recog 2.3.8 → 2.3.9
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/.gitignore +6 -0
- data/CONTRIBUTING.md +136 -37
- data/README.md +18 -16
- data/bin/recog_cleanup +16 -0
- data/bin/recog_standardize +30 -6
- data/identifiers/README.md +9 -0
- data/identifiers/hw_device.txt +77 -0
- data/identifiers/hw_family.txt +96 -0
- data/identifiers/hw_product.txt +328 -0
- data/identifiers/os_architecture.txt +6 -6
- data/identifiers/os_device.txt +45 -3
- data/identifiers/os_family.txt +206 -41
- data/identifiers/os_product.txt +238 -17
- data/identifiers/service_family.txt +144 -57
- data/identifiers/service_product.txt +384 -83
- data/identifiers/vendor.txt +553 -68
- data/lib/recog/version.rb +1 -1
- data/requirements.txt +1 -1
- data/xml/apache_modules.xml +292 -5
- data/xml/apache_os.xml +41 -2
- data/xml/architecture.xml +11 -3
- data/xml/dns_versionbind.xml +76 -8
- data/xml/favicons.xml +1700 -0
- data/xml/ftp_banners.xml +178 -8
- data/xml/h323_callresp.xml +112 -12
- data/xml/hp_pjl_id.xml +47 -5
- data/xml/html_title.xml +1258 -25
- data/xml/http_cookies.xml +64 -9
- data/xml/http_servers.xml +667 -37
- data/xml/http_wwwauth.xml +141 -26
- data/xml/imap_banners.xml +19 -13
- data/xml/ldap_searchresult.xml +81 -9
- data/xml/mdns_device-info_txt.xml +175 -2
- data/xml/mdns_workstation_txt.xml +4 -2
- data/xml/mysql_banners.xml +134 -7
- data/xml/mysql_error.xml +113 -6
- data/xml/nntp_banners.xml +10 -2
- data/xml/ntp_banners.xml +80 -4
- data/xml/operating_system.xml +89 -3
- data/xml/pop_banners.xml +30 -31
- data/xml/rsh_resp.xml +11 -2
- data/xml/rtsp_servers.xml +22 -2
- data/xml/sip_banners.xml +35 -4
- data/xml/sip_user_agents.xml +29 -2
- data/xml/smb_native_lm.xml +10 -2
- data/xml/smb_native_os.xml +79 -2
- data/xml/smtp_banners.xml +146 -7
- data/xml/smtp_debug.xml +6 -4
- data/xml/smtp_ehlo.xml +7 -5
- data/xml/smtp_expn.xml +13 -4
- data/xml/smtp_help.xml +23 -4
- data/xml/smtp_mailfrom.xml +5 -2
- data/xml/smtp_noop.xml +6 -5
- data/xml/smtp_quit.xml +5 -4
- data/xml/smtp_rcptto.xml +5 -2
- data/xml/smtp_rset.xml +4 -4
- data/xml/smtp_turn.xml +4 -4
- data/xml/smtp_vrfy.xml +14 -4
- data/xml/snmp_sysdescr.xml +731 -24
- data/xml/snmp_sysobjid.xml +47 -2
- data/xml/ssh_banners.xml +175 -5
- data/xml/telnet_banners.xml +266 -15
- data/xml/x11_banners.xml +26 -3
- data/xml/x509_issuers.xml +30 -6
- data/xml/x509_subjects.xml +200 -31
- metadata +8 -2
data/xml/nntp_banners.xml
CHANGED
|
@@ -1,9 +1,10 @@
|
|
|
1
|
-
<?xml version=
|
|
1
|
+
<?xml version='1.0' encoding='UTF-8'?>
|
|
2
2
|
<fingerprints matches="nntp.banner" protocol="nntp" database_type="service">
|
|
3
3
|
<!--
|
|
4
4
|
NNTP greeting messages (part of the banner after the response code) are matched
|
|
5
5
|
against these patterns to fingerprint NNTP servers.
|
|
6
6
|
-->
|
|
7
|
+
|
|
7
8
|
<fingerprint pattern="CCProxy NNTP Service$">
|
|
8
9
|
<description>Youngzsoft CCProxy NNTP with no version</description>
|
|
9
10
|
<example>CCProxy NNTP Service</example>
|
|
@@ -11,6 +12,7 @@
|
|
|
11
12
|
<param pos="0" name="service.family" value="CCProxy"/>
|
|
12
13
|
<param pos="0" name="service.product" value="CCProxy"/>
|
|
13
14
|
</fingerprint>
|
|
15
|
+
|
|
14
16
|
<fingerprint pattern="^(\S+) Lyris ListManager NNTP Service ready">
|
|
15
17
|
<description>Lyris Listmanager</description>
|
|
16
18
|
<example host.name="blah">blah Lyris ListManager NNTP Service ready (posting ok).</example>
|
|
@@ -19,6 +21,7 @@
|
|
|
19
21
|
<param pos="0" name="service.product" value="ListManager"/>
|
|
20
22
|
<param pos="1" name="host.name"/>
|
|
21
23
|
</fingerprint>
|
|
24
|
+
|
|
22
25
|
<fingerprint pattern="^NNTP Service (?:.*) Version: (5.0.2195.[0-9]+) .*$">
|
|
23
26
|
<description>Microsoft IIS NNTP Server on Windows 2000</description>
|
|
24
27
|
<example>NNTP Service 5.00.0984 Version: 5.0.2195.7034 Posting Allowed</example>
|
|
@@ -34,6 +37,7 @@
|
|
|
34
37
|
<param pos="0" name="os.cpe23" value="cpe:/o:microsoft:windows_2000:-"/>
|
|
35
38
|
<param pos="1" name="ms.nttp.version"/>
|
|
36
39
|
</fingerprint>
|
|
40
|
+
|
|
37
41
|
<fingerprint pattern="^NNTP Service (?:.*) Version: (6.0.3790.[0-9]+) .*$">
|
|
38
42
|
<description>Microsoft IIS NNTP Server on Windows Server 2003</description>
|
|
39
43
|
<example>NNTP Service 6.0.3790.3959 Version: 6.0.3790.3959 Posting Allowed</example>
|
|
@@ -49,6 +53,7 @@
|
|
|
49
53
|
<param pos="0" name="os.cpe23" value="cpe:/o:microsoft:windows_server_2003:-"/>
|
|
50
54
|
<param pos="1" name="ms.nttp.version"/>
|
|
51
55
|
</fingerprint>
|
|
56
|
+
|
|
52
57
|
<fingerprint pattern="^NNTP Service Microsoft. Internet Services (?:.*) Version: (?:[^ ]+) .*$">
|
|
53
58
|
<description>Older Microsoft IIS NNTP Servers</description>
|
|
54
59
|
<example>NNTP Service Microsoft. Internet Services 5.00 Version: 5.0.2068.0 Posting Allowed</example>
|
|
@@ -63,6 +68,7 @@
|
|
|
63
68
|
<param pos="0" name="os.product" value="Windows"/>
|
|
64
69
|
<param pos="0" name="os.cpe23" value="cpe:/o:microsoft:windows:-"/>
|
|
65
70
|
</fingerprint>
|
|
71
|
+
|
|
66
72
|
<fingerprint pattern="^Kerio (?:Connect|MailServer)\s+(\d\.[\d.]+)\s+(?:(?:patch|RC) (\d)\s+)?NNTP server ready$">
|
|
67
73
|
<description>Kerio Connect NNTP</description>
|
|
68
74
|
<example service.version="9.2.3">Kerio Connect 9.2.3 NNTP server ready</example>
|
|
@@ -74,9 +80,11 @@
|
|
|
74
80
|
<param pos="1" name="service.version"/>
|
|
75
81
|
<param pos="2" name="service.version.version"/>
|
|
76
82
|
</fingerprint>
|
|
83
|
+
|
|
77
84
|
<fingerprint pattern="^NNTP server ready(?: \(no posting\))?$">
|
|
78
85
|
<description>Non-specific NNTP</description>
|
|
79
86
|
<example>NNTP server ready (no posting)</example>
|
|
80
87
|
<example>NNTP server ready</example>
|
|
81
88
|
</fingerprint>
|
|
82
|
-
|
|
89
|
+
|
|
90
|
+
</fingerprints>
|
data/xml/ntp_banners.xml
CHANGED
|
@@ -1,8 +1,9 @@
|
|
|
1
|
-
<?xml version=
|
|
1
|
+
<?xml version='1.0' encoding='UTF-8'?>
|
|
2
2
|
<fingerprints matches="ntp.readvar" protocol="ntp" database_type="service" preference="0.80">
|
|
3
3
|
<!--
|
|
4
4
|
NTP "banners", taken from a readvar response
|
|
5
5
|
-->
|
|
6
|
+
|
|
6
7
|
<fingerprint pattern="^.*version=Domain Time II (\S+),hostname=([^,]+),.*system=Win2003.*,processor=(\S+)" flags="REG_DOT_NEWLINE,REG_ICASE">
|
|
7
8
|
<description>Greyware Automation Products, Inc. Domain Time II on Windows Server 2003</description>
|
|
8
9
|
<example service.version="5.1.b.20100331R" os.arch="x64" host.name="blah">
|
|
@@ -21,6 +22,7 @@
|
|
|
21
22
|
<param pos="3" name="os.arch"/>
|
|
22
23
|
<param pos="0" name="os.cpe23" value="cpe:/o:microsoft:windows_server_2003:-"/>
|
|
23
24
|
</fingerprint>
|
|
25
|
+
|
|
24
26
|
<fingerprint pattern="^.*version=Domain Time II (\S+),hostname=([^,]+),.*system=Win2008R2.*,processor=(\S+)" flags="REG_DOT_NEWLINE,REG_ICASE">
|
|
25
27
|
<description>Greyware Automation Products, Inc. Domain Time II on Windows Server 2008 R2</description>
|
|
26
28
|
<example service.version="5.2.b.20120215R" os.arch="x64" host.name="blah">
|
|
@@ -32,10 +34,11 @@
|
|
|
32
34
|
<param pos="2" name="host.name"/>
|
|
33
35
|
<param pos="0" name="os.vendor" value="Microsoft"/>
|
|
34
36
|
<param pos="0" name="os.family" value="Windows"/>
|
|
35
|
-
<param pos="0" name="os.product" value="Windows 2008 R2"/>
|
|
37
|
+
<param pos="0" name="os.product" value="Windows Server 2008 R2"/>
|
|
36
38
|
<param pos="3" name="os.arch"/>
|
|
37
39
|
<param pos="0" name="os.cpe23" value="cpe:/o:microsoft:windows_server_2008:-"/>
|
|
38
40
|
</fingerprint>
|
|
41
|
+
|
|
39
42
|
<fingerprint pattern="^.*version=Domain Time II (\S+),hostname=([^,]+),.*system=Win2008.*,processor=(\S+)" flags="REG_DOT_NEWLINE,REG_ICASE">
|
|
40
43
|
<description>Greyware Automation Products, Inc. Domain Time II on Windows 2008</description>
|
|
41
44
|
<example service.version="5.2.b.20140303R" os.arch="x86" host.name="blah">
|
|
@@ -54,6 +57,7 @@
|
|
|
54
57
|
<param pos="3" name="os.arch"/>
|
|
55
58
|
<param pos="0" name="os.cpe23" value="cpe:/o:microsoft:windows_server_2008:-"/>
|
|
56
59
|
</fingerprint>
|
|
60
|
+
|
|
57
61
|
<fingerprint pattern="^.*version=Domain Time II (\S+),hostname=([^,]+),.*system=Win2012.*,processor=(\S+)" flags="REG_DOT_NEWLINE,REG_ICASE">
|
|
58
62
|
<description>Greyware Automation Products, Inc. Domain Time II on Windows Server 2012</description>
|
|
59
63
|
<example service.version="5.2.b.20140101R" os.arch="x64" host.name="blah">
|
|
@@ -69,6 +73,7 @@
|
|
|
69
73
|
<param pos="3" name="os.arch"/>
|
|
70
74
|
<param pos="0" name="os.cpe23" value="cpe:/o:microsoft:windows_server_2012:-"/>
|
|
71
75
|
</fingerprint>
|
|
76
|
+
|
|
72
77
|
<fingerprint pattern="^.*version=Domain Time II (\S+),hostname=([^,]+),.*system=Win7.*,processor=(\S+)" flags="REG_DOT_NEWLINE,REG_ICASE">
|
|
73
78
|
<description>Greyware Automation Products, Inc. Domain Time II on Windows 7</description>
|
|
74
79
|
<example service.version="5.2.b.20130405R" os.arch="x64" host.name="blah">
|
|
@@ -84,6 +89,7 @@
|
|
|
84
89
|
<param pos="3" name="os.arch"/>
|
|
85
90
|
<param pos="0" name="os.cpe23" value="cpe:/o:microsoft:windows_7:-"/>
|
|
86
91
|
</fingerprint>
|
|
92
|
+
|
|
87
93
|
<fingerprint pattern="^.*version="ntpd (\S+)[^"]+",.*system="Equallogic \(R\) storage array"" flags="REG_DOT_NEWLINE,REG_ICASE">
|
|
88
94
|
<description>ntpd running on an EqualLogic Storage Array that includes the NTP version</description>
|
|
89
95
|
<example>
|
|
@@ -100,6 +106,7 @@
|
|
|
100
106
|
<param pos="0" name="os.vendor" value="EqualLogic"/>
|
|
101
107
|
<param pos="0" name="os.product" value="Storage Array"/>
|
|
102
108
|
</fingerprint>
|
|
109
|
+
|
|
103
110
|
<fingerprint pattern="^.*system="Equallogic \(R\) storage array"" flags="REG_DOT_NEWLINE,REG_ICASE">
|
|
104
111
|
<description>ntpd running on an EqualLogic Storage Array that does not include the NTP version</description>
|
|
105
112
|
<example>
|
|
@@ -112,6 +119,7 @@
|
|
|
112
119
|
<param pos="0" name="os.vendor" value="EqualLogic"/>
|
|
113
120
|
<param pos="0" name="os.product" value="Storage Array"/>
|
|
114
121
|
</fingerprint>
|
|
122
|
+
|
|
115
123
|
<fingerprint pattern="^.*version="ntpd ([^ ]+)[^"]+",.*processor="([^ ]+)",.*system="Linux/(?:[^ ]+\.ESX)"" flags="REG_DOT_NEWLINE,REG_ICASE">
|
|
116
124
|
<description>ntpd running on VMware ESX</description>
|
|
117
125
|
<example service.version="4.2.2p1@1.1570-o" os.arch="x86_64">
|
|
@@ -127,6 +135,7 @@
|
|
|
127
135
|
<param pos="2" name="os.arch"/>
|
|
128
136
|
<param pos="0" name="os.cpe23" value="cpe:/o:vmware:esx:-"/>
|
|
129
137
|
</fingerprint>
|
|
138
|
+
|
|
130
139
|
<fingerprint pattern="^.*version="ntpd ([^ ]+)[^"]+",.*processor="([^ ]+)",.*system="Linux/?([^ ]+)"" flags="REG_DOT_NEWLINE,REG_ICASE">
|
|
131
140
|
<description>ntpd running on Linux</description>
|
|
132
141
|
<example>
|
|
@@ -143,6 +152,7 @@
|
|
|
143
152
|
<param pos="3" name="os.version"/>
|
|
144
153
|
<param pos="0" name="os.cpe23" value="cpe:/o:linux:linux_kernel:{os.version}"/>
|
|
145
154
|
</fingerprint>
|
|
155
|
+
|
|
146
156
|
<fingerprint pattern="^.*version="ntpd ([^ ]+)[^"]+",.*processor="([^"]+)",.*system="Darwin/?6\.([^"]+)"" flags="REG_DOT_NEWLINE,REG_ICASE">
|
|
147
157
|
<description>ntpd running on Mac OSX 10.2/Jaguar</description>
|
|
148
158
|
<example service.version="4.1.1@1.786" os.version.version="8">
|
|
@@ -160,6 +170,7 @@
|
|
|
160
170
|
<param pos="0" name="os.certainty" value="0.9"/>
|
|
161
171
|
<param pos="0" name="os.cpe23" value="cpe:/o:apple:mac_os_x:10.2"/>
|
|
162
172
|
</fingerprint>
|
|
173
|
+
|
|
163
174
|
<fingerprint pattern="^.*version="ntpd ([^ ]+)[^"]+",.*processor="([^"]+)",.*system="Darwin/?7\.([^"]+)"" flags="REG_DOT_NEWLINE,REG_ICASE">
|
|
164
175
|
<description>ntpd running on Mac OSX 10.3/Panther</description>
|
|
165
176
|
<param pos="0" name="service.family" value="NTP"/>
|
|
@@ -174,6 +185,7 @@
|
|
|
174
185
|
<param pos="0" name="os.certainty" value="0.9"/>
|
|
175
186
|
<param pos="0" name="os.cpe23" value="cpe:/o:apple:mac_os_x:10.3"/>
|
|
176
187
|
</fingerprint>
|
|
188
|
+
|
|
177
189
|
<fingerprint pattern="^.*version="ntpd ([^ ]+)[^"]+",.*processor="([^"]+)",.*system="Darwin/?8\.([^"]+)"" flags="REG_DOT_NEWLINE,REG_ICASE">
|
|
178
190
|
<description>ntpd running on Mac OSX 10.4/Tiger</description>
|
|
179
191
|
<example>
|
|
@@ -192,6 +204,7 @@
|
|
|
192
204
|
<param pos="0" name="os.certainty" value="0.9"/>
|
|
193
205
|
<param pos="0" name="os.cpe23" value="cpe:/o:apple:mac_os_x:10.4"/>
|
|
194
206
|
</fingerprint>
|
|
207
|
+
|
|
195
208
|
<fingerprint pattern="^.*version="ntpd ([^ ]+)[^"]+",.*processor="([^"]+)",.*system="Darwin/?9\.([^"]+)"" flags="REG_DOT_NEWLINE,REG_ICASE">
|
|
196
209
|
<description>ntpd running on Mac OSX 10.5/Leopard</description>
|
|
197
210
|
<example>
|
|
@@ -210,6 +223,7 @@
|
|
|
210
223
|
<param pos="0" name="os.certainty" value="0.9"/>
|
|
211
224
|
<param pos="0" name="os.cpe23" value="cpe:/o:apple:mac_os_x:10.5"/>
|
|
212
225
|
</fingerprint>
|
|
226
|
+
|
|
213
227
|
<fingerprint pattern="^.*version="ntpd ([^ ]+)[^"]+",.*processor="([^"]+)",.*system="Darwin/?10\.([^"]+)"" flags="REG_DOT_NEWLINE,REG_ICASE">
|
|
214
228
|
<description>ntpd running on Mac OSX 10.6/Snow Leopard</description>
|
|
215
229
|
<example>
|
|
@@ -228,6 +242,7 @@
|
|
|
228
242
|
<param pos="0" name="os.certainty" value="0.9"/>
|
|
229
243
|
<param pos="0" name="os.cpe23" value="cpe:/o:apple:mac_os_x:10.6"/>
|
|
230
244
|
</fingerprint>
|
|
245
|
+
|
|
231
246
|
<fingerprint pattern="^.*processor="([^"]+)".*system="BSD/OS([\d.]+)"" flags="REG_DOT_NEWLINE,REG_ICASE">
|
|
232
247
|
<description>BSD/OS with a version and arch</description>
|
|
233
248
|
<example os.arch="i386" os.version="4.3.1">
|
|
@@ -238,6 +253,7 @@
|
|
|
238
253
|
<param pos="1" name="os.arch"/>
|
|
239
254
|
<param pos="2" name="os.version"/>
|
|
240
255
|
</fingerprint>
|
|
256
|
+
|
|
241
257
|
<fingerprint pattern="^.*system="BSD/OS"" flags="REG_DOT_NEWLINE,REG_ICASE">
|
|
242
258
|
<description>BSD/OS without a version or arch</description>
|
|
243
259
|
<example>
|
|
@@ -246,6 +262,7 @@
|
|
|
246
262
|
<param pos="0" name="os.vendor" value="Berkeley Software Design Inc."/>
|
|
247
263
|
<param pos="0" name="os.product" value="BSD/OS"/>
|
|
248
264
|
</fingerprint>
|
|
265
|
+
|
|
249
266
|
<fingerprint pattern="^.*version="ntpd ([^ ]+)[^"]+",.*processor="([^"]+)",.*system="Darwin/?11\.([^"]+)"" flags="REG_DOT_NEWLINE,REG_ICASE">
|
|
250
267
|
<description>ntpd running on Mac OSX 10.7/Lion</description>
|
|
251
268
|
<example>
|
|
@@ -264,6 +281,7 @@
|
|
|
264
281
|
<param pos="0" name="os.certainty" value="0.9"/>
|
|
265
282
|
<param pos="0" name="os.cpe23" value="cpe:/o:apple:mac_os_x:10.7"/>
|
|
266
283
|
</fingerprint>
|
|
284
|
+
|
|
267
285
|
<fingerprint pattern="^.*version="ntpd ([^ ]+)[^"]+",.*processor="([^"]+)",.*system="Darwin/?12\.([^"]+)"" flags="REG_DOT_NEWLINE,REG_ICASE">
|
|
268
286
|
<description>ntpd running on Mac OSX 10.8/Mountain Lion</description>
|
|
269
287
|
<example service.version="4.2.6@1.2089-o" os.arch="x86_64" os.version.version="1.0">
|
|
@@ -282,6 +300,7 @@
|
|
|
282
300
|
<param pos="0" name="os.certainty" value="0.9"/>
|
|
283
301
|
<param pos="0" name="os.cpe23" value="cpe:/o:apple:mac_os_x:10.8"/>
|
|
284
302
|
</fingerprint>
|
|
303
|
+
|
|
285
304
|
<fingerprint pattern="^.*version="ntpd ([^ ]+)[^"]+",.*processor="([^"]+)",.*system="Darwin/?13\.([^"]+)"" flags="REG_DOT_NEWLINE,REG_ICASE">
|
|
286
305
|
<description>ntpd running on Mac OSX 10.9/Mavericks</description>
|
|
287
306
|
<example service.version="4.2.6@1.2089-o" os.arch="x86_64" os.version.version="4.0">
|
|
@@ -300,6 +319,7 @@
|
|
|
300
319
|
<param pos="0" name="os.certainty" value="0.9"/>
|
|
301
320
|
<param pos="0" name="os.cpe23" value="cpe:/o:apple:mac_os_x:10.9"/>
|
|
302
321
|
</fingerprint>
|
|
322
|
+
|
|
303
323
|
<fingerprint pattern="^.*version="ntpd ([^ ]+)[^"]+",.*processor="([^"]+)",.*system="Darwin/?14\.([^"]+)"" flags="REG_DOT_NEWLINE,REG_ICASE">
|
|
304
324
|
<description>ntpd running on Mac OSX 10.10/Yosemite</description>
|
|
305
325
|
<example service.version="4.2.6@1.2089-o" os.arch="x86_64" os.version.version="3.0">
|
|
@@ -318,6 +338,7 @@
|
|
|
318
338
|
<param pos="0" name="os.certainty" value="0.9"/>
|
|
319
339
|
<param pos="0" name="os.cpe23" value="cpe:/o:apple:mac_os_x:10.10"/>
|
|
320
340
|
</fingerprint>
|
|
341
|
+
|
|
321
342
|
<fingerprint pattern="^.*version="ntpd ([^ p]+)(:?p[^ "]+)?[^"]+",.*processor="([^ ]+)",.*system="FreeBSD/?(?:[^ ]+-NETSCALER-([^ ]+))"" flags="REG_DOT_NEWLINE,REG_ICASE">
|
|
322
343
|
<description>ntpd running on Citrix Netscaler, which is based on FreeBSD</description>
|
|
323
344
|
<example service.version="4.2.6" service.version.version="p2@1.2194" os.arch="i386" os.version="9.3">
|
|
@@ -332,7 +353,7 @@
|
|
|
332
353
|
<param pos="2" name="service.version.version"/>
|
|
333
354
|
<param pos="0" name="service.vendor" value="NTP"/>
|
|
334
355
|
<param pos="0" name="service.product" value="NTP"/>
|
|
335
|
-
<param pos="0" name="service.cpe23" value="cpe:/a:ntp:ntp:{service.version}
|
|
356
|
+
<param pos="0" name="service.cpe23" value="cpe:/a:ntp:ntp:{service.version}"/>
|
|
336
357
|
<param pos="0" name="os.vendor" value="Citrix"/>
|
|
337
358
|
<param pos="0" name="os.family" value="NetScaler"/>
|
|
338
359
|
<param pos="0" name="os.device" value="Network Management Device"/>
|
|
@@ -340,6 +361,7 @@
|
|
|
340
361
|
<param pos="3" name="os.arch"/>
|
|
341
362
|
<param pos="4" name="os.version"/>
|
|
342
363
|
</fingerprint>
|
|
364
|
+
|
|
343
365
|
<fingerprint pattern="^.*version="ntpd ([^ ]+)[^"]+",.*processor="([^ ]+)",.*system="FreeBSD/?([^ ]+)"" flags="REG_DOT_NEWLINE,REG_ICASE">
|
|
344
366
|
<description>ntpd running on FreeBSD</description>
|
|
345
367
|
<example>
|
|
@@ -356,6 +378,7 @@
|
|
|
356
378
|
<param pos="3" name="os.version"/>
|
|
357
379
|
<param pos="0" name="os.cpe23" value="cpe:/o:freebsd:freebsd:{os.version}"/>
|
|
358
380
|
</fingerprint>
|
|
381
|
+
|
|
359
382
|
<fingerprint pattern="^.*processor="([^ ]+)",.*system="FreeBSD/?([^ ]+)"" flags="REG_DOT_NEWLINE,REG_ICASE">
|
|
360
383
|
<description>ntp without a version on FreeBSD</description>
|
|
361
384
|
<example os.arch="i386" os.version="4.1-RELEASE">
|
|
@@ -371,6 +394,7 @@
|
|
|
371
394
|
<param pos="2" name="os.version"/>
|
|
372
395
|
<param pos="0" name="os.cpe23" value="cpe:/o:freebsd:freebsd:{os.version}"/>
|
|
373
396
|
</fingerprint>
|
|
397
|
+
|
|
374
398
|
<fingerprint pattern="^.*version="ntpd ([^ ]+)[^"]+",.*processor="([^ ]+)",.*system="NetBSD/?([^ ]+)"" flags="REG_DOT_NEWLINE,REG_ICASE">
|
|
375
399
|
<description>ntpd running on NetBSD</description>
|
|
376
400
|
<example>
|
|
@@ -387,6 +411,7 @@
|
|
|
387
411
|
<param pos="3" name="os.version"/>
|
|
388
412
|
<param pos="0" name="os.cpe23" value="cpe:/o:netbsd:netbsd:{os.version}"/>
|
|
389
413
|
</fingerprint>
|
|
414
|
+
|
|
390
415
|
<fingerprint pattern="^.*processor="([^ ]+)",.*system="NetBSD/?([^ ]+)"" flags="REG_DOT_NEWLINE,REG_ICASE">
|
|
391
416
|
<description>ntpd running on NetBSD - variant 2</description>
|
|
392
417
|
<example os.arch="i386" os.version="1.5.3">
|
|
@@ -429,6 +454,7 @@
|
|
|
429
454
|
<param pos="2" name="os.version"/>
|
|
430
455
|
<param pos="0" name="os.cpe23" value="cpe:/o:netbsd:netbsd:{os.version}"/>
|
|
431
456
|
</fingerprint>
|
|
457
|
+
|
|
432
458
|
<fingerprint pattern="^.*system="NetWare"" flags="REG_DOT_NEWLINE,REG_ICASE">
|
|
433
459
|
<description>NetWare</description>
|
|
434
460
|
<example>
|
|
@@ -439,6 +465,7 @@
|
|
|
439
465
|
<param pos="0" name="os.product" value="NetWare"/>
|
|
440
466
|
<param pos="0" name="os.cpe23" value="cpe:/o:novell:netware:-"/>
|
|
441
467
|
</fingerprint>
|
|
468
|
+
|
|
442
469
|
<fingerprint pattern="^.*version="ntpd ([^ ]+)[^"]+",.*processor="([^ ]+)",.*system="SunOS/?5.0"" flags="REG_DOT_NEWLINE,REG_ICASE">
|
|
443
470
|
<description>ntpd running on Solaris 2.0 (SunOS/5.0) </description>
|
|
444
471
|
<example service.version="4.2.0@1.1161-r" os.arch="sun4u">
|
|
@@ -459,6 +486,7 @@
|
|
|
459
486
|
<param pos="2" name="os.arch"/>
|
|
460
487
|
<param pos="0" name="os.cpe23" value="cpe:/o:sun:solaris:2.0"/>
|
|
461
488
|
</fingerprint>
|
|
489
|
+
|
|
462
490
|
<fingerprint pattern="^.*version="ntpd ([^ ]+)[^"]+",.*processor="([^ ]+)",.*system="SunOS/?5.1"" flags="REG_DOT_NEWLINE,REG_ICASE">
|
|
463
491
|
<description> ntpd running on Solaris 2.1 (SunOS/5.1) </description>
|
|
464
492
|
<example service.version="4.2.0@1.1161-r" os.arch="sun4u">
|
|
@@ -479,6 +507,7 @@
|
|
|
479
507
|
<param pos="2" name="os.arch"/>
|
|
480
508
|
<param pos="0" name="os.cpe23" value="cpe:/o:sun:solaris:2.1"/>
|
|
481
509
|
</fingerprint>
|
|
510
|
+
|
|
482
511
|
<fingerprint pattern="^.*version="ntpd ([^ ]+)[^"]+",.*processor="([^ ]+)",.*system="SunOS/?5.2"" flags="REG_DOT_NEWLINE,REG_ICASE">
|
|
483
512
|
<description> ntpd running on Solaris 2.2 (SunOS/5.2) </description>
|
|
484
513
|
<example service.version="4.2.0@1.1161-r" os.arch="sun4u">
|
|
@@ -499,6 +528,7 @@
|
|
|
499
528
|
<param pos="2" name="os.arch"/>
|
|
500
529
|
<param pos="0" name="os.cpe23" value="cpe:/o:sun:solaris:2.2"/>
|
|
501
530
|
</fingerprint>
|
|
531
|
+
|
|
502
532
|
<fingerprint pattern="^.*version="ntpd ([^ ]+)[^"]+",.*processor="([^ ]+)",.*system="SunOS/?5.3"" flags="REG_DOT_NEWLINE,REG_ICASE">
|
|
503
533
|
<description> ntpd running on Solaris 2.3 (SunOS/5.3) </description>
|
|
504
534
|
<example service.version="4.2.0@1.1161-r" os.arch="sun4u">
|
|
@@ -519,6 +549,7 @@
|
|
|
519
549
|
<param pos="2" name="os.arch"/>
|
|
520
550
|
<param pos="0" name="os.cpe23" value="cpe:/o:sun:solaris:2.3"/>
|
|
521
551
|
</fingerprint>
|
|
552
|
+
|
|
522
553
|
<fingerprint pattern="^.*version="ntpd ([^ ]+)[^"]+",.*processor="([^ ]+)",.*system="SunOS/?5.4"" flags="REG_DOT_NEWLINE,REG_ICASE">
|
|
523
554
|
<description>ntpd running on Solaris 2.4 (SunOS/5.4) </description>
|
|
524
555
|
<example service.version="4.2.0@1.1161-r" os.arch="sun4u">
|
|
@@ -539,6 +570,7 @@
|
|
|
539
570
|
<param pos="2" name="os.arch"/>
|
|
540
571
|
<param pos="0" name="os.cpe23" value="cpe:/o:sun:solaris:2.4"/>
|
|
541
572
|
</fingerprint>
|
|
573
|
+
|
|
542
574
|
<fingerprint pattern="^.*version="ntpd ([^ ]+)[^"]+",.*processor="([^ ]+)",.*system="SunOS/?5.5"" flags="REG_DOT_NEWLINE,REG_ICASE">
|
|
543
575
|
<description>ntpd running on Solaris 2.5 (SunOS/5.5) </description>
|
|
544
576
|
<example service.version="4.2.0@1.1161-r" os.arch="sun4u">
|
|
@@ -559,6 +591,7 @@
|
|
|
559
591
|
<param pos="2" name="os.arch"/>
|
|
560
592
|
<param pos="0" name="os.cpe23" value="cpe:/o:sun:solaris:2.5"/>
|
|
561
593
|
</fingerprint>
|
|
594
|
+
|
|
562
595
|
<fingerprint pattern="^.*version="ntpd ([^ ]+)[^"]+",.*processor="([^ ]+)",.*system="SunOS/?5.6"" flags="REG_DOT_NEWLINE,REG_ICASE">
|
|
563
596
|
<description>ntpd running on Solaris 2.6 (SunOS/5.6) </description>
|
|
564
597
|
<example service.version="4.2.0@1.1161-r" os.arch="sun4u">
|
|
@@ -579,6 +612,7 @@
|
|
|
579
612
|
<param pos="2" name="os.arch"/>
|
|
580
613
|
<param pos="0" name="os.cpe23" value="cpe:/o:sun:solaris:2.6"/>
|
|
581
614
|
</fingerprint>
|
|
615
|
+
|
|
582
616
|
<fingerprint pattern="^.*version="ntpd ([^ ]+)[^"]+",.*processor="([^ ]+)",.*system="SunOS/?5.(1[1-9])"" flags="REG_DOT_NEWLINE,REG_ICASE">
|
|
583
617
|
<description>ntpd running on Solaris 11 or above (SunOS/5.11 and above) </description>
|
|
584
618
|
<example service.version="4.2.0@1.1161-r" os.arch="sun4u" os.version="11">
|
|
@@ -599,6 +633,7 @@
|
|
|
599
633
|
<param pos="3" name="os.version"/>
|
|
600
634
|
<param pos="0" name="os.cpe23" value="cpe:/o:oracle:solaris:{os.version}"/>
|
|
601
635
|
</fingerprint>
|
|
636
|
+
|
|
602
637
|
<fingerprint pattern="^.*version="ntpd ([^ ]+)[^"]+",.*processor="([^ ]+)",.*system="SunOS/?5.([789]|10)"" flags="REG_DOT_NEWLINE,REG_ICASE">
|
|
603
638
|
<description>ntpd running on Solaris 7-Solaris 10 (SunOS/5.7 - SunOS/5.10) </description>
|
|
604
639
|
<example service.version="4.2.0@1.1161-r" os.arch="sun4u" os.version="7">
|
|
@@ -627,6 +662,7 @@
|
|
|
627
662
|
<param pos="3" name="os.version"/>
|
|
628
663
|
<param pos="0" name="os.cpe23" value="cpe:/o:sun:solaris:{os.version}"/>
|
|
629
664
|
</fingerprint>
|
|
665
|
+
|
|
630
666
|
<fingerprint pattern="^.*processor="([^ ]+)",.*system="SunOS/?5.0"" flags="REG_DOT_NEWLINE,REG_ICASE">
|
|
631
667
|
<description>Solaris 2.0 (SunOS/5.0) with no ntp version</description>
|
|
632
668
|
<example os.arch="sun4m">
|
|
@@ -642,6 +678,7 @@
|
|
|
642
678
|
<param pos="1" name="os.arch"/>
|
|
643
679
|
<param pos="0" name="os.cpe23" value="cpe:/o:sun:solaris:2.0"/>
|
|
644
680
|
</fingerprint>
|
|
681
|
+
|
|
645
682
|
<fingerprint pattern="^.*processor="([^ ]+)",.*system="SunOS/?5.1"" flags="REG_DOT_NEWLINE,REG_ICASE">
|
|
646
683
|
<description>Solaris 2.1 (SunOS/5.1) with no ntp version</description>
|
|
647
684
|
<example os.arch="sun4m">
|
|
@@ -657,6 +694,7 @@
|
|
|
657
694
|
<param pos="1" name="os.arch"/>
|
|
658
695
|
<param pos="0" name="os.cpe23" value="cpe:/o:sun:solaris:2.1"/>
|
|
659
696
|
</fingerprint>
|
|
697
|
+
|
|
660
698
|
<fingerprint pattern="^.*processor="([^ ]+)",.*system="SunOS/?5.2"" flags="REG_DOT_NEWLINE,REG_ICASE">
|
|
661
699
|
<description>Solaris 2.2 (SunOS/5.2) with no ntp version</description>
|
|
662
700
|
<example os.arch="sun4m">
|
|
@@ -672,6 +710,7 @@
|
|
|
672
710
|
<param pos="1" name="os.arch"/>
|
|
673
711
|
<param pos="0" name="os.cpe23" value="cpe:/o:sun:solaris:2.2"/>
|
|
674
712
|
</fingerprint>
|
|
713
|
+
|
|
675
714
|
<fingerprint pattern="^.*processor="([^ ]+)",.*system="SunOS/?5.3"" flags="REG_DOT_NEWLINE,REG_ICASE">
|
|
676
715
|
<description>Solaris 2.3 (SunOS/5.3) with no ntp version</description>
|
|
677
716
|
<example os.arch="sun4m">
|
|
@@ -687,6 +726,7 @@
|
|
|
687
726
|
<param pos="1" name="os.arch"/>
|
|
688
727
|
<param pos="0" name="os.cpe23" value="cpe:/o:sun:solaris:2.3"/>
|
|
689
728
|
</fingerprint>
|
|
729
|
+
|
|
690
730
|
<fingerprint pattern="^.*processor="([^ ]+)",.*system="SunOS/?5.4"" flags="REG_DOT_NEWLINE,REG_ICASE">
|
|
691
731
|
<description>Solaris 2.4 (SunOS/5.4) with no ntp version</description>
|
|
692
732
|
<example os.arch="sun4m">
|
|
@@ -702,6 +742,7 @@
|
|
|
702
742
|
<param pos="1" name="os.arch"/>
|
|
703
743
|
<param pos="0" name="os.cpe23" value="cpe:/o:sun:solaris:2.4"/>
|
|
704
744
|
</fingerprint>
|
|
745
|
+
|
|
705
746
|
<fingerprint pattern="^.*processor="([^ ]+)",.*system="SunOS/?5.5"" flags="REG_DOT_NEWLINE,REG_ICASE">
|
|
706
747
|
<description>Solaris 2.5 (SunOS/5.5) with no ntp version</description>
|
|
707
748
|
<example os.arch="sun4m">
|
|
@@ -717,6 +758,7 @@
|
|
|
717
758
|
<param pos="1" name="os.arch"/>
|
|
718
759
|
<param pos="0" name="os.cpe23" value="cpe:/o:sun:solaris:2.5"/>
|
|
719
760
|
</fingerprint>
|
|
761
|
+
|
|
720
762
|
<fingerprint pattern="^.*processor="([^ ]+)",.*system="SunOS/?5.6"" flags="REG_DOT_NEWLINE,REG_ICASE">
|
|
721
763
|
<description>Solaris 2.6 (SunOS/5.6) with no ntp version</description>
|
|
722
764
|
<example os.arch="sun4m">
|
|
@@ -732,6 +774,7 @@
|
|
|
732
774
|
<param pos="1" name="os.arch"/>
|
|
733
775
|
<param pos="0" name="os.cpe23" value="cpe:/o:sun:solaris:2.6"/>
|
|
734
776
|
</fingerprint>
|
|
777
|
+
|
|
735
778
|
<fingerprint pattern="^.*processor="([^ ]+)",.*system="SunOS/?5.([789]|10)"" flags="REG_DOT_NEWLINE,REG_ICASE">
|
|
736
779
|
<description>Solaris 7-10 (SunOS/5.7 - SunOS/5.10) with no ntp version</description>
|
|
737
780
|
<example os.arch="sun4m" os.version="7">
|
|
@@ -753,6 +796,7 @@
|
|
|
753
796
|
<param pos="2" name="os.version"/>
|
|
754
797
|
<param pos="0" name="os.cpe23" value="cpe:/o:sun:solaris:{os.version}"/>
|
|
755
798
|
</fingerprint>
|
|
799
|
+
|
|
756
800
|
<fingerprint pattern="^.*processor="([^ ]+)",.*system="SunOS/?5.(1[1-9])"" flags="REG_DOT_NEWLINE,REG_ICASE">
|
|
757
801
|
<description>Solaris 11 and up with no ntp version</description>
|
|
758
802
|
<example os.arch="sun4m" os.version="11">
|
|
@@ -768,6 +812,7 @@
|
|
|
768
812
|
<param pos="2" name="os.version"/>
|
|
769
813
|
<param pos="0" name="os.cpe23" value="cpe:/o:oracle:solaris:{os.version}"/>
|
|
770
814
|
</fingerprint>
|
|
815
|
+
|
|
771
816
|
<fingerprint pattern="^.*system="UNIX/SunOS ([^ ]+)"" flags="REG_DOT_NEWLINE,REG_ICASE">
|
|
772
817
|
<description>SunOS with no ntp version</description>
|
|
773
818
|
<example>
|
|
@@ -779,6 +824,7 @@
|
|
|
779
824
|
<param pos="1" name="os.version"/>
|
|
780
825
|
<param pos="0" name="os.cpe23" value="cpe:/o:sun:solaris:{os.version}"/>
|
|
781
826
|
</fingerprint>
|
|
827
|
+
|
|
782
828
|
<fingerprint pattern="^.*version="ntpd ([^ ]+)[^"]+",.*processor="([^ ]+)",.*system="JUNOS/?([^ ]+)"" flags="REG_DOT_NEWLINE,REG_ICASE">
|
|
783
829
|
<description>ntpd running on Juniper/Netscreen JunOS</description>
|
|
784
830
|
<example>
|
|
@@ -795,6 +841,7 @@
|
|
|
795
841
|
<param pos="3" name="os.version"/>
|
|
796
842
|
<param pos="0" name="os.cpe23" value="cpe:/o:juniper:junos:{os.version}"/>
|
|
797
843
|
</fingerprint>
|
|
844
|
+
|
|
798
845
|
<fingerprint pattern="processor="([^ ]+)",.*system="JUNOS/?([^ ]+)"" flags="REG_DOT_NEWLINE,REG_ICASE">
|
|
799
846
|
<description>Juniper/Netscreen JunOS NTP without a version</description>
|
|
800
847
|
<example os.arch="i386" os.version="7.0R2.7">processor="i386", system="JUNOS7.0R2.7", leap=0, stratum=3</example>
|
|
@@ -807,6 +854,7 @@
|
|
|
807
854
|
<param pos="2" name="os.version"/>
|
|
808
855
|
<param pos="0" name="os.cpe23" value="cpe:/o:juniper:junos:{os.version}"/>
|
|
809
856
|
</fingerprint>
|
|
857
|
+
|
|
810
858
|
<fingerprint pattern="^.*version="ntpd ([^ ]+)[^"]+",.*processor="([^ ]+)",.*system="Windows/?([^ ]+)?"" flags="REG_DOT_NEWLINE,REG_ICASE">
|
|
811
859
|
<description>ntpd running on Windows</description>
|
|
812
860
|
<example>
|
|
@@ -827,6 +875,7 @@
|
|
|
827
875
|
<param pos="3" name="os.version"/>
|
|
828
876
|
<param pos="0" name="os.cpe23" value="cpe:/o:microsoft:windows:{os.version}"/>
|
|
829
877
|
</fingerprint>
|
|
878
|
+
|
|
830
879
|
<fingerprint pattern="^.*version="ntpd ([^ ]+)[^"]+",.*processor="([^ ]+)",.*system="HP-UX/?([^ ]+)?"" flags="REG_DOT_NEWLINE,REG_ICASE">
|
|
831
880
|
<description>ntpd running on HP-UX</description>
|
|
832
881
|
<example>
|
|
@@ -843,6 +892,7 @@
|
|
|
843
892
|
<param pos="3" name="os.version"/>
|
|
844
893
|
<param pos="0" name="os.cpe23" value="cpe:/o:hp:hp-ux:{os.version}"/>
|
|
845
894
|
</fingerprint>
|
|
895
|
+
|
|
846
896
|
<fingerprint pattern="^.*version="ntpd ([^ ]+)[^"]+",.*processor=,.*system="HP-UX/"" flags="REG_DOT_NEWLINE,REG_ICASE">
|
|
847
897
|
<description>ntpd running on HP-UX with an empty processor</description>
|
|
848
898
|
<example service.version="4.2.6">
|
|
@@ -857,6 +907,7 @@
|
|
|
857
907
|
<param pos="0" name="os.product" value="HP-UX"/>
|
|
858
908
|
<param pos="0" name="os.cpe23" value="cpe:/o:hp:hp-ux:-"/>
|
|
859
909
|
</fingerprint>
|
|
910
|
+
|
|
860
911
|
<fingerprint pattern="^.*version="ntpd ([^ ]+)[^"]+",.*processor="[^ ]+",.*system="([^ ]+)-hp-hpux([^ ]+)"" flags="REG_DOT_NEWLINE,REG_ICASE">
|
|
861
912
|
<description>ntpd running on HP-UX, where the processor is in the 'system' variable</description>
|
|
862
913
|
<example>
|
|
@@ -873,6 +924,7 @@
|
|
|
873
924
|
<param pos="3" name="os.version"/>
|
|
874
925
|
<param pos="0" name="os.cpe23" value="cpe:/o:hp:hp-ux:{os.version}"/>
|
|
875
926
|
</fingerprint>
|
|
927
|
+
|
|
876
928
|
<fingerprint pattern="^.*version="ntpd ([^ ]+)[^"]+",.*processor="([^ ]+)",.*system="VMkernel/?([^ ]+)?"" flags="REG_DOT_NEWLINE,REG_ICASE">
|
|
877
929
|
<description>ntpd running on VMware ESXi</description>
|
|
878
930
|
<example>
|
|
@@ -889,6 +941,7 @@
|
|
|
889
941
|
<param pos="3" name="os.version"/>
|
|
890
942
|
<param pos="0" name="os.cpe23" value="cpe:/o:vmware:esxi:{os.version}"/>
|
|
891
943
|
</fingerprint>
|
|
944
|
+
|
|
892
945
|
<fingerprint pattern=".*processor="([^ ]+)",.*system="OSF1[/V]?([^ ]+)"" flags="REG_DOT_NEWLINE,REG_ICASE">
|
|
893
946
|
<description>ntpd running on OSF/1</description>
|
|
894
947
|
<example os.arch="alpha" os.version="4.0">
|
|
@@ -901,6 +954,7 @@
|
|
|
901
954
|
<param pos="2" name="os.version"/>
|
|
902
955
|
<param pos="1" name="os.arch"/>
|
|
903
956
|
</fingerprint>
|
|
957
|
+
|
|
904
958
|
<fingerprint pattern=".*system="UNIX/DECOSF1"" flags="REG_DOT_NEWLINE,REG_ICASE">
|
|
905
959
|
<description>DEC OSF/1</description>
|
|
906
960
|
<example>
|
|
@@ -909,6 +963,7 @@
|
|
|
909
963
|
<param pos="0" name="os.vendor" value="DEC"/>
|
|
910
964
|
<param pos="0" name="os.product" value="OSF/1"/>
|
|
911
965
|
</fingerprint>
|
|
966
|
+
|
|
912
967
|
<fingerprint pattern="^.*system="Linux"" flags="REG_DOT_NEWLINE,REG_ICASE">
|
|
913
968
|
<description>Linux with NTP enabled, no processor/version</description>
|
|
914
969
|
<example>
|
|
@@ -921,6 +976,7 @@
|
|
|
921
976
|
<param pos="0" name="service.family" value="NTP"/>
|
|
922
977
|
<param pos="0" name="service.product" value="NTP"/>
|
|
923
978
|
</fingerprint>
|
|
979
|
+
|
|
924
980
|
<fingerprint pattern="^.*system="UNIX/AIX"" flags="REG_DOT_NEWLINE,REG_ICASE">
|
|
925
981
|
<description>AIX with NTP enabled, no processor/version</description>
|
|
926
982
|
<example>
|
|
@@ -934,6 +990,7 @@
|
|
|
934
990
|
<param pos="0" name="service.product" value="NTP"/>
|
|
935
991
|
<param pos="0" name="service.vendor" value="IBM"/>
|
|
936
992
|
</fingerprint>
|
|
993
|
+
|
|
937
994
|
<fingerprint pattern="^.*system="SunOS"" flags="REG_DOT_NEWLINE,REG_ICASE">
|
|
938
995
|
<description>Solaris with NTP enabled, no processor/version</description>
|
|
939
996
|
<example>
|
|
@@ -947,6 +1004,7 @@
|
|
|
947
1004
|
<param pos="0" name="service.product" value="NTP"/>
|
|
948
1005
|
<param pos="0" name="service.vendor" value="Sun"/>
|
|
949
1006
|
</fingerprint>
|
|
1007
|
+
|
|
950
1008
|
<fingerprint pattern="^.*system="cisco"" flags="REG_DOT_NEWLINE,REG_ICASE">
|
|
951
1009
|
<description>Cisco IOS with NTP enabled</description>
|
|
952
1010
|
<example>
|
|
@@ -960,6 +1018,7 @@
|
|
|
960
1018
|
<param pos="0" name="service.product" value="NTP"/>
|
|
961
1019
|
<param pos="0" name="service.vendor" value="Cisco"/>
|
|
962
1020
|
</fingerprint>
|
|
1021
|
+
|
|
963
1022
|
<fingerprint pattern="^.*system="Data ONTAP/+(\S+)".*$" flags="REG_DOT_NEWLINE,REG_ICASE">
|
|
964
1023
|
<description>NetApp file servers</description>
|
|
965
1024
|
<example>
|
|
@@ -972,6 +1031,7 @@
|
|
|
972
1031
|
<param pos="1" name="os.version"/>
|
|
973
1032
|
<param pos="0" name="os.cpe23" value="cpe:/o:netapp:data_ontap:{os.version}"/>
|
|
974
1033
|
</fingerprint>
|
|
1034
|
+
|
|
975
1035
|
<fingerprint pattern="system="UNIX/HPUX"" flags="REG_ICASE">
|
|
976
1036
|
<description>Generic HPUX</description>
|
|
977
1037
|
<example>
|
|
@@ -985,6 +1045,7 @@
|
|
|
985
1045
|
<param pos="0" name="os.product" value="HP-UX"/>
|
|
986
1046
|
<param pos="0" name="os.cpe23" value="cpe:/o:hp:hp-ux:-"/>
|
|
987
1047
|
</fingerprint>
|
|
1048
|
+
|
|
988
1049
|
<fingerprint pattern="system="UNIX"" flags="REG_ICASE">
|
|
989
1050
|
<description>Generic UNIX</description>
|
|
990
1051
|
<example>
|
|
@@ -994,6 +1055,7 @@
|
|
|
994
1055
|
<param pos="0" name="os.product" value="UNIX"/>
|
|
995
1056
|
<param pos="0" name="os.certainty" value="0.5"/>
|
|
996
1057
|
</fingerprint>
|
|
1058
|
+
|
|
997
1059
|
<fingerprint pattern="system="VxWorks(?:/TORNADO)?"" flags="REG_ICASE">
|
|
998
1060
|
<description>Generic VxWorks</description>
|
|
999
1061
|
<example>
|
|
@@ -1009,6 +1071,7 @@
|
|
|
1009
1071
|
<param pos="0" name="os.product" value="VxWorks"/>
|
|
1010
1072
|
<param pos="0" name="os.cpe23" value="cpe:/o:windriver:vxworks:-"/>
|
|
1011
1073
|
</fingerprint>
|
|
1074
|
+
|
|
1012
1075
|
<fingerprint pattern="system="arm-wrs-vxworks"" flags="REG_ICASE">
|
|
1013
1076
|
<description>VxWorks ARM, cross-compiled on Linux</description>
|
|
1014
1077
|
<example>
|
|
@@ -1019,6 +1082,7 @@
|
|
|
1019
1082
|
<param pos="0" name="os.arch" value="ARM"/>
|
|
1020
1083
|
<param pos="0" name="os.cpe23" value="cpe:/o:windriver:vxworks:-"/>
|
|
1021
1084
|
</fingerprint>
|
|
1085
|
+
|
|
1022
1086
|
<fingerprint pattern="system="i386-wrs-vxworks"" flags="REG_ICASE">
|
|
1023
1087
|
<description>VxWorks x86, cross-compiled on Linux</description>
|
|
1024
1088
|
<example>
|
|
@@ -1029,6 +1093,7 @@
|
|
|
1029
1093
|
<param pos="0" name="os.arch" value="x86"/>
|
|
1030
1094
|
<param pos="0" name="os.cpe23" value="cpe:/o:windriver:vxworks:-"/>
|
|
1031
1095
|
</fingerprint>
|
|
1096
|
+
|
|
1032
1097
|
<fingerprint pattern="system="UNIX/Unixware([^ ]+)"" flags="REG_ICASE">
|
|
1033
1098
|
<description>SCO Unixware NTP</description>
|
|
1034
1099
|
<example>
|
|
@@ -1041,6 +1106,7 @@
|
|
|
1041
1106
|
<param pos="0" name="os.vendor" value="SCO"/>
|
|
1042
1107
|
<param pos="1" name="os.product"/>
|
|
1043
1108
|
</fingerprint>
|
|
1109
|
+
|
|
1044
1110
|
<fingerprint pattern="^.*processor="([^"]+)", system="SCO_SV([\d\.]+)"" flags="REG_DOT_NEWLINE,REG_ICASE">
|
|
1045
1111
|
<description>SCO Unixware NTP - SCO_SV variant</description>
|
|
1046
1112
|
<example os.version="3.2" os.arch="i386">
|
|
@@ -1051,6 +1117,7 @@
|
|
|
1051
1117
|
<param pos="1" name="os.arch"/>
|
|
1052
1118
|
<param pos="2" name="os.version"/>
|
|
1053
1119
|
</fingerprint>
|
|
1120
|
+
|
|
1054
1121
|
<fingerprint pattern="^.*version="ntpd ([^ ]+)[^"]+",.*\s*processor="([^ ]+)",.*system="SecureOS/([^ ]+)"" flags="REG_DOT_NEWLINE,REG_ICASE">
|
|
1055
1122
|
<description>McAfee Network Firewall Enterprise NTP (SecureOS)</description>
|
|
1056
1123
|
<example>
|
|
@@ -1077,6 +1144,7 @@
|
|
|
1077
1144
|
<param pos="2" name="os.arch"/>
|
|
1078
1145
|
<param pos="3" name="os.version"/>
|
|
1079
1146
|
</fingerprint>
|
|
1147
|
+
|
|
1080
1148
|
<fingerprint pattern="^.*processor="([^ ]+)".*system="Linux([^ ]+)"" flags="REG_DOT_NEWLINE,REG_ICASE">
|
|
1081
1149
|
<description>ntpd running on linux</description>
|
|
1082
1150
|
<example>
|
|
@@ -1103,6 +1171,7 @@
|
|
|
1103
1171
|
<param pos="2" name="os.version"/>
|
|
1104
1172
|
<param pos="0" name="os.cpe23" value="cpe:/o:linux:linux_kernel:{os.version}"/>
|
|
1105
1173
|
</fingerprint>
|
|
1174
|
+
|
|
1106
1175
|
<fingerprint pattern=".*version="ntpd (\S+)[^"]+",.*\s*processor="([^ ]+)".*system="Isilon OneFS/v([^ ]+)"" flags="REG_DOT_NEWLINE,REG_ICASE">
|
|
1107
1176
|
<description>Isilon OneFS NTP Server</description>
|
|
1108
1177
|
<example>
|
|
@@ -1121,6 +1190,7 @@
|
|
|
1121
1190
|
<param pos="2" name="os.arch"/>
|
|
1122
1191
|
<param pos="3" name="os.version"/>
|
|
1123
1192
|
</fingerprint>
|
|
1193
|
+
|
|
1124
1194
|
<fingerprint pattern="system="IPSO"" flags="REG_DOT_NEWLINE,REG_ICASE">
|
|
1125
1195
|
<description>Nokia IPSO NTP</description>
|
|
1126
1196
|
<example>
|
|
@@ -1141,6 +1211,7 @@
|
|
|
1141
1211
|
<param pos="0" name="os.device" value="Firewall"/>
|
|
1142
1212
|
<param pos="0" name="os.cpe23" value="cpe:/o:nokia:ipso:-"/>
|
|
1143
1213
|
</fingerprint>
|
|
1214
|
+
|
|
1144
1215
|
<fingerprint pattern="system="UNIX/Solaris\s[^ ]+"" flags="REG_DOT_NEWLINE,REG_ICASE">
|
|
1145
1216
|
<description>Sun Solaris NTP</description>
|
|
1146
1217
|
<example>
|
|
@@ -1163,6 +1234,7 @@
|
|
|
1163
1234
|
<param pos="0" name="service.product" value="NTP"/>
|
|
1164
1235
|
<param pos="0" name="service.vendor" value="Sun"/>
|
|
1165
1236
|
</fingerprint>
|
|
1237
|
+
|
|
1166
1238
|
<fingerprint pattern="version="ntpd version = ([^ ]+)",\s*processor="([A-Z0-9]+)",\s*system="OpenVMS/V([A-Z0-9.-]+)" flags="REG_DOT_NEWLINE,REG_ICASE">
|
|
1167
1239
|
<description>OpenVMS NTP Server</description>
|
|
1168
1240
|
<example service.version="4.2.0" os.arch="PHMNFP" os.version="8.3">
|
|
@@ -1189,6 +1261,7 @@
|
|
|
1189
1261
|
<param pos="3" name="os.version"/>
|
|
1190
1262
|
<param pos="0" name="os.cpe23" value="cpe:/o:hp:openvms:{os.version}"/>
|
|
1191
1263
|
</fingerprint>
|
|
1264
|
+
|
|
1192
1265
|
<fingerprint pattern="version="ntpd version = ([^ ]+)",\s*processor="unknown",\s*system="OpenVMS AXP"" flags="REG_DOT_NEWLINE,REG_ICASE">
|
|
1193
1266
|
<description>OpenVMS AXP (Alpha) NTP Server</description>
|
|
1194
1267
|
<example service.version="4.1.0" os.arch="Alpha">
|
|
@@ -1201,6 +1274,7 @@
|
|
|
1201
1274
|
<param pos="0" name="os.product" value="OpenVMS"/>
|
|
1202
1275
|
<param pos="0" name="os.arch" value="Alpha"/>
|
|
1203
1276
|
</fingerprint>
|
|
1277
|
+
|
|
1204
1278
|
<fingerprint pattern=".*version="ntpd ([^ ]+)[^"]+",\s*processor="([^ ]+)",\s*system="BIG-IPBIG-IP\s+([^"]+)"" flags="REG_DOT_NEWLINE,REG_ICASE">
|
|
1205
1279
|
<description>F5 Big-IP Load Balancers NTP</description>
|
|
1206
1280
|
<example service.version="4.1.1a@1.791" os.arch="i386" os.version="4.5PTF-0">
|
|
@@ -1219,6 +1293,7 @@
|
|
|
1219
1293
|
<param pos="2" name="os.arch"/>
|
|
1220
1294
|
<param pos="3" name="os.version"/>
|
|
1221
1295
|
</fingerprint>
|
|
1296
|
+
|
|
1222
1297
|
<fingerprint pattern=".*version="ntpd ([^ ]+)[^"]+",\s*processor,\s*system="/"" flags="REG_DOT_NEWLINE,REG_ICASE">
|
|
1223
1298
|
<description>NTP on an unknown system</description>
|
|
1224
1299
|
<example service.version="4.2.6p2-RC4@1.2180-o">
|
|
@@ -1228,4 +1303,5 @@
|
|
|
1228
1303
|
<param pos="0" name="service.product" value="NTP"/>
|
|
1229
1304
|
<param pos="1" name="service.version"/>
|
|
1230
1305
|
</fingerprint>
|
|
1231
|
-
|
|
1306
|
+
|
|
1307
|
+
</fingerprints>
|