recog 2.3.8 → 2.3.13

Sign up to get free protection for your applications and to get access to all the features.
Files changed (69) hide show
  1. checksums.yaml +4 -4
  2. data/.gitignore +6 -0
  3. data/CONTRIBUTING.md +136 -37
  4. data/README.md +18 -16
  5. data/bin/recog_cleanup +16 -0
  6. data/bin/recog_standardize +30 -6
  7. data/cpe-remap.yaml +18 -2
  8. data/identifiers/README.md +9 -0
  9. data/identifiers/hw_device.txt +77 -0
  10. data/identifiers/hw_family.txt +96 -0
  11. data/identifiers/hw_product.txt +328 -0
  12. data/identifiers/os_architecture.txt +6 -6
  13. data/identifiers/os_device.txt +45 -3
  14. data/identifiers/os_family.txt +206 -41
  15. data/identifiers/os_product.txt +238 -17
  16. data/identifiers/service_family.txt +144 -57
  17. data/identifiers/service_product.txt +385 -83
  18. data/identifiers/vendor.txt +554 -68
  19. data/lib/recog/version.rb +1 -1
  20. data/requirements.txt +1 -1
  21. data/update_cpes.py +3 -0
  22. data/xml/apache_modules.xml +292 -5
  23. data/xml/apache_os.xml +41 -2
  24. data/xml/architecture.xml +11 -3
  25. data/xml/dns_versionbind.xml +191 -15
  26. data/xml/favicons.xml +1701 -0
  27. data/xml/ftp_banners.xml +250 -18
  28. data/xml/h323_callresp.xml +112 -12
  29. data/xml/hp_pjl_id.xml +47 -5
  30. data/xml/html_title.xml +1278 -25
  31. data/xml/http_cookies.xml +64 -9
  32. data/xml/http_servers.xml +1013 -96
  33. data/xml/http_wwwauth.xml +141 -26
  34. data/xml/imap_banners.xml +62 -13
  35. data/xml/ldap_searchresult.xml +81 -9
  36. data/xml/mdns_device-info_txt.xml +175 -2
  37. data/xml/mdns_workstation_txt.xml +4 -2
  38. data/xml/mysql_banners.xml +134 -7
  39. data/xml/mysql_error.xml +113 -6
  40. data/xml/nntp_banners.xml +10 -2
  41. data/xml/ntp_banners.xml +80 -4
  42. data/xml/operating_system.xml +89 -3
  43. data/xml/pop_banners.xml +87 -33
  44. data/xml/rsh_resp.xml +11 -2
  45. data/xml/rtsp_servers.xml +22 -2
  46. data/xml/sip_banners.xml +35 -4
  47. data/xml/sip_user_agents.xml +29 -2
  48. data/xml/smb_native_lm.xml +10 -2
  49. data/xml/smb_native_os.xml +79 -2
  50. data/xml/smtp_banners.xml +230 -9
  51. data/xml/smtp_debug.xml +6 -4
  52. data/xml/smtp_ehlo.xml +7 -5
  53. data/xml/smtp_expn.xml +13 -4
  54. data/xml/smtp_help.xml +23 -4
  55. data/xml/smtp_mailfrom.xml +5 -2
  56. data/xml/smtp_noop.xml +6 -5
  57. data/xml/smtp_quit.xml +5 -4
  58. data/xml/smtp_rcptto.xml +5 -2
  59. data/xml/smtp_rset.xml +4 -4
  60. data/xml/smtp_turn.xml +4 -4
  61. data/xml/smtp_vrfy.xml +14 -4
  62. data/xml/snmp_sysdescr.xml +733 -25
  63. data/xml/snmp_sysobjid.xml +47 -2
  64. data/xml/ssh_banners.xml +182 -8
  65. data/xml/telnet_banners.xml +493 -22
  66. data/xml/x11_banners.xml +26 -3
  67. data/xml/x509_issuers.xml +30 -6
  68. data/xml/x509_subjects.xml +200 -31
  69. metadata +8 -2
@@ -1,9 +1,10 @@
1
- <?xml version="1.0" encoding="UTF-8"?>
1
+ <?xml version='1.0' encoding='UTF-8'?>
2
2
  <fingerprints matches="nntp.banner" protocol="nntp" database_type="service">
3
3
  <!--
4
4
  NNTP greeting messages (part of the banner after the response code) are matched
5
5
  against these patterns to fingerprint NNTP servers.
6
6
  -->
7
+
7
8
  <fingerprint pattern="CCProxy NNTP Service$">
8
9
  <description>Youngzsoft CCProxy NNTP with no version</description>
9
10
  <example>CCProxy NNTP Service</example>
@@ -11,6 +12,7 @@
11
12
  <param pos="0" name="service.family" value="CCProxy"/>
12
13
  <param pos="0" name="service.product" value="CCProxy"/>
13
14
  </fingerprint>
15
+
14
16
  <fingerprint pattern="^(\S+) Lyris ListManager NNTP Service ready">
15
17
  <description>Lyris Listmanager</description>
16
18
  <example host.name="blah">blah Lyris ListManager NNTP Service ready (posting ok).</example>
@@ -19,6 +21,7 @@
19
21
  <param pos="0" name="service.product" value="ListManager"/>
20
22
  <param pos="1" name="host.name"/>
21
23
  </fingerprint>
24
+
22
25
  <fingerprint pattern="^NNTP Service (?:.*) Version: (5.0.2195.[0-9]+) .*$">
23
26
  <description>Microsoft IIS NNTP Server on Windows 2000</description>
24
27
  <example>NNTP Service 5.00.0984 Version: 5.0.2195.7034 Posting Allowed</example>
@@ -34,6 +37,7 @@
34
37
  <param pos="0" name="os.cpe23" value="cpe:/o:microsoft:windows_2000:-"/>
35
38
  <param pos="1" name="ms.nttp.version"/>
36
39
  </fingerprint>
40
+
37
41
  <fingerprint pattern="^NNTP Service (?:.*) Version: (6.0.3790.[0-9]+) .*$">
38
42
  <description>Microsoft IIS NNTP Server on Windows Server 2003</description>
39
43
  <example>NNTP Service 6.0.3790.3959 Version: 6.0.3790.3959 Posting Allowed</example>
@@ -49,6 +53,7 @@
49
53
  <param pos="0" name="os.cpe23" value="cpe:/o:microsoft:windows_server_2003:-"/>
50
54
  <param pos="1" name="ms.nttp.version"/>
51
55
  </fingerprint>
56
+
52
57
  <fingerprint pattern="^NNTP Service Microsoft. Internet Services (?:.*) Version: (?:[^ ]+) .*$">
53
58
  <description>Older Microsoft IIS NNTP Servers</description>
54
59
  <example>NNTP Service Microsoft. Internet Services 5.00 Version: 5.0.2068.0 Posting Allowed</example>
@@ -63,6 +68,7 @@
63
68
  <param pos="0" name="os.product" value="Windows"/>
64
69
  <param pos="0" name="os.cpe23" value="cpe:/o:microsoft:windows:-"/>
65
70
  </fingerprint>
71
+
66
72
  <fingerprint pattern="^Kerio (?:Connect|MailServer)\s+(\d\.[\d.]+)\s+(?:(?:patch|RC) (\d)\s+)?NNTP server ready$">
67
73
  <description>Kerio Connect NNTP</description>
68
74
  <example service.version="9.2.3">Kerio Connect 9.2.3 NNTP server ready</example>
@@ -74,9 +80,11 @@
74
80
  <param pos="1" name="service.version"/>
75
81
  <param pos="2" name="service.version.version"/>
76
82
  </fingerprint>
83
+
77
84
  <fingerprint pattern="^NNTP server ready(?: \(no posting\))?$">
78
85
  <description>Non-specific NNTP</description>
79
86
  <example>NNTP server ready (no posting)</example>
80
87
  <example>NNTP server ready</example>
81
88
  </fingerprint>
82
- </fingerprints>
89
+
90
+ </fingerprints>
@@ -1,8 +1,9 @@
1
- <?xml version="1.0" encoding="UTF-8"?>
1
+ <?xml version='1.0' encoding='UTF-8'?>
2
2
  <fingerprints matches="ntp.readvar" protocol="ntp" database_type="service" preference="0.80">
3
3
  <!--
4
4
  NTP "banners", taken from a readvar response
5
5
  -->
6
+
6
7
  <fingerprint pattern="^.*version=Domain Time II (\S+),hostname=([^,]+),.*system=Win2003.*,processor=(\S+)" flags="REG_DOT_NEWLINE,REG_ICASE">
7
8
  <description>Greyware Automation Products, Inc. Domain Time II on Windows Server 2003</description>
8
9
  <example service.version="5.1.b.20100331R" os.arch="x64" host.name="blah">
@@ -21,6 +22,7 @@
21
22
  <param pos="3" name="os.arch"/>
22
23
  <param pos="0" name="os.cpe23" value="cpe:/o:microsoft:windows_server_2003:-"/>
23
24
  </fingerprint>
25
+
24
26
  <fingerprint pattern="^.*version=Domain Time II (\S+),hostname=([^,]+),.*system=Win2008R2.*,processor=(\S+)" flags="REG_DOT_NEWLINE,REG_ICASE">
25
27
  <description>Greyware Automation Products, Inc. Domain Time II on Windows Server 2008 R2</description>
26
28
  <example service.version="5.2.b.20120215R" os.arch="x64" host.name="blah">
@@ -32,10 +34,11 @@
32
34
  <param pos="2" name="host.name"/>
33
35
  <param pos="0" name="os.vendor" value="Microsoft"/>
34
36
  <param pos="0" name="os.family" value="Windows"/>
35
- <param pos="0" name="os.product" value="Windows 2008 R2"/>
37
+ <param pos="0" name="os.product" value="Windows Server 2008 R2"/>
36
38
  <param pos="3" name="os.arch"/>
37
39
  <param pos="0" name="os.cpe23" value="cpe:/o:microsoft:windows_server_2008:-"/>
38
40
  </fingerprint>
41
+
39
42
  <fingerprint pattern="^.*version=Domain Time II (\S+),hostname=([^,]+),.*system=Win2008.*,processor=(\S+)" flags="REG_DOT_NEWLINE,REG_ICASE">
40
43
  <description>Greyware Automation Products, Inc. Domain Time II on Windows 2008</description>
41
44
  <example service.version="5.2.b.20140303R" os.arch="x86" host.name="blah">
@@ -54,6 +57,7 @@
54
57
  <param pos="3" name="os.arch"/>
55
58
  <param pos="0" name="os.cpe23" value="cpe:/o:microsoft:windows_server_2008:-"/>
56
59
  </fingerprint>
60
+
57
61
  <fingerprint pattern="^.*version=Domain Time II (\S+),hostname=([^,]+),.*system=Win2012.*,processor=(\S+)" flags="REG_DOT_NEWLINE,REG_ICASE">
58
62
  <description>Greyware Automation Products, Inc. Domain Time II on Windows Server 2012</description>
59
63
  <example service.version="5.2.b.20140101R" os.arch="x64" host.name="blah">
@@ -69,6 +73,7 @@
69
73
  <param pos="3" name="os.arch"/>
70
74
  <param pos="0" name="os.cpe23" value="cpe:/o:microsoft:windows_server_2012:-"/>
71
75
  </fingerprint>
76
+
72
77
  <fingerprint pattern="^.*version=Domain Time II (\S+),hostname=([^,]+),.*system=Win7.*,processor=(\S+)" flags="REG_DOT_NEWLINE,REG_ICASE">
73
78
  <description>Greyware Automation Products, Inc. Domain Time II on Windows 7</description>
74
79
  <example service.version="5.2.b.20130405R" os.arch="x64" host.name="blah">
@@ -84,6 +89,7 @@
84
89
  <param pos="3" name="os.arch"/>
85
90
  <param pos="0" name="os.cpe23" value="cpe:/o:microsoft:windows_7:-"/>
86
91
  </fingerprint>
92
+
87
93
  <fingerprint pattern="^.*version=&quot;ntpd (\S+)[^&quot;]+&quot;,.*system=&quot;Equallogic \(R\) storage array&quot;" flags="REG_DOT_NEWLINE,REG_ICASE">
88
94
  <description>ntpd running on an EqualLogic Storage Array that includes the NTP version</description>
89
95
  <example>
@@ -100,6 +106,7 @@
100
106
  <param pos="0" name="os.vendor" value="EqualLogic"/>
101
107
  <param pos="0" name="os.product" value="Storage Array"/>
102
108
  </fingerprint>
109
+
103
110
  <fingerprint pattern="^.*system=&quot;Equallogic \(R\) storage array&quot;" flags="REG_DOT_NEWLINE,REG_ICASE">
104
111
  <description>ntpd running on an EqualLogic Storage Array that does not include the NTP version</description>
105
112
  <example>
@@ -112,6 +119,7 @@
112
119
  <param pos="0" name="os.vendor" value="EqualLogic"/>
113
120
  <param pos="0" name="os.product" value="Storage Array"/>
114
121
  </fingerprint>
122
+
115
123
  <fingerprint pattern="^.*version=&quot;ntpd ([^ ]+)[^&quot;]+&quot;,.*processor=&quot;([^ ]+)&quot;,.*system=&quot;Linux/(?:[^ ]+\.ESX)&quot;" flags="REG_DOT_NEWLINE,REG_ICASE">
116
124
  <description>ntpd running on VMware ESX</description>
117
125
  <example service.version="4.2.2p1@1.1570-o" os.arch="x86_64">
@@ -127,6 +135,7 @@
127
135
  <param pos="2" name="os.arch"/>
128
136
  <param pos="0" name="os.cpe23" value="cpe:/o:vmware:esx:-"/>
129
137
  </fingerprint>
138
+
130
139
  <fingerprint pattern="^.*version=&quot;ntpd ([^ ]+)[^&quot;]+&quot;,.*processor=&quot;([^ ]+)&quot;,.*system=&quot;Linux/?([^ ]+)&quot;" flags="REG_DOT_NEWLINE,REG_ICASE">
131
140
  <description>ntpd running on Linux</description>
132
141
  <example>
@@ -143,6 +152,7 @@
143
152
  <param pos="3" name="os.version"/>
144
153
  <param pos="0" name="os.cpe23" value="cpe:/o:linux:linux_kernel:{os.version}"/>
145
154
  </fingerprint>
155
+
146
156
  <fingerprint pattern="^.*version=&quot;ntpd ([^ ]+)[^&quot;]+&quot;,.*processor=&quot;([^&quot;]+)&quot;,.*system=&quot;Darwin/?6\.([^&quot;]+)&quot;" flags="REG_DOT_NEWLINE,REG_ICASE">
147
157
  <description>ntpd running on Mac OSX 10.2/Jaguar</description>
148
158
  <example service.version="4.1.1@1.786" os.version.version="8">
@@ -160,6 +170,7 @@
160
170
  <param pos="0" name="os.certainty" value="0.9"/>
161
171
  <param pos="0" name="os.cpe23" value="cpe:/o:apple:mac_os_x:10.2"/>
162
172
  </fingerprint>
173
+
163
174
  <fingerprint pattern="^.*version=&quot;ntpd ([^ ]+)[^&quot;]+&quot;,.*processor=&quot;([^&quot;]+)&quot;,.*system=&quot;Darwin/?7\.([^&quot;]+)&quot;" flags="REG_DOT_NEWLINE,REG_ICASE">
164
175
  <description>ntpd running on Mac OSX 10.3/Panther</description>
165
176
  <param pos="0" name="service.family" value="NTP"/>
@@ -174,6 +185,7 @@
174
185
  <param pos="0" name="os.certainty" value="0.9"/>
175
186
  <param pos="0" name="os.cpe23" value="cpe:/o:apple:mac_os_x:10.3"/>
176
187
  </fingerprint>
188
+
177
189
  <fingerprint pattern="^.*version=&quot;ntpd ([^ ]+)[^&quot;]+&quot;,.*processor=&quot;([^&quot;]+)&quot;,.*system=&quot;Darwin/?8\.([^&quot;]+)&quot;" flags="REG_DOT_NEWLINE,REG_ICASE">
178
190
  <description>ntpd running on Mac OSX 10.4/Tiger</description>
179
191
  <example>
@@ -192,6 +204,7 @@
192
204
  <param pos="0" name="os.certainty" value="0.9"/>
193
205
  <param pos="0" name="os.cpe23" value="cpe:/o:apple:mac_os_x:10.4"/>
194
206
  </fingerprint>
207
+
195
208
  <fingerprint pattern="^.*version=&quot;ntpd ([^ ]+)[^&quot;]+&quot;,.*processor=&quot;([^&quot;]+)&quot;,.*system=&quot;Darwin/?9\.([^&quot;]+)&quot;" flags="REG_DOT_NEWLINE,REG_ICASE">
196
209
  <description>ntpd running on Mac OSX 10.5/Leopard</description>
197
210
  <example>
@@ -210,6 +223,7 @@
210
223
  <param pos="0" name="os.certainty" value="0.9"/>
211
224
  <param pos="0" name="os.cpe23" value="cpe:/o:apple:mac_os_x:10.5"/>
212
225
  </fingerprint>
226
+
213
227
  <fingerprint pattern="^.*version=&quot;ntpd ([^ ]+)[^&quot;]+&quot;,.*processor=&quot;([^&quot;]+)&quot;,.*system=&quot;Darwin/?10\.([^&quot;]+)&quot;" flags="REG_DOT_NEWLINE,REG_ICASE">
214
228
  <description>ntpd running on Mac OSX 10.6/Snow Leopard</description>
215
229
  <example>
@@ -228,6 +242,7 @@
228
242
  <param pos="0" name="os.certainty" value="0.9"/>
229
243
  <param pos="0" name="os.cpe23" value="cpe:/o:apple:mac_os_x:10.6"/>
230
244
  </fingerprint>
245
+
231
246
  <fingerprint pattern="^.*processor=&quot;([^&quot;]+)&quot;.*system=&quot;BSD/OS([\d.]+)&quot;" flags="REG_DOT_NEWLINE,REG_ICASE">
232
247
  <description>BSD/OS with a version and arch</description>
233
248
  <example os.arch="i386" os.version="4.3.1">
@@ -238,6 +253,7 @@
238
253
  <param pos="1" name="os.arch"/>
239
254
  <param pos="2" name="os.version"/>
240
255
  </fingerprint>
256
+
241
257
  <fingerprint pattern="^.*system=&quot;BSD/OS&quot;" flags="REG_DOT_NEWLINE,REG_ICASE">
242
258
  <description>BSD/OS without a version or arch</description>
243
259
  <example>
@@ -246,6 +262,7 @@
246
262
  <param pos="0" name="os.vendor" value="Berkeley Software Design Inc."/>
247
263
  <param pos="0" name="os.product" value="BSD/OS"/>
248
264
  </fingerprint>
265
+
249
266
  <fingerprint pattern="^.*version=&quot;ntpd ([^ ]+)[^&quot;]+&quot;,.*processor=&quot;([^&quot;]+)&quot;,.*system=&quot;Darwin/?11\.([^&quot;]+)&quot;" flags="REG_DOT_NEWLINE,REG_ICASE">
250
267
  <description>ntpd running on Mac OSX 10.7/Lion</description>
251
268
  <example>
@@ -264,6 +281,7 @@
264
281
  <param pos="0" name="os.certainty" value="0.9"/>
265
282
  <param pos="0" name="os.cpe23" value="cpe:/o:apple:mac_os_x:10.7"/>
266
283
  </fingerprint>
284
+
267
285
  <fingerprint pattern="^.*version=&quot;ntpd ([^ ]+)[^&quot;]+&quot;,.*processor=&quot;([^&quot;]+)&quot;,.*system=&quot;Darwin/?12\.([^&quot;]+)&quot;" flags="REG_DOT_NEWLINE,REG_ICASE">
268
286
  <description>ntpd running on Mac OSX 10.8/Mountain Lion</description>
269
287
  <example service.version="4.2.6@1.2089-o" os.arch="x86_64" os.version.version="1.0">
@@ -282,6 +300,7 @@
282
300
  <param pos="0" name="os.certainty" value="0.9"/>
283
301
  <param pos="0" name="os.cpe23" value="cpe:/o:apple:mac_os_x:10.8"/>
284
302
  </fingerprint>
303
+
285
304
  <fingerprint pattern="^.*version=&quot;ntpd ([^ ]+)[^&quot;]+&quot;,.*processor=&quot;([^&quot;]+)&quot;,.*system=&quot;Darwin/?13\.([^&quot;]+)&quot;" flags="REG_DOT_NEWLINE,REG_ICASE">
286
305
  <description>ntpd running on Mac OSX 10.9/Mavericks</description>
287
306
  <example service.version="4.2.6@1.2089-o" os.arch="x86_64" os.version.version="4.0">
@@ -300,6 +319,7 @@
300
319
  <param pos="0" name="os.certainty" value="0.9"/>
301
320
  <param pos="0" name="os.cpe23" value="cpe:/o:apple:mac_os_x:10.9"/>
302
321
  </fingerprint>
322
+
303
323
  <fingerprint pattern="^.*version=&quot;ntpd ([^ ]+)[^&quot;]+&quot;,.*processor=&quot;([^&quot;]+)&quot;,.*system=&quot;Darwin/?14\.([^&quot;]+)&quot;" flags="REG_DOT_NEWLINE,REG_ICASE">
304
324
  <description>ntpd running on Mac OSX 10.10/Yosemite</description>
305
325
  <example service.version="4.2.6@1.2089-o" os.arch="x86_64" os.version.version="3.0">
@@ -318,6 +338,7 @@
318
338
  <param pos="0" name="os.certainty" value="0.9"/>
319
339
  <param pos="0" name="os.cpe23" value="cpe:/o:apple:mac_os_x:10.10"/>
320
340
  </fingerprint>
341
+
321
342
  <fingerprint pattern="^.*version=&quot;ntpd ([^ p]+)(:?p[^ &quot;]+)?[^&quot;]+&quot;,.*processor=&quot;([^ ]+)&quot;,.*system=&quot;FreeBSD/?(?:[^ ]+-NETSCALER-([^ ]+))&quot;" flags="REG_DOT_NEWLINE,REG_ICASE">
322
343
  <description>ntpd running on Citrix Netscaler, which is based on FreeBSD</description>
323
344
  <example service.version="4.2.6" service.version.version="p2@1.2194" os.arch="i386" os.version="9.3">
@@ -332,7 +353,7 @@
332
353
  <param pos="2" name="service.version.version"/>
333
354
  <param pos="0" name="service.vendor" value="NTP"/>
334
355
  <param pos="0" name="service.product" value="NTP"/>
335
- <param pos="0" name="service.cpe23" value="cpe:/a:ntp:ntp:{service.version}:{service.version.version}"/>
356
+ <param pos="0" name="service.cpe23" value="cpe:/a:ntp:ntp:{service.version}"/>
336
357
  <param pos="0" name="os.vendor" value="Citrix"/>
337
358
  <param pos="0" name="os.family" value="NetScaler"/>
338
359
  <param pos="0" name="os.device" value="Network Management Device"/>
@@ -340,6 +361,7 @@
340
361
  <param pos="3" name="os.arch"/>
341
362
  <param pos="4" name="os.version"/>
342
363
  </fingerprint>
364
+
343
365
  <fingerprint pattern="^.*version=&quot;ntpd ([^ ]+)[^&quot;]+&quot;,.*processor=&quot;([^ ]+)&quot;,.*system=&quot;FreeBSD/?([^ ]+)&quot;" flags="REG_DOT_NEWLINE,REG_ICASE">
344
366
  <description>ntpd running on FreeBSD</description>
345
367
  <example>
@@ -356,6 +378,7 @@
356
378
  <param pos="3" name="os.version"/>
357
379
  <param pos="0" name="os.cpe23" value="cpe:/o:freebsd:freebsd:{os.version}"/>
358
380
  </fingerprint>
381
+
359
382
  <fingerprint pattern="^.*processor=&quot;([^ ]+)&quot;,.*system=&quot;FreeBSD/?([^ ]+)&quot;" flags="REG_DOT_NEWLINE,REG_ICASE">
360
383
  <description>ntp without a version on FreeBSD</description>
361
384
  <example os.arch="i386" os.version="4.1-RELEASE">
@@ -371,6 +394,7 @@
371
394
  <param pos="2" name="os.version"/>
372
395
  <param pos="0" name="os.cpe23" value="cpe:/o:freebsd:freebsd:{os.version}"/>
373
396
  </fingerprint>
397
+
374
398
  <fingerprint pattern="^.*version=&quot;ntpd ([^ ]+)[^&quot;]+&quot;,.*processor=&quot;([^ ]+)&quot;,.*system=&quot;NetBSD/?([^ ]+)&quot;" flags="REG_DOT_NEWLINE,REG_ICASE">
375
399
  <description>ntpd running on NetBSD</description>
376
400
  <example>
@@ -387,6 +411,7 @@
387
411
  <param pos="3" name="os.version"/>
388
412
  <param pos="0" name="os.cpe23" value="cpe:/o:netbsd:netbsd:{os.version}"/>
389
413
  </fingerprint>
414
+
390
415
  <fingerprint pattern="^.*processor=&quot;([^ ]+)&quot;,.*system=&quot;NetBSD/?([^ ]+)&quot;" flags="REG_DOT_NEWLINE,REG_ICASE">
391
416
  <description>ntpd running on NetBSD - variant 2</description>
392
417
  <example os.arch="i386" os.version="1.5.3">
@@ -429,6 +454,7 @@
429
454
  <param pos="2" name="os.version"/>
430
455
  <param pos="0" name="os.cpe23" value="cpe:/o:netbsd:netbsd:{os.version}"/>
431
456
  </fingerprint>
457
+
432
458
  <fingerprint pattern="^.*system=&quot;NetWare&quot;" flags="REG_DOT_NEWLINE,REG_ICASE">
433
459
  <description>NetWare</description>
434
460
  <example>
@@ -439,6 +465,7 @@
439
465
  <param pos="0" name="os.product" value="NetWare"/>
440
466
  <param pos="0" name="os.cpe23" value="cpe:/o:novell:netware:-"/>
441
467
  </fingerprint>
468
+
442
469
  <fingerprint pattern="^.*version=&quot;ntpd ([^ ]+)[^&quot;]+&quot;,.*processor=&quot;([^ ]+)&quot;,.*system=&quot;SunOS/?5.0&quot;" flags="REG_DOT_NEWLINE,REG_ICASE">
443
470
  <description>ntpd running on Solaris 2.0 (SunOS/5.0) </description>
444
471
  <example service.version="4.2.0@1.1161-r" os.arch="sun4u">
@@ -459,6 +486,7 @@
459
486
  <param pos="2" name="os.arch"/>
460
487
  <param pos="0" name="os.cpe23" value="cpe:/o:sun:solaris:2.0"/>
461
488
  </fingerprint>
489
+
462
490
  <fingerprint pattern="^.*version=&quot;ntpd ([^ ]+)[^&quot;]+&quot;,.*processor=&quot;([^ ]+)&quot;,.*system=&quot;SunOS/?5.1&quot;" flags="REG_DOT_NEWLINE,REG_ICASE">
463
491
  <description> ntpd running on Solaris 2.1 (SunOS/5.1) </description>
464
492
  <example service.version="4.2.0@1.1161-r" os.arch="sun4u">
@@ -479,6 +507,7 @@
479
507
  <param pos="2" name="os.arch"/>
480
508
  <param pos="0" name="os.cpe23" value="cpe:/o:sun:solaris:2.1"/>
481
509
  </fingerprint>
510
+
482
511
  <fingerprint pattern="^.*version=&quot;ntpd ([^ ]+)[^&quot;]+&quot;,.*processor=&quot;([^ ]+)&quot;,.*system=&quot;SunOS/?5.2&quot;" flags="REG_DOT_NEWLINE,REG_ICASE">
483
512
  <description> ntpd running on Solaris 2.2 (SunOS/5.2) </description>
484
513
  <example service.version="4.2.0@1.1161-r" os.arch="sun4u">
@@ -499,6 +528,7 @@
499
528
  <param pos="2" name="os.arch"/>
500
529
  <param pos="0" name="os.cpe23" value="cpe:/o:sun:solaris:2.2"/>
501
530
  </fingerprint>
531
+
502
532
  <fingerprint pattern="^.*version=&quot;ntpd ([^ ]+)[^&quot;]+&quot;,.*processor=&quot;([^ ]+)&quot;,.*system=&quot;SunOS/?5.3&quot;" flags="REG_DOT_NEWLINE,REG_ICASE">
503
533
  <description> ntpd running on Solaris 2.3 (SunOS/5.3) </description>
504
534
  <example service.version="4.2.0@1.1161-r" os.arch="sun4u">
@@ -519,6 +549,7 @@
519
549
  <param pos="2" name="os.arch"/>
520
550
  <param pos="0" name="os.cpe23" value="cpe:/o:sun:solaris:2.3"/>
521
551
  </fingerprint>
552
+
522
553
  <fingerprint pattern="^.*version=&quot;ntpd ([^ ]+)[^&quot;]+&quot;,.*processor=&quot;([^ ]+)&quot;,.*system=&quot;SunOS/?5.4&quot;" flags="REG_DOT_NEWLINE,REG_ICASE">
523
554
  <description>ntpd running on Solaris 2.4 (SunOS/5.4) </description>
524
555
  <example service.version="4.2.0@1.1161-r" os.arch="sun4u">
@@ -539,6 +570,7 @@
539
570
  <param pos="2" name="os.arch"/>
540
571
  <param pos="0" name="os.cpe23" value="cpe:/o:sun:solaris:2.4"/>
541
572
  </fingerprint>
573
+
542
574
  <fingerprint pattern="^.*version=&quot;ntpd ([^ ]+)[^&quot;]+&quot;,.*processor=&quot;([^ ]+)&quot;,.*system=&quot;SunOS/?5.5&quot;" flags="REG_DOT_NEWLINE,REG_ICASE">
543
575
  <description>ntpd running on Solaris 2.5 (SunOS/5.5) </description>
544
576
  <example service.version="4.2.0@1.1161-r" os.arch="sun4u">
@@ -559,6 +591,7 @@
559
591
  <param pos="2" name="os.arch"/>
560
592
  <param pos="0" name="os.cpe23" value="cpe:/o:sun:solaris:2.5"/>
561
593
  </fingerprint>
594
+
562
595
  <fingerprint pattern="^.*version=&quot;ntpd ([^ ]+)[^&quot;]+&quot;,.*processor=&quot;([^ ]+)&quot;,.*system=&quot;SunOS/?5.6&quot;" flags="REG_DOT_NEWLINE,REG_ICASE">
563
596
  <description>ntpd running on Solaris 2.6 (SunOS/5.6) </description>
564
597
  <example service.version="4.2.0@1.1161-r" os.arch="sun4u">
@@ -579,6 +612,7 @@
579
612
  <param pos="2" name="os.arch"/>
580
613
  <param pos="0" name="os.cpe23" value="cpe:/o:sun:solaris:2.6"/>
581
614
  </fingerprint>
615
+
582
616
  <fingerprint pattern="^.*version=&quot;ntpd ([^ ]+)[^&quot;]+&quot;,.*processor=&quot;([^ ]+)&quot;,.*system=&quot;SunOS/?5.(1[1-9])&quot;" flags="REG_DOT_NEWLINE,REG_ICASE">
583
617
  <description>ntpd running on Solaris 11 or above (SunOS/5.11 and above) </description>
584
618
  <example service.version="4.2.0@1.1161-r" os.arch="sun4u" os.version="11">
@@ -599,6 +633,7 @@
599
633
  <param pos="3" name="os.version"/>
600
634
  <param pos="0" name="os.cpe23" value="cpe:/o:oracle:solaris:{os.version}"/>
601
635
  </fingerprint>
636
+
602
637
  <fingerprint pattern="^.*version=&quot;ntpd ([^ ]+)[^&quot;]+&quot;,.*processor=&quot;([^ ]+)&quot;,.*system=&quot;SunOS/?5.([789]|10)&quot;" flags="REG_DOT_NEWLINE,REG_ICASE">
603
638
  <description>ntpd running on Solaris 7-Solaris 10 (SunOS/5.7 - SunOS/5.10) </description>
604
639
  <example service.version="4.2.0@1.1161-r" os.arch="sun4u" os.version="7">
@@ -627,6 +662,7 @@
627
662
  <param pos="3" name="os.version"/>
628
663
  <param pos="0" name="os.cpe23" value="cpe:/o:sun:solaris:{os.version}"/>
629
664
  </fingerprint>
665
+
630
666
  <fingerprint pattern="^.*processor=&quot;([^ ]+)&quot;,.*system=&quot;SunOS/?5.0&quot;" flags="REG_DOT_NEWLINE,REG_ICASE">
631
667
  <description>Solaris 2.0 (SunOS/5.0) with no ntp version</description>
632
668
  <example os.arch="sun4m">
@@ -642,6 +678,7 @@
642
678
  <param pos="1" name="os.arch"/>
643
679
  <param pos="0" name="os.cpe23" value="cpe:/o:sun:solaris:2.0"/>
644
680
  </fingerprint>
681
+
645
682
  <fingerprint pattern="^.*processor=&quot;([^ ]+)&quot;,.*system=&quot;SunOS/?5.1&quot;" flags="REG_DOT_NEWLINE,REG_ICASE">
646
683
  <description>Solaris 2.1 (SunOS/5.1) with no ntp version</description>
647
684
  <example os.arch="sun4m">
@@ -657,6 +694,7 @@
657
694
  <param pos="1" name="os.arch"/>
658
695
  <param pos="0" name="os.cpe23" value="cpe:/o:sun:solaris:2.1"/>
659
696
  </fingerprint>
697
+
660
698
  <fingerprint pattern="^.*processor=&quot;([^ ]+)&quot;,.*system=&quot;SunOS/?5.2&quot;" flags="REG_DOT_NEWLINE,REG_ICASE">
661
699
  <description>Solaris 2.2 (SunOS/5.2) with no ntp version</description>
662
700
  <example os.arch="sun4m">
@@ -672,6 +710,7 @@
672
710
  <param pos="1" name="os.arch"/>
673
711
  <param pos="0" name="os.cpe23" value="cpe:/o:sun:solaris:2.2"/>
674
712
  </fingerprint>
713
+
675
714
  <fingerprint pattern="^.*processor=&quot;([^ ]+)&quot;,.*system=&quot;SunOS/?5.3&quot;" flags="REG_DOT_NEWLINE,REG_ICASE">
676
715
  <description>Solaris 2.3 (SunOS/5.3) with no ntp version</description>
677
716
  <example os.arch="sun4m">
@@ -687,6 +726,7 @@
687
726
  <param pos="1" name="os.arch"/>
688
727
  <param pos="0" name="os.cpe23" value="cpe:/o:sun:solaris:2.3"/>
689
728
  </fingerprint>
729
+
690
730
  <fingerprint pattern="^.*processor=&quot;([^ ]+)&quot;,.*system=&quot;SunOS/?5.4&quot;" flags="REG_DOT_NEWLINE,REG_ICASE">
691
731
  <description>Solaris 2.4 (SunOS/5.4) with no ntp version</description>
692
732
  <example os.arch="sun4m">
@@ -702,6 +742,7 @@
702
742
  <param pos="1" name="os.arch"/>
703
743
  <param pos="0" name="os.cpe23" value="cpe:/o:sun:solaris:2.4"/>
704
744
  </fingerprint>
745
+
705
746
  <fingerprint pattern="^.*processor=&quot;([^ ]+)&quot;,.*system=&quot;SunOS/?5.5&quot;" flags="REG_DOT_NEWLINE,REG_ICASE">
706
747
  <description>Solaris 2.5 (SunOS/5.5) with no ntp version</description>
707
748
  <example os.arch="sun4m">
@@ -717,6 +758,7 @@
717
758
  <param pos="1" name="os.arch"/>
718
759
  <param pos="0" name="os.cpe23" value="cpe:/o:sun:solaris:2.5"/>
719
760
  </fingerprint>
761
+
720
762
  <fingerprint pattern="^.*processor=&quot;([^ ]+)&quot;,.*system=&quot;SunOS/?5.6&quot;" flags="REG_DOT_NEWLINE,REG_ICASE">
721
763
  <description>Solaris 2.6 (SunOS/5.6) with no ntp version</description>
722
764
  <example os.arch="sun4m">
@@ -732,6 +774,7 @@
732
774
  <param pos="1" name="os.arch"/>
733
775
  <param pos="0" name="os.cpe23" value="cpe:/o:sun:solaris:2.6"/>
734
776
  </fingerprint>
777
+
735
778
  <fingerprint pattern="^.*processor=&quot;([^ ]+)&quot;,.*system=&quot;SunOS/?5.([789]|10)&quot;" flags="REG_DOT_NEWLINE,REG_ICASE">
736
779
  <description>Solaris 7-10 (SunOS/5.7 - SunOS/5.10) with no ntp version</description>
737
780
  <example os.arch="sun4m" os.version="7">
@@ -753,6 +796,7 @@
753
796
  <param pos="2" name="os.version"/>
754
797
  <param pos="0" name="os.cpe23" value="cpe:/o:sun:solaris:{os.version}"/>
755
798
  </fingerprint>
799
+
756
800
  <fingerprint pattern="^.*processor=&quot;([^ ]+)&quot;,.*system=&quot;SunOS/?5.(1[1-9])&quot;" flags="REG_DOT_NEWLINE,REG_ICASE">
757
801
  <description>Solaris 11 and up with no ntp version</description>
758
802
  <example os.arch="sun4m" os.version="11">
@@ -768,6 +812,7 @@
768
812
  <param pos="2" name="os.version"/>
769
813
  <param pos="0" name="os.cpe23" value="cpe:/o:oracle:solaris:{os.version}"/>
770
814
  </fingerprint>
815
+
771
816
  <fingerprint pattern="^.*system=&quot;UNIX/SunOS ([^ ]+)&quot;" flags="REG_DOT_NEWLINE,REG_ICASE">
772
817
  <description>SunOS with no ntp version</description>
773
818
  <example>
@@ -779,6 +824,7 @@
779
824
  <param pos="1" name="os.version"/>
780
825
  <param pos="0" name="os.cpe23" value="cpe:/o:sun:solaris:{os.version}"/>
781
826
  </fingerprint>
827
+
782
828
  <fingerprint pattern="^.*version=&quot;ntpd ([^ ]+)[^&quot;]+&quot;,.*processor=&quot;([^ ]+)&quot;,.*system=&quot;JUNOS/?([^ ]+)&quot;" flags="REG_DOT_NEWLINE,REG_ICASE">
783
829
  <description>ntpd running on Juniper/Netscreen JunOS</description>
784
830
  <example>
@@ -795,6 +841,7 @@
795
841
  <param pos="3" name="os.version"/>
796
842
  <param pos="0" name="os.cpe23" value="cpe:/o:juniper:junos:{os.version}"/>
797
843
  </fingerprint>
844
+
798
845
  <fingerprint pattern="processor=&quot;([^ ]+)&quot;,.*system=&quot;JUNOS/?([^ ]+)&quot;" flags="REG_DOT_NEWLINE,REG_ICASE">
799
846
  <description>Juniper/Netscreen JunOS NTP without a version</description>
800
847
  <example os.arch="i386" os.version="7.0R2.7">processor="i386", system="JUNOS7.0R2.7", leap=0, stratum=3</example>
@@ -807,6 +854,7 @@
807
854
  <param pos="2" name="os.version"/>
808
855
  <param pos="0" name="os.cpe23" value="cpe:/o:juniper:junos:{os.version}"/>
809
856
  </fingerprint>
857
+
810
858
  <fingerprint pattern="^.*version=&quot;ntpd ([^ ]+)[^&quot;]+&quot;,.*processor=&quot;([^ ]+)&quot;,.*system=&quot;Windows/?([^ ]+)?&quot;" flags="REG_DOT_NEWLINE,REG_ICASE">
811
859
  <description>ntpd running on Windows</description>
812
860
  <example>
@@ -827,6 +875,7 @@
827
875
  <param pos="3" name="os.version"/>
828
876
  <param pos="0" name="os.cpe23" value="cpe:/o:microsoft:windows:{os.version}"/>
829
877
  </fingerprint>
878
+
830
879
  <fingerprint pattern="^.*version=&quot;ntpd ([^ ]+)[^&quot;]+&quot;,.*processor=&quot;([^ ]+)&quot;,.*system=&quot;HP-UX/?([^ ]+)?&quot;" flags="REG_DOT_NEWLINE,REG_ICASE">
831
880
  <description>ntpd running on HP-UX</description>
832
881
  <example>
@@ -843,6 +892,7 @@
843
892
  <param pos="3" name="os.version"/>
844
893
  <param pos="0" name="os.cpe23" value="cpe:/o:hp:hp-ux:{os.version}"/>
845
894
  </fingerprint>
895
+
846
896
  <fingerprint pattern="^.*version=&quot;ntpd ([^ ]+)[^&quot;]+&quot;,.*processor=,.*system=&quot;HP-UX/&quot;" flags="REG_DOT_NEWLINE,REG_ICASE">
847
897
  <description>ntpd running on HP-UX with an empty processor</description>
848
898
  <example service.version="4.2.6">
@@ -857,6 +907,7 @@
857
907
  <param pos="0" name="os.product" value="HP-UX"/>
858
908
  <param pos="0" name="os.cpe23" value="cpe:/o:hp:hp-ux:-"/>
859
909
  </fingerprint>
910
+
860
911
  <fingerprint pattern="^.*version=&quot;ntpd ([^ ]+)[^&quot;]+&quot;,.*processor=&quot;[^ ]+&quot;,.*system=&quot;([^ ]+)-hp-hpux([^ ]+)&quot;" flags="REG_DOT_NEWLINE,REG_ICASE">
861
912
  <description>ntpd running on HP-UX, where the processor is in the 'system' variable</description>
862
913
  <example>
@@ -873,6 +924,7 @@
873
924
  <param pos="3" name="os.version"/>
874
925
  <param pos="0" name="os.cpe23" value="cpe:/o:hp:hp-ux:{os.version}"/>
875
926
  </fingerprint>
927
+
876
928
  <fingerprint pattern="^.*version=&quot;ntpd ([^ ]+)[^&quot;]+&quot;,.*processor=&quot;([^ ]+)&quot;,.*system=&quot;VMkernel/?([^ ]+)?&quot;" flags="REG_DOT_NEWLINE,REG_ICASE">
877
929
  <description>ntpd running on VMware ESXi</description>
878
930
  <example>
@@ -889,6 +941,7 @@
889
941
  <param pos="3" name="os.version"/>
890
942
  <param pos="0" name="os.cpe23" value="cpe:/o:vmware:esxi:{os.version}"/>
891
943
  </fingerprint>
944
+
892
945
  <fingerprint pattern=".*processor=&quot;([^ ]+)&quot;,.*system=&quot;OSF1[/V]?([^ ]+)&quot;" flags="REG_DOT_NEWLINE,REG_ICASE">
893
946
  <description>ntpd running on OSF/1</description>
894
947
  <example os.arch="alpha" os.version="4.0">
@@ -901,6 +954,7 @@
901
954
  <param pos="2" name="os.version"/>
902
955
  <param pos="1" name="os.arch"/>
903
956
  </fingerprint>
957
+
904
958
  <fingerprint pattern=".*system=&quot;UNIX/DECOSF1&quot;" flags="REG_DOT_NEWLINE,REG_ICASE">
905
959
  <description>DEC OSF/1</description>
906
960
  <example>
@@ -909,6 +963,7 @@
909
963
  <param pos="0" name="os.vendor" value="DEC"/>
910
964
  <param pos="0" name="os.product" value="OSF/1"/>
911
965
  </fingerprint>
966
+
912
967
  <fingerprint pattern="^.*system=&quot;Linux&quot;" flags="REG_DOT_NEWLINE,REG_ICASE">
913
968
  <description>Linux with NTP enabled, no processor/version</description>
914
969
  <example>
@@ -921,6 +976,7 @@
921
976
  <param pos="0" name="service.family" value="NTP"/>
922
977
  <param pos="0" name="service.product" value="NTP"/>
923
978
  </fingerprint>
979
+
924
980
  <fingerprint pattern="^.*system=&quot;UNIX/AIX&quot;" flags="REG_DOT_NEWLINE,REG_ICASE">
925
981
  <description>AIX with NTP enabled, no processor/version</description>
926
982
  <example>
@@ -934,6 +990,7 @@
934
990
  <param pos="0" name="service.product" value="NTP"/>
935
991
  <param pos="0" name="service.vendor" value="IBM"/>
936
992
  </fingerprint>
993
+
937
994
  <fingerprint pattern="^.*system=&quot;SunOS&quot;" flags="REG_DOT_NEWLINE,REG_ICASE">
938
995
  <description>Solaris with NTP enabled, no processor/version</description>
939
996
  <example>
@@ -947,6 +1004,7 @@
947
1004
  <param pos="0" name="service.product" value="NTP"/>
948
1005
  <param pos="0" name="service.vendor" value="Sun"/>
949
1006
  </fingerprint>
1007
+
950
1008
  <fingerprint pattern="^.*system=&quot;cisco&quot;" flags="REG_DOT_NEWLINE,REG_ICASE">
951
1009
  <description>Cisco IOS with NTP enabled</description>
952
1010
  <example>
@@ -960,6 +1018,7 @@
960
1018
  <param pos="0" name="service.product" value="NTP"/>
961
1019
  <param pos="0" name="service.vendor" value="Cisco"/>
962
1020
  </fingerprint>
1021
+
963
1022
  <fingerprint pattern="^.*system=&quot;Data ONTAP/+(\S+)&quot;.*$" flags="REG_DOT_NEWLINE,REG_ICASE">
964
1023
  <description>NetApp file servers</description>
965
1024
  <example>
@@ -972,6 +1031,7 @@
972
1031
  <param pos="1" name="os.version"/>
973
1032
  <param pos="0" name="os.cpe23" value="cpe:/o:netapp:data_ontap:{os.version}"/>
974
1033
  </fingerprint>
1034
+
975
1035
  <fingerprint pattern="system=&quot;UNIX/HPUX&quot;" flags="REG_ICASE">
976
1036
  <description>Generic HPUX</description>
977
1037
  <example>
@@ -985,6 +1045,7 @@
985
1045
  <param pos="0" name="os.product" value="HP-UX"/>
986
1046
  <param pos="0" name="os.cpe23" value="cpe:/o:hp:hp-ux:-"/>
987
1047
  </fingerprint>
1048
+
988
1049
  <fingerprint pattern="system=&quot;UNIX&quot;" flags="REG_ICASE">
989
1050
  <description>Generic UNIX</description>
990
1051
  <example>
@@ -994,6 +1055,7 @@
994
1055
  <param pos="0" name="os.product" value="UNIX"/>
995
1056
  <param pos="0" name="os.certainty" value="0.5"/>
996
1057
  </fingerprint>
1058
+
997
1059
  <fingerprint pattern="system=&quot;VxWorks(?:/TORNADO)?&quot;" flags="REG_ICASE">
998
1060
  <description>Generic VxWorks</description>
999
1061
  <example>
@@ -1009,6 +1071,7 @@
1009
1071
  <param pos="0" name="os.product" value="VxWorks"/>
1010
1072
  <param pos="0" name="os.cpe23" value="cpe:/o:windriver:vxworks:-"/>
1011
1073
  </fingerprint>
1074
+
1012
1075
  <fingerprint pattern="system=&quot;arm-wrs-vxworks&quot;" flags="REG_ICASE">
1013
1076
  <description>VxWorks ARM, cross-compiled on Linux</description>
1014
1077
  <example>
@@ -1019,6 +1082,7 @@
1019
1082
  <param pos="0" name="os.arch" value="ARM"/>
1020
1083
  <param pos="0" name="os.cpe23" value="cpe:/o:windriver:vxworks:-"/>
1021
1084
  </fingerprint>
1085
+
1022
1086
  <fingerprint pattern="system=&quot;i386-wrs-vxworks&quot;" flags="REG_ICASE">
1023
1087
  <description>VxWorks x86, cross-compiled on Linux</description>
1024
1088
  <example>
@@ -1029,6 +1093,7 @@
1029
1093
  <param pos="0" name="os.arch" value="x86"/>
1030
1094
  <param pos="0" name="os.cpe23" value="cpe:/o:windriver:vxworks:-"/>
1031
1095
  </fingerprint>
1096
+
1032
1097
  <fingerprint pattern="system=&quot;UNIX/Unixware([^ ]+)&quot;" flags="REG_ICASE">
1033
1098
  <description>SCO Unixware NTP</description>
1034
1099
  <example>
@@ -1041,6 +1106,7 @@
1041
1106
  <param pos="0" name="os.vendor" value="SCO"/>
1042
1107
  <param pos="1" name="os.product"/>
1043
1108
  </fingerprint>
1109
+
1044
1110
  <fingerprint pattern="^.*processor=&quot;([^&quot;]+)&quot;, system=&quot;SCO_SV([\d\.]+)&quot;" flags="REG_DOT_NEWLINE,REG_ICASE">
1045
1111
  <description>SCO Unixware NTP - SCO_SV variant</description>
1046
1112
  <example os.version="3.2" os.arch="i386">
@@ -1051,6 +1117,7 @@
1051
1117
  <param pos="1" name="os.arch"/>
1052
1118
  <param pos="2" name="os.version"/>
1053
1119
  </fingerprint>
1120
+
1054
1121
  <fingerprint pattern="^.*version=&quot;ntpd ([^ ]+)[^&quot;]+&quot;,.*\s*processor=&quot;([^ ]+)&quot;,.*system=&quot;SecureOS/([^ ]+)&quot;" flags="REG_DOT_NEWLINE,REG_ICASE">
1055
1122
  <description>McAfee Network Firewall Enterprise NTP (SecureOS)</description>
1056
1123
  <example>
@@ -1077,6 +1144,7 @@
1077
1144
  <param pos="2" name="os.arch"/>
1078
1145
  <param pos="3" name="os.version"/>
1079
1146
  </fingerprint>
1147
+
1080
1148
  <fingerprint pattern="^.*processor=&quot;([^ ]+)&quot;.*system=&quot;Linux([^ ]+)&quot;" flags="REG_DOT_NEWLINE,REG_ICASE">
1081
1149
  <description>ntpd running on linux</description>
1082
1150
  <example>
@@ -1103,6 +1171,7 @@
1103
1171
  <param pos="2" name="os.version"/>
1104
1172
  <param pos="0" name="os.cpe23" value="cpe:/o:linux:linux_kernel:{os.version}"/>
1105
1173
  </fingerprint>
1174
+
1106
1175
  <fingerprint pattern=".*version=&quot;ntpd (\S+)[^&quot;]+&quot;,.*\s*processor=&quot;([^ ]+)&quot;.*system=&quot;Isilon OneFS/v([^ ]+)&quot;" flags="REG_DOT_NEWLINE,REG_ICASE">
1107
1176
  <description>Isilon OneFS NTP Server</description>
1108
1177
  <example>
@@ -1121,6 +1190,7 @@
1121
1190
  <param pos="2" name="os.arch"/>
1122
1191
  <param pos="3" name="os.version"/>
1123
1192
  </fingerprint>
1193
+
1124
1194
  <fingerprint pattern="system=&quot;IPSO&quot;" flags="REG_DOT_NEWLINE,REG_ICASE">
1125
1195
  <description>Nokia IPSO NTP</description>
1126
1196
  <example>
@@ -1141,6 +1211,7 @@
1141
1211
  <param pos="0" name="os.device" value="Firewall"/>
1142
1212
  <param pos="0" name="os.cpe23" value="cpe:/o:nokia:ipso:-"/>
1143
1213
  </fingerprint>
1214
+
1144
1215
  <fingerprint pattern="system=&quot;UNIX/Solaris\s[^ ]+&quot;" flags="REG_DOT_NEWLINE,REG_ICASE">
1145
1216
  <description>Sun Solaris NTP</description>
1146
1217
  <example>
@@ -1163,6 +1234,7 @@
1163
1234
  <param pos="0" name="service.product" value="NTP"/>
1164
1235
  <param pos="0" name="service.vendor" value="Sun"/>
1165
1236
  </fingerprint>
1237
+
1166
1238
  <fingerprint pattern="version=&quot;ntpd version = ([^ ]+)&quot;,\s*processor=&quot;([A-Z0-9]+)&quot;,\s*system=&quot;OpenVMS/V([A-Z0-9.-]+)" flags="REG_DOT_NEWLINE,REG_ICASE">
1167
1239
  <description>OpenVMS NTP Server</description>
1168
1240
  <example service.version="4.2.0" os.arch="PHMNFP" os.version="8.3">
@@ -1189,6 +1261,7 @@
1189
1261
  <param pos="3" name="os.version"/>
1190
1262
  <param pos="0" name="os.cpe23" value="cpe:/o:hp:openvms:{os.version}"/>
1191
1263
  </fingerprint>
1264
+
1192
1265
  <fingerprint pattern="version=&quot;ntpd version = ([^ ]+)&quot;,\s*processor=&quot;unknown&quot;,\s*system=&quot;OpenVMS AXP&quot;" flags="REG_DOT_NEWLINE,REG_ICASE">
1193
1266
  <description>OpenVMS AXP (Alpha) NTP Server</description>
1194
1267
  <example service.version="4.1.0" os.arch="Alpha">
@@ -1201,6 +1274,7 @@
1201
1274
  <param pos="0" name="os.product" value="OpenVMS"/>
1202
1275
  <param pos="0" name="os.arch" value="Alpha"/>
1203
1276
  </fingerprint>
1277
+
1204
1278
  <fingerprint pattern=".*version=&quot;ntpd ([^ ]+)[^&quot;]+&quot;,\s*processor=&quot;([^ ]+)&quot;,\s*system=&quot;BIG-IPBIG-IP\s+([^&quot;]+)&quot;" flags="REG_DOT_NEWLINE,REG_ICASE">
1205
1279
  <description>F5 Big-IP Load Balancers NTP</description>
1206
1280
  <example service.version="4.1.1a@1.791" os.arch="i386" os.version="4.5PTF-0">
@@ -1219,6 +1293,7 @@
1219
1293
  <param pos="2" name="os.arch"/>
1220
1294
  <param pos="3" name="os.version"/>
1221
1295
  </fingerprint>
1296
+
1222
1297
  <fingerprint pattern=".*version=&quot;ntpd ([^ ]+)[^&quot;]+&quot;,\s*processor,\s*system=&quot;/&quot;" flags="REG_DOT_NEWLINE,REG_ICASE">
1223
1298
  <description>NTP on an unknown system</description>
1224
1299
  <example service.version="4.2.6p2-RC4@1.2180-o">
@@ -1228,4 +1303,5 @@
1228
1303
  <param pos="0" name="service.product" value="NTP"/>
1229
1304
  <param pos="1" name="service.version"/>
1230
1305
  </fingerprint>
1231
- </fingerprints>
1306
+
1307
+ </fingerprints>