.1.22(LS)</example>
@@ -93,7 +87,6 @@
     <param pos="1" name="hw.model"/>
     <param pos="2" name="hw.version"/>
   </fingerprint>
-
   <fingerprint pattern="^Cisco/(SRP\d+)-([\d\.]+)">
     <description>Cisco Services Ready Platforms (SRP) Router</description>
     <example hw.model="SRP541" hw.version="1.2.6">Cisco/SRP541-1.2.6(003)</example>
@@ -106,7 +99,6 @@
     <param pos="1" name="hw.model"/>
     <param pos="2" name="hw.version"/>
   </fingerprint>
-
   <fingerprint pattern="(?:Cisco|Linksys)/(WRP\d+)-(\S+)$">
     <description>Cisco/Linksys WRP Wireless Router</description>
     <example hw.version="2.00.26" hw.model="WRP400">aabbccddeeff_FinalStage_Linksys/WRP400-2.00.26</example>
@@ -120,7 +112,6 @@
     <param pos="1" name="hw.model"/>
     <param pos="2" name="hw.version"/>
   </fingerprint>
-
   <fingerprint pattern="^TANDBERG/(\d+) \((.*)\) Cisco-(\S+)$">
     <description>Cisco/Tandberg TelePresence w/Cisco Model Name</description>
     <example os.version="TC7.3.7.01c84fd" tandberg.model="528" hw.product="EX60">TANDBERG/528 (TC7.3.7.01c84fd) Cisco-EX60</example>
@@ -130,13 +121,11 @@
     <param pos="0" name="os.product" value="Linux"/>
     <param pos="1" name="tandberg.model"/>
     <param pos="2" name="os.version"/>
-    <param pos="0" name="os.cpe23" value="cpe:/o:cisco:telepresence:{os.version}"/>
     <param pos="0" name="hw.vendor" value="Cisco"/>
     <param pos="0" name="hw.family" value="TelePresence"/>
     <param pos="0" name="hw.device" value="Video Conferencing"/>
     <param pos="3" name="hw.product"/>
   </fingerprint>
-
   <fingerprint pattern="^(TANDBERG/(\d+)) \((\S+).*\)$">
     <description>Cisco/Tandberg TelePresence</description>
     <example os.version="TC7.0.2.aecf2d9" tandberg.model="519" hw.product="TANDBERG/519">TANDBERG/519 (TC7.0.2.aecf2d9)</example>
@@ -144,21 +133,18 @@
     <example os.version="X8.2.1" hw.product="TANDBERG/4130">TANDBERG/4130 (X8.2.1)</example>
     <example os.version="XC2.2.1-b2bua-1.0" hw.product="TANDBERG/4353" tandberg.model="4353">TANDBERG/4353 (XC2.2.1-b2bua-1.0)</example>
     <example os.version="TC5.1.4.295090" hw.product="TANDBERG/516" tandberg.model="516">TANDBERG/516 (TC5.1.4.295090)</example>
-    <example os.version="TCNC5.1.4.295090" hw.product="TANDBERG/517" tandberg.model="517">TANDBERG/517 (TCNC5.1.4.295090)</example>    
+    <example os.version="TCNC5.1.4.295090" hw.product="TANDBERG/517" tandberg.model="517">TANDBERG/517 (TCNC5.1.4.295090)</example>
     <param pos="0" name="os.vendor" value="Tandberg"/>
     <param pos="0" name="os.family" value="Linux"/>
     <param pos="0" name="os.product" value="Linux"/>
     <param pos="2" name="tandberg.model"/>
     <param pos="3" name="os.version"/>
-    <param pos="0" name="os.cpe23" value="cpe:/o:cisco:telepresence:{os.version}"/>
     <param pos="0" name="hw.vendor" value="Cisco"/>
     <param pos="0" name="hw.family" value="TelePresence"/>
     <param pos="0" name="hw.device" value="Video Conferencing"/>
     <param pos="1" name="hw.product"/>
   </fingerprint>
-
   <!-- Various -->
-
   <fingerprint pattern="EnGenius_Router$">
     <description>EnGenius DuraFon IP Phone</description>
     <example>EnGenius_Router</example>
@@ -166,7 +152,6 @@
     <param pos="0" name="hw.product" value="DuraFon"/>
     <param pos="0" name="hw.device" value="VoIP"/>
   </fingerprint>
-
   <fingerprint pattern="(?i)^Huawei (SoftX\d+) (?:V\d.*)$">
     <description>Huawei Softswitch</description>
     <example hw.model="SoftX3000">Huawei SoftX3000 V300R006</example>
@@ -175,13 +160,11 @@
     <param pos="0" name="hw.product" value="Softswitch"/>
     <param pos="1" name="hw.model"/>
   </fingerprint>
-
   <fingerprint pattern="(?i)^SIP/1.0 \(Huawei\)$">
     <description>Huawei generic</description>
     <example>SIP/1.0 (Huawei)</example>
     <param pos="0" name="hw.vendor" value="Huawei"/>
   </fingerprint>
-
   <fingerprint pattern="^M5T SIP(?: Stack|-UA SAFE)/v?([\d\.]+)">
     <description>Media5 Corporation SIP Stack</description>
     <example service.version="4.1.2.2">M5T SIP Stack/4.1.2.2</example>
@@ -192,7 +175,6 @@
     <param pos="1" name="service.version"/>
     <param pos="0" name="hw.device" value="VoIP"/>
   </fingerprint>
-
   <fingerprint pattern="^Tilgin Vood ([^_\s]+)">
     <description>Tilgin Vood</description>
     <example hw.model="HG238x">Tilgin Vood HG238x_ESx000-02_07_03_26</example>
@@ -202,7 +184,6 @@
     <param pos="0" name="hw.product" value="Vood"/>
     <param pos="1" name="hw.model"/>
   </fingerprint>
-
   <fingerprint pattern="^(F\d{3})/VT?(\d(?:[\d\.A-Z]+))$">
     <description>ZTE GPON Router</description>
     <example hw.product="F620" hw.version="3.30.20P5T4S">F620/V3.30.20P5T4S</example>
@@ -213,7 +194,6 @@
     <param pos="1" name="hw.product"/>
     <param pos="2" name="hw.version"/>
   </fingerprint>
-
   <fingerprint pattern="^ZXDSL (\S+)/V?(\d(?:[\d\.A-Z_]+))$">
     <description>ZTE ZXDSL router</description>
     <example hw.product="931VII" hw.version="2.0.00.OTET06">ZXDSL 931VII/V2.0.00.OTET06</example>
@@ -223,7 +203,6 @@
     <param pos="1" name="hw.product"/>
     <param pos="2" name="hw.version"/>
   </fingerprint>
-
   <fingerprint pattern="^(?:ZXHN )?(H\d{3}N)/V?(\d(?:[\d\.A-Z_]+))$">
     <description>ZTE ZXHN router</description>
     <example hw.product="H218N" hw.version="1.02.01_ERS">ZXHN H218N/V1.02.01_ERS</example>
@@ -237,7 +216,6 @@
     <param pos="1" name="hw.product"/>
     <param pos="2" name="hw.version"/>
   </fingerprint>
-
   <fingerprint pattern="^Aastra ([^/]+)/([a-zA-Z0-9\.\-]+)$">
     <description>Aastra IP Phone</description>
     <example hw.product="6865i" os.version="4.2.0.2023">Aastra 6865i/4.2.0.2023</example>
@@ -250,7 +228,6 @@
     <param pos="0" name="hw.device" value="VoIP"/>
     <param pos="1" name="hw.product"/>
   </fingerprint>
-
   <fingerprint pattern="^(?:Audiocodes-Sip-Gateway-)?(\S+) FX[A-Z_]+/v.(\S+)$">
     <description>Audiocodes-Sip-Gateway</description>
     <example hw.product="MP-124" os.version="6.00A.034.003">Audiocodes-Sip-Gateway-MP-124 FXS/v.6.00A.034.003</example>
@@ -264,7 +241,6 @@
     <param pos="0" name="hw.device" value="SIP Gateway"/>
     <param pos="1" name="hw.product"/>
   </fingerprint>
-
   <fingerprint pattern="^Wildix GW-(\S+)$">
     <description>Wildix SIP Gateway</description>
     <example os.version="5.0.3.42145">Wildix GW-5.0.3.42145</example>
@@ -276,7 +252,6 @@
     <param pos="0" name="hw.device" value="SIP Gateway"/>
     <param pos="0" name="hw.product" value="SIP Gateway"/>
   </fingerprint>
-
   <fingerprint pattern="^Wildix GW$">
     <description>Wildix SIP Gateway w/o Version</description>
     <example>Wildix GW</example>
@@ -287,7 +262,6 @@
     <param pos="0" name="hw.device" value="SIP Gateway"/>
     <param pos="0" name="hw.product" value="SIP Gateway"/>
   </fingerprint>
-
   <fingerprint pattern="^Asterisk PBX (\S+)$">
     <description>Asterisk PBX w/ Version</description>
     <example service.version="13.18.0-6.7.1.1.rl.1538157944.1c65507">Asterisk PBX 13.18.0-6.7.1.1.rl.1538157944.1c65507</example>
@@ -296,18 +270,14 @@
     <param pos="0" name="service.family" value="PBX"/>
     <param pos="0" name="service.product" value="PBX"/>
     <param pos="1" name="service.version"/>
-    <param pos="0" name="service.cpe23" value="cpe:/a:asterisk:asterisk:{service.version}"/>
   </fingerprint>
-
   <fingerprint pattern="^Asterisk PBX$">
     <description>Asterisk PBX w/o Version</description>
     <example>Asterisk PBX</example>
     <param pos="0" name="service.vendor" value="Asterisk"/>
     <param pos="0" name="service.family" value="PBX"/>
     <param pos="0" name="service.product" value="PBX"/>
-    <param pos="0" name="service.cpe23" value="cpe:/a:asterisk:asterisk:-"/>
   </fingerprint>
-
   <fingerprint pattern="^FPBX-(\S+)$">
     <description>FreePBX</description>
     <example service.version="12.0.70(11.20.0)">FPBX-12.0.70(11.20.0)</example>
@@ -316,9 +286,7 @@
     <param pos="0" name="service.family" value="PBX"/>
     <param pos="0" name="service.product" value="PBX"/>
     <param pos="1" name="service.version"/>
-    <param pos="0" name="service.cpe23" value="cpe:/a:freepbx:freepbx:{service.version}"/>
   </fingerprint>
-
   <fingerprint pattern="^kamailio \((\S+) \((.*)\)\)$">
     <description>Kamailio SIP Server</description>
     <example service.version="4.4.4" kamailio.platform="x86_64/linux">kamailio (4.4.4 (x86_64/linux))</example>
@@ -327,9 +295,7 @@
     <param pos="0" name="service.product" value="SIP Server"/>
     <param pos="1" name="service.version"/>
     <param pos="2" name="kamailio.platform"/>
-    <param pos="0" name="service.cpe23" value="cpe:/a:kamailio:kamailio:{service.version}"/>
   </fingerprint>
-
   <!-- This match covers multiple product families and should be split up further -->
   <fingerprint pattern="^Algo-([^/]+)/(.*)$">
     <description>Algo SIP Device</description>
@@ -342,7 +308,6 @@
     <param pos="0" name="hw.device" value="SIP Device"/>
     <param pos="1" name="hw.product"/>
   </fingerprint>
-
   <fingerprint pattern="^(?:SIParator|Ingate-Firewall)/(\S+)$">
     <description>Ingate SIParator Firewall</description>
     <example os.version="5.0.10">Ingate-Firewall/5.0.10</example>
@@ -355,5 +320,4 @@
     <param pos="0" name="hw.device" value="SIP Gateway"/>
     <param pos="0" name="hw.product" value="SIParator Firewall"/>
   </fingerprint>
-
-</fingerprints>
+</fingerprints>

data/xml/sip_user_agents.xml

@@ -11,6 +11,8 @@
     <param pos="0" name="hw.device" value="Web cam"/>
     <param pos="0" name="hw.family" value="Network Video Door Station"/>
     <param pos="1" name="hw.product"/>
+    <param pos="0" name="os.vendor" value="AXIS"/>
+    <param pos="0" name="os.family" value="Linux"/>
   </fingerprint>
   <fingerprint pattern="(?i)^AXIS (\S+) Network (?:Audio Bridge|(?:Cabinet|Horn) Speaker)$">
     <description>Axis Network audio devices</description>
@@ -20,6 +22,8 @@
     <param pos="0" name="hw.vendor" value="Axis"/>
     <param pos="0" name="hw.family" value="Network Audio"/>
     <param pos="1" name="hw.product"/>
+    <param pos="0" name="os.vendor" value="AXIS"/>
+    <param pos="0" name="os.family" value="Linux"/>
   </fingerprint>
   <!-- Cisco Devices -->
   <fingerprint pattern="^Cisco-SIPGateway/IOS-([\d\.x]+)$">
@@ -125,7 +129,7 @@
     <example hw.version="4.1.4.7430" hw.family="VVX" hw.product="VVX 400" host.mac="010203040506">PolycomVVX-VVX_400-UA/4.1.4.7430_010203040506</example>
     <example hw.version="5.5.0.23866" hw.family="VVX" hw.product="VVX 501">Polycom/5.5.0.23866 PolycomVVX-VVX_501-UA/5.5.0.23866</example>
     <example hw.version="4.0.7.2514" hw.family="SoundPoint" hw.product="SoundPoint 670">PolycomSoundPointIP-SPIP_670-UA/4.0.7.2514</example>
-    <example hw.version="4.0.8.1608" hw.family="SoundStation" hw.product="SoundStation 7000">PolycomSoundStationIP-SSIP_7000-UA/4.0.8.1608</example>
+    <example hw.version="4.0.8.1608" hw.model="7000" hw.family="SoundStation" hw.product="SoundStation 7000">PolycomSoundStationIP-SSIP_7000-UA/4.0.8.1608</example>
     <param pos="0" name="hw.vendor" value="Polycom"/>
     <param pos="0" name="hw.device" value="VoIP"/>
     <param pos="1" name="hw.family"/>
@@ -179,4 +183,39 @@
     <param pos="0" name="service.product" value="SIPPS IP Phone"/>
     <param pos="1" name="service.version"/>
   </fingerprint>
+  <fingerprint pattern="^ShoreGear/([\d\.]+)\s+\(ShoreTel \d+\)$">
+    <description>ShoreTel VoIP Switch</description>
+    <example hw.version="21.90.4128.0">ShoreGear/21.90.4128.0 (ShoreTel 15)</example>
+    <example hw.version="22.11.4900.0">ShoreGear/22.11.4900.0 (ShoreTel 15)</example>
+    <param pos="0" name="hw.vendor" value="ShoreTel"/>
+    <param pos="0" name="hw.device" value="VoIP Switch"/>
+    <param pos="1" name="hw.version"/>
+  </fingerprint>
+  <fingerprint pattern="^MERCURY-([a-fA-F0-9]{12})$">
+    <description>Crestron Mercury</description>
+    <example host.mac="00107F1ABAA0">MERCURY-00107F1ABAA0</example>
+    <param pos="0" name="hw.vendor" value="Crestron"/>
+    <param pos="0" name="hw.device" value="Video Conferencing"/>
+    <param pos="0" name="hw.product" value="Mercury"/>
+    <param pos="0" name="os.vendor" value="Crestron"/>
+    <param pos="0" name="os.family" value="Linux"/>
+    <param pos="0" name="os.device" value="Video Conferencing"/>
+    <param pos="1" name="host.mac"/>
+  </fingerprint>
+  <fingerprint pattern="^IPDECT/([\d\.]+)\s+\(MAC=([a-fA-F0-9]{12}); SER=">
+    <description>Konftel IP Phone</description>
+    <example host.mac="00087B0F1D30" hw.version="03.55.0013">IPDECT/03.55.0013 (MAC=00087B0F1D30; SER= 00000; HW=1)</example>
+    <param pos="0" name="hw.vendor" value="Konftel"/>
+    <param pos="0" name="hw.device" value="VoIP"/>
+    <param pos="1" name="hw.version"/>
+    <param pos="2" name="host.mac"/>
+  </fingerprint>
+  <fingerprint pattern="^Sangoma ([^\s]+) V([a-zA-Z0-9\.]+)=?">
+    <description>Sangoma IP Phone</description>
+    <example hw.product="S305" hw.version="3.0.4.72">Sangoma S305 V3.0.4.72</example>
+    <param pos="0" name="hw.vendor" value="Sangoma"/>
+    <param pos="0" name="hw.device" value="VoIP"/>
+    <param pos="2" name="hw.version"/>
+    <param pos="1" name="hw.product"/>
+  </fingerprint>
 </fingerprints>