recog 2.3.8 → 2.3.9
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/.gitignore +6 -0
- data/CONTRIBUTING.md +136 -37
- data/README.md +18 -16
- data/bin/recog_cleanup +16 -0
- data/bin/recog_standardize +30 -6
- data/identifiers/README.md +9 -0
- data/identifiers/hw_device.txt +77 -0
- data/identifiers/hw_family.txt +96 -0
- data/identifiers/hw_product.txt +328 -0
- data/identifiers/os_architecture.txt +6 -6
- data/identifiers/os_device.txt +45 -3
- data/identifiers/os_family.txt +206 -41
- data/identifiers/os_product.txt +238 -17
- data/identifiers/service_family.txt +144 -57
- data/identifiers/service_product.txt +384 -83
- data/identifiers/vendor.txt +553 -68
- data/lib/recog/version.rb +1 -1
- data/requirements.txt +1 -1
- data/xml/apache_modules.xml +292 -5
- data/xml/apache_os.xml +41 -2
- data/xml/architecture.xml +11 -3
- data/xml/dns_versionbind.xml +76 -8
- data/xml/favicons.xml +1700 -0
- data/xml/ftp_banners.xml +178 -8
- data/xml/h323_callresp.xml +112 -12
- data/xml/hp_pjl_id.xml +47 -5
- data/xml/html_title.xml +1258 -25
- data/xml/http_cookies.xml +64 -9
- data/xml/http_servers.xml +667 -37
- data/xml/http_wwwauth.xml +141 -26
- data/xml/imap_banners.xml +19 -13
- data/xml/ldap_searchresult.xml +81 -9
- data/xml/mdns_device-info_txt.xml +175 -2
- data/xml/mdns_workstation_txt.xml +4 -2
- data/xml/mysql_banners.xml +134 -7
- data/xml/mysql_error.xml +113 -6
- data/xml/nntp_banners.xml +10 -2
- data/xml/ntp_banners.xml +80 -4
- data/xml/operating_system.xml +89 -3
- data/xml/pop_banners.xml +30 -31
- data/xml/rsh_resp.xml +11 -2
- data/xml/rtsp_servers.xml +22 -2
- data/xml/sip_banners.xml +35 -4
- data/xml/sip_user_agents.xml +29 -2
- data/xml/smb_native_lm.xml +10 -2
- data/xml/smb_native_os.xml +79 -2
- data/xml/smtp_banners.xml +146 -7
- data/xml/smtp_debug.xml +6 -4
- data/xml/smtp_ehlo.xml +7 -5
- data/xml/smtp_expn.xml +13 -4
- data/xml/smtp_help.xml +23 -4
- data/xml/smtp_mailfrom.xml +5 -2
- data/xml/smtp_noop.xml +6 -5
- data/xml/smtp_quit.xml +5 -4
- data/xml/smtp_rcptto.xml +5 -2
- data/xml/smtp_rset.xml +4 -4
- data/xml/smtp_turn.xml +4 -4
- data/xml/smtp_vrfy.xml +14 -4
- data/xml/snmp_sysdescr.xml +731 -24
- data/xml/snmp_sysobjid.xml +47 -2
- data/xml/ssh_banners.xml +175 -5
- data/xml/telnet_banners.xml +266 -15
- data/xml/x11_banners.xml +26 -3
- data/xml/x509_issuers.xml +30 -6
- data/xml/x509_subjects.xml +200 -31
- metadata +8 -2
data/xml/nntp_banners.xml
CHANGED
|
@@ -1,9 +1,10 @@
|
|
|
1
|
-
<?xml version=
|
|
1
|
+
<?xml version='1.0' encoding='UTF-8'?>
|
|
2
2
|
<fingerprints matches="nntp.banner" protocol="nntp" database_type="service">
|
|
3
3
|
<!--
|
|
4
4
|
NNTP greeting messages (part of the banner after the response code) are matched
|
|
5
5
|
against these patterns to fingerprint NNTP servers.
|
|
6
6
|
-->
|
|
7
|
+
|
|
7
8
|
<fingerprint pattern="CCProxy NNTP Service$">
|
|
8
9
|
<description>Youngzsoft CCProxy NNTP with no version</description>
|
|
9
10
|
<example>CCProxy NNTP Service</example>
|
|
@@ -11,6 +12,7 @@
|
|
|
11
12
|
<param pos="0" name="service.family" value="CCProxy"/>
|
|
12
13
|
<param pos="0" name="service.product" value="CCProxy"/>
|
|
13
14
|
</fingerprint>
|
|
15
|
+
|
|
14
16
|
<fingerprint pattern="^(\S+) Lyris ListManager NNTP Service ready">
|
|
15
17
|
<description>Lyris Listmanager</description>
|
|
16
18
|
<example host.name="blah">blah Lyris ListManager NNTP Service ready (posting ok).</example>
|
|
@@ -19,6 +21,7 @@
|
|
|
19
21
|
<param pos="0" name="service.product" value="ListManager"/>
|
|
20
22
|
<param pos="1" name="host.name"/>
|
|
21
23
|
</fingerprint>
|
|
24
|
+
|
|
22
25
|
<fingerprint pattern="^NNTP Service (?:.*) Version: (5.0.2195.[0-9]+) .*$">
|
|
23
26
|
<description>Microsoft IIS NNTP Server on Windows 2000</description>
|
|
24
27
|
<example>NNTP Service 5.00.0984 Version: 5.0.2195.7034 Posting Allowed</example>
|
|
@@ -34,6 +37,7 @@
|
|
|
34
37
|
<param pos="0" name="os.cpe23" value="cpe:/o:microsoft:windows_2000:-"/>
|
|
35
38
|
<param pos="1" name="ms.nttp.version"/>
|
|
36
39
|
</fingerprint>
|
|
40
|
+
|
|
37
41
|
<fingerprint pattern="^NNTP Service (?:.*) Version: (6.0.3790.[0-9]+) .*$">
|
|
38
42
|
<description>Microsoft IIS NNTP Server on Windows Server 2003</description>
|
|
39
43
|
<example>NNTP Service 6.0.3790.3959 Version: 6.0.3790.3959 Posting Allowed</example>
|
|
@@ -49,6 +53,7 @@
|
|
|
49
53
|
<param pos="0" name="os.cpe23" value="cpe:/o:microsoft:windows_server_2003:-"/>
|
|
50
54
|
<param pos="1" name="ms.nttp.version"/>
|
|
51
55
|
</fingerprint>
|
|
56
|
+
|
|
52
57
|
<fingerprint pattern="^NNTP Service Microsoft. Internet Services (?:.*) Version: (?:[^ ]+) .*$">
|
|
53
58
|
<description>Older Microsoft IIS NNTP Servers</description>
|
|
54
59
|
<example>NNTP Service Microsoft. Internet Services 5.00 Version: 5.0.2068.0 Posting Allowed</example>
|
|
@@ -63,6 +68,7 @@
|
|
|
63
68
|
<param pos="0" name="os.product" value="Windows"/>
|
|
64
69
|
<param pos="0" name="os.cpe23" value="cpe:/o:microsoft:windows:-"/>
|
|
65
70
|
</fingerprint>
|
|
71
|
+
|
|
66
72
|
<fingerprint pattern="^Kerio (?:Connect|MailServer)\s+(\d\.[\d.]+)\s+(?:(?:patch|RC) (\d)\s+)?NNTP server ready$">
|
|
67
73
|
<description>Kerio Connect NNTP</description>
|
|
68
74
|
<example service.version="9.2.3">Kerio Connect 9.2.3 NNTP server ready</example>
|
|
@@ -74,9 +80,11 @@
|
|
|
74
80
|
<param pos="1" name="service.version"/>
|
|
75
81
|
<param pos="2" name="service.version.version"/>
|
|
76
82
|
</fingerprint>
|
|
83
|
+
|
|
77
84
|
<fingerprint pattern="^NNTP server ready(?: \(no posting\))?$">
|
|
78
85
|
<description>Non-specific NNTP</description>
|
|
79
86
|
<example>NNTP server ready (no posting)</example>
|
|
80
87
|
<example>NNTP server ready</example>
|
|
81
88
|
</fingerprint>
|
|
82
|
-
|
|
89
|
+
|
|
90
|
+
</fingerprints>
|
data/xml/ntp_banners.xml
CHANGED
|
@@ -1,8 +1,9 @@
|
|
|
1
|
-
<?xml version=
|
|
1
|
+
<?xml version='1.0' encoding='UTF-8'?>
|
|
2
2
|
<fingerprints matches="ntp.readvar" protocol="ntp" database_type="service" preference="0.80">
|
|
3
3
|
<!--
|
|
4
4
|
NTP "banners", taken from a readvar response
|
|
5
5
|
-->
|
|
6
|
+
|
|
6
7
|
<fingerprint pattern="^.*version=Domain Time II (\S+),hostname=([^,]+),.*system=Win2003.*,processor=(\S+)" flags="REG_DOT_NEWLINE,REG_ICASE">
|
|
7
8
|
<description>Greyware Automation Products, Inc. Domain Time II on Windows Server 2003</description>
|
|
8
9
|
<example service.version="5.1.b.20100331R" os.arch="x64" host.name="blah">
|
|
@@ -21,6 +22,7 @@
|
|
|
21
22
|
<param pos="3" name="os.arch"/>
|
|
22
23
|
<param pos="0" name="os.cpe23" value="cpe:/o:microsoft:windows_server_2003:-"/>
|
|
23
24
|
</fingerprint>
|
|
25
|
+
|
|
24
26
|
<fingerprint pattern="^.*version=Domain Time II (\S+),hostname=([^,]+),.*system=Win2008R2.*,processor=(\S+)" flags="REG_DOT_NEWLINE,REG_ICASE">
|
|
25
27
|
<description>Greyware Automation Products, Inc. Domain Time II on Windows Server 2008 R2</description>
|
|
26
28
|
<example service.version="5.2.b.20120215R" os.arch="x64" host.name="blah">
|
|
@@ -32,10 +34,11 @@
|
|
|
32
34
|
<param pos="2" name="host.name"/>
|
|
33
35
|
<param pos="0" name="os.vendor" value="Microsoft"/>
|
|
34
36
|
<param pos="0" name="os.family" value="Windows"/>
|
|
35
|
-
<param pos="0" name="os.product" value="Windows 2008 R2"/>
|
|
37
|
+
<param pos="0" name="os.product" value="Windows Server 2008 R2"/>
|
|
36
38
|
<param pos="3" name="os.arch"/>
|
|
37
39
|
<param pos="0" name="os.cpe23" value="cpe:/o:microsoft:windows_server_2008:-"/>
|
|
38
40
|
</fingerprint>
|
|
41
|
+
|
|
39
42
|
<fingerprint pattern="^.*version=Domain Time II (\S+),hostname=([^,]+),.*system=Win2008.*,processor=(\S+)" flags="REG_DOT_NEWLINE,REG_ICASE">
|
|
40
43
|
<description>Greyware Automation Products, Inc. Domain Time II on Windows 2008</description>
|
|
41
44
|
<example service.version="5.2.b.20140303R" os.arch="x86" host.name="blah">
|
|
@@ -54,6 +57,7 @@
|
|
|
54
57
|
<param pos="3" name="os.arch"/>
|
|
55
58
|
<param pos="0" name="os.cpe23" value="cpe:/o:microsoft:windows_server_2008:-"/>
|
|
56
59
|
</fingerprint>
|
|
60
|
+
|
|
57
61
|
<fingerprint pattern="^.*version=Domain Time II (\S+),hostname=([^,]+),.*system=Win2012.*,processor=(\S+)" flags="REG_DOT_NEWLINE,REG_ICASE">
|
|
58
62
|
<description>Greyware Automation Products, Inc. Domain Time II on Windows Server 2012</description>
|
|
59
63
|
<example service.version="5.2.b.20140101R" os.arch="x64" host.name="blah">
|
|
@@ -69,6 +73,7 @@
|
|
|
69
73
|
<param pos="3" name="os.arch"/>
|
|
70
74
|
<param pos="0" name="os.cpe23" value="cpe:/o:microsoft:windows_server_2012:-"/>
|
|
71
75
|
</fingerprint>
|
|
76
|
+
|
|
72
77
|
<fingerprint pattern="^.*version=Domain Time II (\S+),hostname=([^,]+),.*system=Win7.*,processor=(\S+)" flags="REG_DOT_NEWLINE,REG_ICASE">
|
|
73
78
|
<description>Greyware Automation Products, Inc. Domain Time II on Windows 7</description>
|
|
74
79
|
<example service.version="5.2.b.20130405R" os.arch="x64" host.name="blah">
|
|
@@ -84,6 +89,7 @@
|
|
|
84
89
|
<param pos="3" name="os.arch"/>
|
|
85
90
|
<param pos="0" name="os.cpe23" value="cpe:/o:microsoft:windows_7:-"/>
|
|
86
91
|
</fingerprint>
|
|
92
|
+
|
|
87
93
|
<fingerprint pattern="^.*version="ntpd (\S+)[^"]+",.*system="Equallogic \(R\) storage array"" flags="REG_DOT_NEWLINE,REG_ICASE">
|
|
88
94
|
<description>ntpd running on an EqualLogic Storage Array that includes the NTP version</description>
|
|
89
95
|
<example>
|
|
@@ -100,6 +106,7 @@
|
|
|
100
106
|
<param pos="0" name="os.vendor" value="EqualLogic"/>
|
|
101
107
|
<param pos="0" name="os.product" value="Storage Array"/>
|
|
102
108
|
</fingerprint>
|
|
109
|
+
|
|
103
110
|
<fingerprint pattern="^.*system="Equallogic \(R\) storage array"" flags="REG_DOT_NEWLINE,REG_ICASE">
|
|
104
111
|
<description>ntpd running on an EqualLogic Storage Array that does not include the NTP version</description>
|
|
105
112
|
<example>
|
|
@@ -112,6 +119,7 @@
|
|
|
112
119
|
<param pos="0" name="os.vendor" value="EqualLogic"/>
|
|
113
120
|
<param pos="0" name="os.product" value="Storage Array"/>
|
|
114
121
|
</fingerprint>
|
|
122
|
+
|
|
115
123
|
<fingerprint pattern="^.*version="ntpd ([^ ]+)[^"]+",.*processor="([^ ]+)",.*system="Linux/(?:[^ ]+\.ESX)"" flags="REG_DOT_NEWLINE,REG_ICASE">
|
|
116
124
|
<description>ntpd running on VMware ESX</description>
|
|
117
125
|
<example service.version="4.2.2p1@1.1570-o" os.arch="x86_64">
|
|
@@ -127,6 +135,7 @@
|
|
|
127
135
|
<param pos="2" name="os.arch"/>
|
|
128
136
|
<param pos="0" name="os.cpe23" value="cpe:/o:vmware:esx:-"/>
|
|
129
137
|
</fingerprint>
|
|
138
|
+
|
|
130
139
|
<fingerprint pattern="^.*version="ntpd ([^ ]+)[^"]+",.*processor="([^ ]+)",.*system="Linux/?([^ ]+)"" flags="REG_DOT_NEWLINE,REG_ICASE">
|
|
131
140
|
<description>ntpd running on Linux</description>
|
|
132
141
|
<example>
|
|
@@ -143,6 +152,7 @@
|
|
|
143
152
|
<param pos="3" name="os.version"/>
|
|
144
153
|
<param pos="0" name="os.cpe23" value="cpe:/o:linux:linux_kernel:{os.version}"/>
|
|
145
154
|
</fingerprint>
|
|
155
|
+
|
|
146
156
|
<fingerprint pattern="^.*version="ntpd ([^ ]+)[^"]+",.*processor="([^"]+)",.*system="Darwin/?6\.([^"]+)"" flags="REG_DOT_NEWLINE,REG_ICASE">
|
|
147
157
|
<description>ntpd running on Mac OSX 10.2/Jaguar</description>
|
|
148
158
|
<example service.version="4.1.1@1.786" os.version.version="8">
|
|
@@ -160,6 +170,7 @@
|
|
|
160
170
|
<param pos="0" name="os.certainty" value="0.9"/>
|
|
161
171
|
<param pos="0" name="os.cpe23" value="cpe:/o:apple:mac_os_x:10.2"/>
|
|
162
172
|
</fingerprint>
|
|
173
|
+
|
|
163
174
|
<fingerprint pattern="^.*version="ntpd ([^ ]+)[^"]+",.*processor="([^"]+)",.*system="Darwin/?7\.([^"]+)"" flags="REG_DOT_NEWLINE,REG_ICASE">
|
|
164
175
|
<description>ntpd running on Mac OSX 10.3/Panther</description>
|
|
165
176
|
<param pos="0" name="service.family" value="NTP"/>
|
|
@@ -174,6 +185,7 @@
|
|
|
174
185
|
<param pos="0" name="os.certainty" value="0.9"/>
|
|
175
186
|
<param pos="0" name="os.cpe23" value="cpe:/o:apple:mac_os_x:10.3"/>
|
|
176
187
|
</fingerprint>
|
|
188
|
+
|
|
177
189
|
<fingerprint pattern="^.*version="ntpd ([^ ]+)[^"]+",.*processor="([^"]+)",.*system="Darwin/?8\.([^"]+)"" flags="REG_DOT_NEWLINE,REG_ICASE">
|
|
178
190
|
<description>ntpd running on Mac OSX 10.4/Tiger</description>
|
|
179
191
|
<example>
|
|
@@ -192,6 +204,7 @@
|
|
|
192
204
|
<param pos="0" name="os.certainty" value="0.9"/>
|
|
193
205
|
<param pos="0" name="os.cpe23" value="cpe:/o:apple:mac_os_x:10.4"/>
|
|
194
206
|
</fingerprint>
|
|
207
|
+
|
|
195
208
|
<fingerprint pattern="^.*version="ntpd ([^ ]+)[^"]+",.*processor="([^"]+)",.*system="Darwin/?9\.([^"]+)"" flags="REG_DOT_NEWLINE,REG_ICASE">
|
|
196
209
|
<description>ntpd running on Mac OSX 10.5/Leopard</description>
|
|
197
210
|
<example>
|
|
@@ -210,6 +223,7 @@
|
|
|
210
223
|
<param pos="0" name="os.certainty" value="0.9"/>
|
|
211
224
|
<param pos="0" name="os.cpe23" value="cpe:/o:apple:mac_os_x:10.5"/>
|
|
212
225
|
</fingerprint>
|
|
226
|
+
|
|
213
227
|
<fingerprint pattern="^.*version="ntpd ([^ ]+)[^"]+",.*processor="([^"]+)",.*system="Darwin/?10\.([^"]+)"" flags="REG_DOT_NEWLINE,REG_ICASE">
|
|
214
228
|
<description>ntpd running on Mac OSX 10.6/Snow Leopard</description>
|
|
215
229
|
<example>
|
|
@@ -228,6 +242,7 @@
|
|
|
228
242
|
<param pos="0" name="os.certainty" value="0.9"/>
|
|
229
243
|
<param pos="0" name="os.cpe23" value="cpe:/o:apple:mac_os_x:10.6"/>
|
|
230
244
|
</fingerprint>
|
|
245
|
+
|
|
231
246
|
<fingerprint pattern="^.*processor="([^"]+)".*system="BSD/OS([\d.]+)"" flags="REG_DOT_NEWLINE,REG_ICASE">
|
|
232
247
|
<description>BSD/OS with a version and arch</description>
|
|
233
248
|
<example os.arch="i386" os.version="4.3.1">
|
|
@@ -238,6 +253,7 @@
|
|
|
238
253
|
<param pos="1" name="os.arch"/>
|
|
239
254
|
<param pos="2" name="os.version"/>
|
|
240
255
|
</fingerprint>
|
|
256
|
+
|
|
241
257
|
<fingerprint pattern="^.*system="BSD/OS"" flags="REG_DOT_NEWLINE,REG_ICASE">
|
|
242
258
|
<description>BSD/OS without a version or arch</description>
|
|
243
259
|
<example>
|
|
@@ -246,6 +262,7 @@
|
|
|
246
262
|
<param pos="0" name="os.vendor" value="Berkeley Software Design Inc."/>
|
|
247
263
|
<param pos="0" name="os.product" value="BSD/OS"/>
|
|
248
264
|
</fingerprint>
|
|
265
|
+
|
|
249
266
|
<fingerprint pattern="^.*version="ntpd ([^ ]+)[^"]+",.*processor="([^"]+)",.*system="Darwin/?11\.([^"]+)"" flags="REG_DOT_NEWLINE,REG_ICASE">
|
|
250
267
|
<description>ntpd running on Mac OSX 10.7/Lion</description>
|
|
251
268
|
<example>
|
|
@@ -264,6 +281,7 @@
|
|
|
264
281
|
<param pos="0" name="os.certainty" value="0.9"/>
|
|
265
282
|
<param pos="0" name="os.cpe23" value="cpe:/o:apple:mac_os_x:10.7"/>
|
|
266
283
|
</fingerprint>
|
|
284
|
+
|
|
267
285
|
<fingerprint pattern="^.*version="ntpd ([^ ]+)[^"]+",.*processor="([^"]+)",.*system="Darwin/?12\.([^"]+)"" flags="REG_DOT_NEWLINE,REG_ICASE">
|
|
268
286
|
<description>ntpd running on Mac OSX 10.8/Mountain Lion</description>
|
|
269
287
|
<example service.version="4.2.6@1.2089-o" os.arch="x86_64" os.version.version="1.0">
|
|
@@ -282,6 +300,7 @@
|
|
|
282
300
|
<param pos="0" name="os.certainty" value="0.9"/>
|
|
283
301
|
<param pos="0" name="os.cpe23" value="cpe:/o:apple:mac_os_x:10.8"/>
|
|
284
302
|
</fingerprint>
|
|
303
|
+
|
|
285
304
|
<fingerprint pattern="^.*version="ntpd ([^ ]+)[^"]+",.*processor="([^"]+)",.*system="Darwin/?13\.([^"]+)"" flags="REG_DOT_NEWLINE,REG_ICASE">
|
|
286
305
|
<description>ntpd running on Mac OSX 10.9/Mavericks</description>
|
|
287
306
|
<example service.version="4.2.6@1.2089-o" os.arch="x86_64" os.version.version="4.0">
|
|
@@ -300,6 +319,7 @@
|
|
|
300
319
|
<param pos="0" name="os.certainty" value="0.9"/>
|
|
301
320
|
<param pos="0" name="os.cpe23" value="cpe:/o:apple:mac_os_x:10.9"/>
|
|
302
321
|
</fingerprint>
|
|
322
|
+
|
|
303
323
|
<fingerprint pattern="^.*version="ntpd ([^ ]+)[^"]+",.*processor="([^"]+)",.*system="Darwin/?14\.([^"]+)"" flags="REG_DOT_NEWLINE,REG_ICASE">
|
|
304
324
|
<description>ntpd running on Mac OSX 10.10/Yosemite</description>
|
|
305
325
|
<example service.version="4.2.6@1.2089-o" os.arch="x86_64" os.version.version="3.0">
|
|
@@ -318,6 +338,7 @@
|
|
|
318
338
|
<param pos="0" name="os.certainty" value="0.9"/>
|
|
319
339
|
<param pos="0" name="os.cpe23" value="cpe:/o:apple:mac_os_x:10.10"/>
|
|
320
340
|
</fingerprint>
|
|
341
|
+
|
|
321
342
|
<fingerprint pattern="^.*version="ntpd ([^ p]+)(:?p[^ "]+)?[^"]+",.*processor="([^ ]+)",.*system="FreeBSD/?(?:[^ ]+-NETSCALER-([^ ]+))"" flags="REG_DOT_NEWLINE,REG_ICASE">
|
|
322
343
|
<description>ntpd running on Citrix Netscaler, which is based on FreeBSD</description>
|
|
323
344
|
<example service.version="4.2.6" service.version.version="p2@1.2194" os.arch="i386" os.version="9.3">
|
|
@@ -332,7 +353,7 @@
|
|
|
332
353
|
<param pos="2" name="service.version.version"/>
|
|
333
354
|
<param pos="0" name="service.vendor" value="NTP"/>
|
|
334
355
|
<param pos="0" name="service.product" value="NTP"/>
|
|
335
|
-
<param pos="0" name="service.cpe23" value="cpe:/a:ntp:ntp:{service.version}
|
|
356
|
+
<param pos="0" name="service.cpe23" value="cpe:/a:ntp:ntp:{service.version}"/>
|
|
336
357
|
<param pos="0" name="os.vendor" value="Citrix"/>
|
|
337
358
|
<param pos="0" name="os.family" value="NetScaler"/>
|
|
338
359
|
<param pos="0" name="os.device" value="Network Management Device"/>
|
|
@@ -340,6 +361,7 @@
|
|
|
340
361
|
<param pos="3" name="os.arch"/>
|
|
341
362
|
<param pos="4" name="os.version"/>
|
|
342
363
|
</fingerprint>
|
|
364
|
+
|
|
343
365
|
<fingerprint pattern="^.*version="ntpd ([^ ]+)[^"]+",.*processor="([^ ]+)",.*system="FreeBSD/?([^ ]+)"" flags="REG_DOT_NEWLINE,REG_ICASE">
|
|
344
366
|
<description>ntpd running on FreeBSD</description>
|
|
345
367
|
<example>
|
|
@@ -356,6 +378,7 @@
|
|
|
356
378
|
<param pos="3" name="os.version"/>
|
|
357
379
|
<param pos="0" name="os.cpe23" value="cpe:/o:freebsd:freebsd:{os.version}"/>
|
|
358
380
|
</fingerprint>
|
|
381
|
+
|
|
359
382
|
<fingerprint pattern="^.*processor="([^ ]+)",.*system="FreeBSD/?([^ ]+)"" flags="REG_DOT_NEWLINE,REG_ICASE">
|
|
360
383
|
<description>ntp without a version on FreeBSD</description>
|
|
361
384
|
<example os.arch="i386" os.version="4.1-RELEASE">
|
|
@@ -371,6 +394,7 @@
|
|
|
371
394
|
<param pos="2" name="os.version"/>
|
|
372
395
|
<param pos="0" name="os.cpe23" value="cpe:/o:freebsd:freebsd:{os.version}"/>
|
|
373
396
|
</fingerprint>
|
|
397
|
+
|
|
374
398
|
<fingerprint pattern="^.*version="ntpd ([^ ]+)[^"]+",.*processor="([^ ]+)",.*system="NetBSD/?([^ ]+)"" flags="REG_DOT_NEWLINE,REG_ICASE">
|
|
375
399
|
<description>ntpd running on NetBSD</description>
|
|
376
400
|
<example>
|
|
@@ -387,6 +411,7 @@
|
|
|
387
411
|
<param pos="3" name="os.version"/>
|
|
388
412
|
<param pos="0" name="os.cpe23" value="cpe:/o:netbsd:netbsd:{os.version}"/>
|
|
389
413
|
</fingerprint>
|
|
414
|
+
|
|
390
415
|
<fingerprint pattern="^.*processor="([^ ]+)",.*system="NetBSD/?([^ ]+)"" flags="REG_DOT_NEWLINE,REG_ICASE">
|
|
391
416
|
<description>ntpd running on NetBSD - variant 2</description>
|
|
392
417
|
<example os.arch="i386" os.version="1.5.3">
|
|
@@ -429,6 +454,7 @@
|
|
|
429
454
|
<param pos="2" name="os.version"/>
|
|
430
455
|
<param pos="0" name="os.cpe23" value="cpe:/o:netbsd:netbsd:{os.version}"/>
|
|
431
456
|
</fingerprint>
|
|
457
|
+
|
|
432
458
|
<fingerprint pattern="^.*system="NetWare"" flags="REG_DOT_NEWLINE,REG_ICASE">
|
|
433
459
|
<description>NetWare</description>
|
|
434
460
|
<example>
|
|
@@ -439,6 +465,7 @@
|
|
|
439
465
|
<param pos="0" name="os.product" value="NetWare"/>
|
|
440
466
|
<param pos="0" name="os.cpe23" value="cpe:/o:novell:netware:-"/>
|
|
441
467
|
</fingerprint>
|
|
468
|
+
|
|
442
469
|
<fingerprint pattern="^.*version="ntpd ([^ ]+)[^"]+",.*processor="([^ ]+)",.*system="SunOS/?5.0"" flags="REG_DOT_NEWLINE,REG_ICASE">
|
|
443
470
|
<description>ntpd running on Solaris 2.0 (SunOS/5.0) </description>
|
|
444
471
|
<example service.version="4.2.0@1.1161-r" os.arch="sun4u">
|
|
@@ -459,6 +486,7 @@
|
|
|
459
486
|
<param pos="2" name="os.arch"/>
|
|
460
487
|
<param pos="0" name="os.cpe23" value="cpe:/o:sun:solaris:2.0"/>
|
|
461
488
|
</fingerprint>
|
|
489
|
+
|
|
462
490
|
<fingerprint pattern="^.*version="ntpd ([^ ]+)[^"]+",.*processor="([^ ]+)",.*system="SunOS/?5.1"" flags="REG_DOT_NEWLINE,REG_ICASE">
|
|
463
491
|
<description> ntpd running on Solaris 2.1 (SunOS/5.1) </description>
|
|
464
492
|
<example service.version="4.2.0@1.1161-r" os.arch="sun4u">
|
|
@@ -479,6 +507,7 @@
|
|
|
479
507
|
<param pos="2" name="os.arch"/>
|
|
480
508
|
<param pos="0" name="os.cpe23" value="cpe:/o:sun:solaris:2.1"/>
|
|
481
509
|
</fingerprint>
|
|
510
|
+
|
|
482
511
|
<fingerprint pattern="^.*version="ntpd ([^ ]+)[^"]+",.*processor="([^ ]+)",.*system="SunOS/?5.2"" flags="REG_DOT_NEWLINE,REG_ICASE">
|
|
483
512
|
<description> ntpd running on Solaris 2.2 (SunOS/5.2) </description>
|
|
484
513
|
<example service.version="4.2.0@1.1161-r" os.arch="sun4u">
|
|
@@ -499,6 +528,7 @@
|
|
|
499
528
|
<param pos="2" name="os.arch"/>
|
|
500
529
|
<param pos="0" name="os.cpe23" value="cpe:/o:sun:solaris:2.2"/>
|
|
501
530
|
</fingerprint>
|
|
531
|
+
|
|
502
532
|
<fingerprint pattern="^.*version="ntpd ([^ ]+)[^"]+",.*processor="([^ ]+)",.*system="SunOS/?5.3"" flags="REG_DOT_NEWLINE,REG_ICASE">
|
|
503
533
|
<description> ntpd running on Solaris 2.3 (SunOS/5.3) </description>
|
|
504
534
|
<example service.version="4.2.0@1.1161-r" os.arch="sun4u">
|
|
@@ -519,6 +549,7 @@
|
|
|
519
549
|
<param pos="2" name="os.arch"/>
|
|
520
550
|
<param pos="0" name="os.cpe23" value="cpe:/o:sun:solaris:2.3"/>
|
|
521
551
|
</fingerprint>
|
|
552
|
+
|
|
522
553
|
<fingerprint pattern="^.*version="ntpd ([^ ]+)[^"]+",.*processor="([^ ]+)",.*system="SunOS/?5.4"" flags="REG_DOT_NEWLINE,REG_ICASE">
|
|
523
554
|
<description>ntpd running on Solaris 2.4 (SunOS/5.4) </description>
|
|
524
555
|
<example service.version="4.2.0@1.1161-r" os.arch="sun4u">
|
|
@@ -539,6 +570,7 @@
|
|
|
539
570
|
<param pos="2" name="os.arch"/>
|
|
540
571
|
<param pos="0" name="os.cpe23" value="cpe:/o:sun:solaris:2.4"/>
|
|
541
572
|
</fingerprint>
|
|
573
|
+
|
|
542
574
|
<fingerprint pattern="^.*version="ntpd ([^ ]+)[^"]+",.*processor="([^ ]+)",.*system="SunOS/?5.5"" flags="REG_DOT_NEWLINE,REG_ICASE">
|
|
543
575
|
<description>ntpd running on Solaris 2.5 (SunOS/5.5) </description>
|
|
544
576
|
<example service.version="4.2.0@1.1161-r" os.arch="sun4u">
|
|
@@ -559,6 +591,7 @@
|
|
|
559
591
|
<param pos="2" name="os.arch"/>
|
|
560
592
|
<param pos="0" name="os.cpe23" value="cpe:/o:sun:solaris:2.5"/>
|
|
561
593
|
</fingerprint>
|
|
594
|
+
|
|
562
595
|
<fingerprint pattern="^.*version="ntpd ([^ ]+)[^"]+",.*processor="([^ ]+)",.*system="SunOS/?5.6"" flags="REG_DOT_NEWLINE,REG_ICASE">
|
|
563
596
|
<description>ntpd running on Solaris 2.6 (SunOS/5.6) </description>
|
|
564
597
|
<example service.version="4.2.0@1.1161-r" os.arch="sun4u">
|
|
@@ -579,6 +612,7 @@
|
|
|
579
612
|
<param pos="2" name="os.arch"/>
|
|
580
613
|
<param pos="0" name="os.cpe23" value="cpe:/o:sun:solaris:2.6"/>
|
|
581
614
|
</fingerprint>
|
|
615
|
+
|
|
582
616
|
<fingerprint pattern="^.*version="ntpd ([^ ]+)[^"]+",.*processor="([^ ]+)",.*system="SunOS/?5.(1[1-9])"" flags="REG_DOT_NEWLINE,REG_ICASE">
|
|
583
617
|
<description>ntpd running on Solaris 11 or above (SunOS/5.11 and above) </description>
|
|
584
618
|
<example service.version="4.2.0@1.1161-r" os.arch="sun4u" os.version="11">
|
|
@@ -599,6 +633,7 @@
|
|
|
599
633
|
<param pos="3" name="os.version"/>
|
|
600
634
|
<param pos="0" name="os.cpe23" value="cpe:/o:oracle:solaris:{os.version}"/>
|
|
601
635
|
</fingerprint>
|
|
636
|
+
|
|
602
637
|
<fingerprint pattern="^.*version="ntpd ([^ ]+)[^"]+",.*processor="([^ ]+)",.*system="SunOS/?5.([789]|10)"" flags="REG_DOT_NEWLINE,REG_ICASE">
|
|
603
638
|
<description>ntpd running on Solaris 7-Solaris 10 (SunOS/5.7 - SunOS/5.10) </description>
|
|
604
639
|
<example service.version="4.2.0@1.1161-r" os.arch="sun4u" os.version="7">
|
|
@@ -627,6 +662,7 @@
|
|
|
627
662
|
<param pos="3" name="os.version"/>
|
|
628
663
|
<param pos="0" name="os.cpe23" value="cpe:/o:sun:solaris:{os.version}"/>
|
|
629
664
|
</fingerprint>
|
|
665
|
+
|
|
630
666
|
<fingerprint pattern="^.*processor="([^ ]+)",.*system="SunOS/?5.0"" flags="REG_DOT_NEWLINE,REG_ICASE">
|
|
631
667
|
<description>Solaris 2.0 (SunOS/5.0) with no ntp version</description>
|
|
632
668
|
<example os.arch="sun4m">
|
|
@@ -642,6 +678,7 @@
|
|
|
642
678
|
<param pos="1" name="os.arch"/>
|
|
643
679
|
<param pos="0" name="os.cpe23" value="cpe:/o:sun:solaris:2.0"/>
|
|
644
680
|
</fingerprint>
|
|
681
|
+
|
|
645
682
|
<fingerprint pattern="^.*processor="([^ ]+)",.*system="SunOS/?5.1"" flags="REG_DOT_NEWLINE,REG_ICASE">
|
|
646
683
|
<description>Solaris 2.1 (SunOS/5.1) with no ntp version</description>
|
|
647
684
|
<example os.arch="sun4m">
|
|
@@ -657,6 +694,7 @@
|
|
|
657
694
|
<param pos="1" name="os.arch"/>
|
|
658
695
|
<param pos="0" name="os.cpe23" value="cpe:/o:sun:solaris:2.1"/>
|
|
659
696
|
</fingerprint>
|
|
697
|
+
|
|
660
698
|
<fingerprint pattern="^.*processor="([^ ]+)",.*system="SunOS/?5.2"" flags="REG_DOT_NEWLINE,REG_ICASE">
|
|
661
699
|
<description>Solaris 2.2 (SunOS/5.2) with no ntp version</description>
|
|
662
700
|
<example os.arch="sun4m">
|
|
@@ -672,6 +710,7 @@
|
|
|
672
710
|
<param pos="1" name="os.arch"/>
|
|
673
711
|
<param pos="0" name="os.cpe23" value="cpe:/o:sun:solaris:2.2"/>
|
|
674
712
|
</fingerprint>
|
|
713
|
+
|
|
675
714
|
<fingerprint pattern="^.*processor="([^ ]+)",.*system="SunOS/?5.3"" flags="REG_DOT_NEWLINE,REG_ICASE">
|
|
676
715
|
<description>Solaris 2.3 (SunOS/5.3) with no ntp version</description>
|
|
677
716
|
<example os.arch="sun4m">
|
|
@@ -687,6 +726,7 @@
|
|
|
687
726
|
<param pos="1" name="os.arch"/>
|
|
688
727
|
<param pos="0" name="os.cpe23" value="cpe:/o:sun:solaris:2.3"/>
|
|
689
728
|
</fingerprint>
|
|
729
|
+
|
|
690
730
|
<fingerprint pattern="^.*processor="([^ ]+)",.*system="SunOS/?5.4"" flags="REG_DOT_NEWLINE,REG_ICASE">
|
|
691
731
|
<description>Solaris 2.4 (SunOS/5.4) with no ntp version</description>
|
|
692
732
|
<example os.arch="sun4m">
|
|
@@ -702,6 +742,7 @@
|
|
|
702
742
|
<param pos="1" name="os.arch"/>
|
|
703
743
|
<param pos="0" name="os.cpe23" value="cpe:/o:sun:solaris:2.4"/>
|
|
704
744
|
</fingerprint>
|
|
745
|
+
|
|
705
746
|
<fingerprint pattern="^.*processor="([^ ]+)",.*system="SunOS/?5.5"" flags="REG_DOT_NEWLINE,REG_ICASE">
|
|
706
747
|
<description>Solaris 2.5 (SunOS/5.5) with no ntp version</description>
|
|
707
748
|
<example os.arch="sun4m">
|
|
@@ -717,6 +758,7 @@
|
|
|
717
758
|
<param pos="1" name="os.arch"/>
|
|
718
759
|
<param pos="0" name="os.cpe23" value="cpe:/o:sun:solaris:2.5"/>
|
|
719
760
|
</fingerprint>
|
|
761
|
+
|
|
720
762
|
<fingerprint pattern="^.*processor="([^ ]+)",.*system="SunOS/?5.6"" flags="REG_DOT_NEWLINE,REG_ICASE">
|
|
721
763
|
<description>Solaris 2.6 (SunOS/5.6) with no ntp version</description>
|
|
722
764
|
<example os.arch="sun4m">
|
|
@@ -732,6 +774,7 @@
|
|
|
732
774
|
<param pos="1" name="os.arch"/>
|
|
733
775
|
<param pos="0" name="os.cpe23" value="cpe:/o:sun:solaris:2.6"/>
|
|
734
776
|
</fingerprint>
|
|
777
|
+
|
|
735
778
|
<fingerprint pattern="^.*processor="([^ ]+)",.*system="SunOS/?5.([789]|10)"" flags="REG_DOT_NEWLINE,REG_ICASE">
|
|
736
779
|
<description>Solaris 7-10 (SunOS/5.7 - SunOS/5.10) with no ntp version</description>
|
|
737
780
|
<example os.arch="sun4m" os.version="7">
|
|
@@ -753,6 +796,7 @@
|
|
|
753
796
|
<param pos="2" name="os.version"/>
|
|
754
797
|
<param pos="0" name="os.cpe23" value="cpe:/o:sun:solaris:{os.version}"/>
|
|
755
798
|
</fingerprint>
|
|
799
|
+
|
|
756
800
|
<fingerprint pattern="^.*processor="([^ ]+)",.*system="SunOS/?5.(1[1-9])"" flags="REG_DOT_NEWLINE,REG_ICASE">
|
|
757
801
|
<description>Solaris 11 and up with no ntp version</description>
|
|
758
802
|
<example os.arch="sun4m" os.version="11">
|
|
@@ -768,6 +812,7 @@
|
|
|
768
812
|
<param pos="2" name="os.version"/>
|
|
769
813
|
<param pos="0" name="os.cpe23" value="cpe:/o:oracle:solaris:{os.version}"/>
|
|
770
814
|
</fingerprint>
|
|
815
|
+
|
|
771
816
|
<fingerprint pattern="^.*system="UNIX/SunOS ([^ ]+)"" flags="REG_DOT_NEWLINE,REG_ICASE">
|
|
772
817
|
<description>SunOS with no ntp version</description>
|
|
773
818
|
<example>
|
|
@@ -779,6 +824,7 @@
|
|
|
779
824
|
<param pos="1" name="os.version"/>
|
|
780
825
|
<param pos="0" name="os.cpe23" value="cpe:/o:sun:solaris:{os.version}"/>
|
|
781
826
|
</fingerprint>
|
|
827
|
+
|
|
782
828
|
<fingerprint pattern="^.*version="ntpd ([^ ]+)[^"]+",.*processor="([^ ]+)",.*system="JUNOS/?([^ ]+)"" flags="REG_DOT_NEWLINE,REG_ICASE">
|
|
783
829
|
<description>ntpd running on Juniper/Netscreen JunOS</description>
|
|
784
830
|
<example>
|
|
@@ -795,6 +841,7 @@
|
|
|
795
841
|
<param pos="3" name="os.version"/>
|
|
796
842
|
<param pos="0" name="os.cpe23" value="cpe:/o:juniper:junos:{os.version}"/>
|
|
797
843
|
</fingerprint>
|
|
844
|
+
|
|
798
845
|
<fingerprint pattern="processor="([^ ]+)",.*system="JUNOS/?([^ ]+)"" flags="REG_DOT_NEWLINE,REG_ICASE">
|
|
799
846
|
<description>Juniper/Netscreen JunOS NTP without a version</description>
|
|
800
847
|
<example os.arch="i386" os.version="7.0R2.7">processor="i386", system="JUNOS7.0R2.7", leap=0, stratum=3</example>
|
|
@@ -807,6 +854,7 @@
|
|
|
807
854
|
<param pos="2" name="os.version"/>
|
|
808
855
|
<param pos="0" name="os.cpe23" value="cpe:/o:juniper:junos:{os.version}"/>
|
|
809
856
|
</fingerprint>
|
|
857
|
+
|
|
810
858
|
<fingerprint pattern="^.*version="ntpd ([^ ]+)[^"]+",.*processor="([^ ]+)",.*system="Windows/?([^ ]+)?"" flags="REG_DOT_NEWLINE,REG_ICASE">
|
|
811
859
|
<description>ntpd running on Windows</description>
|
|
812
860
|
<example>
|
|
@@ -827,6 +875,7 @@
|
|
|
827
875
|
<param pos="3" name="os.version"/>
|
|
828
876
|
<param pos="0" name="os.cpe23" value="cpe:/o:microsoft:windows:{os.version}"/>
|
|
829
877
|
</fingerprint>
|
|
878
|
+
|
|
830
879
|
<fingerprint pattern="^.*version="ntpd ([^ ]+)[^"]+",.*processor="([^ ]+)",.*system="HP-UX/?([^ ]+)?"" flags="REG_DOT_NEWLINE,REG_ICASE">
|
|
831
880
|
<description>ntpd running on HP-UX</description>
|
|
832
881
|
<example>
|
|
@@ -843,6 +892,7 @@
|
|
|
843
892
|
<param pos="3" name="os.version"/>
|
|
844
893
|
<param pos="0" name="os.cpe23" value="cpe:/o:hp:hp-ux:{os.version}"/>
|
|
845
894
|
</fingerprint>
|
|
895
|
+
|
|
846
896
|
<fingerprint pattern="^.*version="ntpd ([^ ]+)[^"]+",.*processor=,.*system="HP-UX/"" flags="REG_DOT_NEWLINE,REG_ICASE">
|
|
847
897
|
<description>ntpd running on HP-UX with an empty processor</description>
|
|
848
898
|
<example service.version="4.2.6">
|
|
@@ -857,6 +907,7 @@
|
|
|
857
907
|
<param pos="0" name="os.product" value="HP-UX"/>
|
|
858
908
|
<param pos="0" name="os.cpe23" value="cpe:/o:hp:hp-ux:-"/>
|
|
859
909
|
</fingerprint>
|
|
910
|
+
|
|
860
911
|
<fingerprint pattern="^.*version="ntpd ([^ ]+)[^"]+",.*processor="[^ ]+",.*system="([^ ]+)-hp-hpux([^ ]+)"" flags="REG_DOT_NEWLINE,REG_ICASE">
|
|
861
912
|
<description>ntpd running on HP-UX, where the processor is in the 'system' variable</description>
|
|
862
913
|
<example>
|
|
@@ -873,6 +924,7 @@
|
|
|
873
924
|
<param pos="3" name="os.version"/>
|
|
874
925
|
<param pos="0" name="os.cpe23" value="cpe:/o:hp:hp-ux:{os.version}"/>
|
|
875
926
|
</fingerprint>
|
|
927
|
+
|
|
876
928
|
<fingerprint pattern="^.*version="ntpd ([^ ]+)[^"]+",.*processor="([^ ]+)",.*system="VMkernel/?([^ ]+)?"" flags="REG_DOT_NEWLINE,REG_ICASE">
|
|
877
929
|
<description>ntpd running on VMware ESXi</description>
|
|
878
930
|
<example>
|
|
@@ -889,6 +941,7 @@
|
|
|
889
941
|
<param pos="3" name="os.version"/>
|
|
890
942
|
<param pos="0" name="os.cpe23" value="cpe:/o:vmware:esxi:{os.version}"/>
|
|
891
943
|
</fingerprint>
|
|
944
|
+
|
|
892
945
|
<fingerprint pattern=".*processor="([^ ]+)",.*system="OSF1[/V]?([^ ]+)"" flags="REG_DOT_NEWLINE,REG_ICASE">
|
|
893
946
|
<description>ntpd running on OSF/1</description>
|
|
894
947
|
<example os.arch="alpha" os.version="4.0">
|
|
@@ -901,6 +954,7 @@
|
|
|
901
954
|
<param pos="2" name="os.version"/>
|
|
902
955
|
<param pos="1" name="os.arch"/>
|
|
903
956
|
</fingerprint>
|
|
957
|
+
|
|
904
958
|
<fingerprint pattern=".*system="UNIX/DECOSF1"" flags="REG_DOT_NEWLINE,REG_ICASE">
|
|
905
959
|
<description>DEC OSF/1</description>
|
|
906
960
|
<example>
|
|
@@ -909,6 +963,7 @@
|
|
|
909
963
|
<param pos="0" name="os.vendor" value="DEC"/>
|
|
910
964
|
<param pos="0" name="os.product" value="OSF/1"/>
|
|
911
965
|
</fingerprint>
|
|
966
|
+
|
|
912
967
|
<fingerprint pattern="^.*system="Linux"" flags="REG_DOT_NEWLINE,REG_ICASE">
|
|
913
968
|
<description>Linux with NTP enabled, no processor/version</description>
|
|
914
969
|
<example>
|
|
@@ -921,6 +976,7 @@
|
|
|
921
976
|
<param pos="0" name="service.family" value="NTP"/>
|
|
922
977
|
<param pos="0" name="service.product" value="NTP"/>
|
|
923
978
|
</fingerprint>
|
|
979
|
+
|
|
924
980
|
<fingerprint pattern="^.*system="UNIX/AIX"" flags="REG_DOT_NEWLINE,REG_ICASE">
|
|
925
981
|
<description>AIX with NTP enabled, no processor/version</description>
|
|
926
982
|
<example>
|
|
@@ -934,6 +990,7 @@
|
|
|
934
990
|
<param pos="0" name="service.product" value="NTP"/>
|
|
935
991
|
<param pos="0" name="service.vendor" value="IBM"/>
|
|
936
992
|
</fingerprint>
|
|
993
|
+
|
|
937
994
|
<fingerprint pattern="^.*system="SunOS"" flags="REG_DOT_NEWLINE,REG_ICASE">
|
|
938
995
|
<description>Solaris with NTP enabled, no processor/version</description>
|
|
939
996
|
<example>
|
|
@@ -947,6 +1004,7 @@
|
|
|
947
1004
|
<param pos="0" name="service.product" value="NTP"/>
|
|
948
1005
|
<param pos="0" name="service.vendor" value="Sun"/>
|
|
949
1006
|
</fingerprint>
|
|
1007
|
+
|
|
950
1008
|
<fingerprint pattern="^.*system="cisco"" flags="REG_DOT_NEWLINE,REG_ICASE">
|
|
951
1009
|
<description>Cisco IOS with NTP enabled</description>
|
|
952
1010
|
<example>
|
|
@@ -960,6 +1018,7 @@
|
|
|
960
1018
|
<param pos="0" name="service.product" value="NTP"/>
|
|
961
1019
|
<param pos="0" name="service.vendor" value="Cisco"/>
|
|
962
1020
|
</fingerprint>
|
|
1021
|
+
|
|
963
1022
|
<fingerprint pattern="^.*system="Data ONTAP/+(\S+)".*$" flags="REG_DOT_NEWLINE,REG_ICASE">
|
|
964
1023
|
<description>NetApp file servers</description>
|
|
965
1024
|
<example>
|
|
@@ -972,6 +1031,7 @@
|
|
|
972
1031
|
<param pos="1" name="os.version"/>
|
|
973
1032
|
<param pos="0" name="os.cpe23" value="cpe:/o:netapp:data_ontap:{os.version}"/>
|
|
974
1033
|
</fingerprint>
|
|
1034
|
+
|
|
975
1035
|
<fingerprint pattern="system="UNIX/HPUX"" flags="REG_ICASE">
|
|
976
1036
|
<description>Generic HPUX</description>
|
|
977
1037
|
<example>
|
|
@@ -985,6 +1045,7 @@
|
|
|
985
1045
|
<param pos="0" name="os.product" value="HP-UX"/>
|
|
986
1046
|
<param pos="0" name="os.cpe23" value="cpe:/o:hp:hp-ux:-"/>
|
|
987
1047
|
</fingerprint>
|
|
1048
|
+
|
|
988
1049
|
<fingerprint pattern="system="UNIX"" flags="REG_ICASE">
|
|
989
1050
|
<description>Generic UNIX</description>
|
|
990
1051
|
<example>
|
|
@@ -994,6 +1055,7 @@
|
|
|
994
1055
|
<param pos="0" name="os.product" value="UNIX"/>
|
|
995
1056
|
<param pos="0" name="os.certainty" value="0.5"/>
|
|
996
1057
|
</fingerprint>
|
|
1058
|
+
|
|
997
1059
|
<fingerprint pattern="system="VxWorks(?:/TORNADO)?"" flags="REG_ICASE">
|
|
998
1060
|
<description>Generic VxWorks</description>
|
|
999
1061
|
<example>
|
|
@@ -1009,6 +1071,7 @@
|
|
|
1009
1071
|
<param pos="0" name="os.product" value="VxWorks"/>
|
|
1010
1072
|
<param pos="0" name="os.cpe23" value="cpe:/o:windriver:vxworks:-"/>
|
|
1011
1073
|
</fingerprint>
|
|
1074
|
+
|
|
1012
1075
|
<fingerprint pattern="system="arm-wrs-vxworks"" flags="REG_ICASE">
|
|
1013
1076
|
<description>VxWorks ARM, cross-compiled on Linux</description>
|
|
1014
1077
|
<example>
|
|
@@ -1019,6 +1082,7 @@
|
|
|
1019
1082
|
<param pos="0" name="os.arch" value="ARM"/>
|
|
1020
1083
|
<param pos="0" name="os.cpe23" value="cpe:/o:windriver:vxworks:-"/>
|
|
1021
1084
|
</fingerprint>
|
|
1085
|
+
|
|
1022
1086
|
<fingerprint pattern="system="i386-wrs-vxworks"" flags="REG_ICASE">
|
|
1023
1087
|
<description>VxWorks x86, cross-compiled on Linux</description>
|
|
1024
1088
|
<example>
|
|
@@ -1029,6 +1093,7 @@
|
|
|
1029
1093
|
<param pos="0" name="os.arch" value="x86"/>
|
|
1030
1094
|
<param pos="0" name="os.cpe23" value="cpe:/o:windriver:vxworks:-"/>
|
|
1031
1095
|
</fingerprint>
|
|
1096
|
+
|
|
1032
1097
|
<fingerprint pattern="system="UNIX/Unixware([^ ]+)"" flags="REG_ICASE">
|
|
1033
1098
|
<description>SCO Unixware NTP</description>
|
|
1034
1099
|
<example>
|
|
@@ -1041,6 +1106,7 @@
|
|
|
1041
1106
|
<param pos="0" name="os.vendor" value="SCO"/>
|
|
1042
1107
|
<param pos="1" name="os.product"/>
|
|
1043
1108
|
</fingerprint>
|
|
1109
|
+
|
|
1044
1110
|
<fingerprint pattern="^.*processor="([^"]+)", system="SCO_SV([\d\.]+)"" flags="REG_DOT_NEWLINE,REG_ICASE">
|
|
1045
1111
|
<description>SCO Unixware NTP - SCO_SV variant</description>
|
|
1046
1112
|
<example os.version="3.2" os.arch="i386">
|
|
@@ -1051,6 +1117,7 @@
|
|
|
1051
1117
|
<param pos="1" name="os.arch"/>
|
|
1052
1118
|
<param pos="2" name="os.version"/>
|
|
1053
1119
|
</fingerprint>
|
|
1120
|
+
|
|
1054
1121
|
<fingerprint pattern="^.*version="ntpd ([^ ]+)[^"]+",.*\s*processor="([^ ]+)",.*system="SecureOS/([^ ]+)"" flags="REG_DOT_NEWLINE,REG_ICASE">
|
|
1055
1122
|
<description>McAfee Network Firewall Enterprise NTP (SecureOS)</description>
|
|
1056
1123
|
<example>
|
|
@@ -1077,6 +1144,7 @@
|
|
|
1077
1144
|
<param pos="2" name="os.arch"/>
|
|
1078
1145
|
<param pos="3" name="os.version"/>
|
|
1079
1146
|
</fingerprint>
|
|
1147
|
+
|
|
1080
1148
|
<fingerprint pattern="^.*processor="([^ ]+)".*system="Linux([^ ]+)"" flags="REG_DOT_NEWLINE,REG_ICASE">
|
|
1081
1149
|
<description>ntpd running on linux</description>
|
|
1082
1150
|
<example>
|
|
@@ -1103,6 +1171,7 @@
|
|
|
1103
1171
|
<param pos="2" name="os.version"/>
|
|
1104
1172
|
<param pos="0" name="os.cpe23" value="cpe:/o:linux:linux_kernel:{os.version}"/>
|
|
1105
1173
|
</fingerprint>
|
|
1174
|
+
|
|
1106
1175
|
<fingerprint pattern=".*version="ntpd (\S+)[^"]+",.*\s*processor="([^ ]+)".*system="Isilon OneFS/v([^ ]+)"" flags="REG_DOT_NEWLINE,REG_ICASE">
|
|
1107
1176
|
<description>Isilon OneFS NTP Server</description>
|
|
1108
1177
|
<example>
|
|
@@ -1121,6 +1190,7 @@
|
|
|
1121
1190
|
<param pos="2" name="os.arch"/>
|
|
1122
1191
|
<param pos="3" name="os.version"/>
|
|
1123
1192
|
</fingerprint>
|
|
1193
|
+
|
|
1124
1194
|
<fingerprint pattern="system="IPSO"" flags="REG_DOT_NEWLINE,REG_ICASE">
|
|
1125
1195
|
<description>Nokia IPSO NTP</description>
|
|
1126
1196
|
<example>
|
|
@@ -1141,6 +1211,7 @@
|
|
|
1141
1211
|
<param pos="0" name="os.device" value="Firewall"/>
|
|
1142
1212
|
<param pos="0" name="os.cpe23" value="cpe:/o:nokia:ipso:-"/>
|
|
1143
1213
|
</fingerprint>
|
|
1214
|
+
|
|
1144
1215
|
<fingerprint pattern="system="UNIX/Solaris\s[^ ]+"" flags="REG_DOT_NEWLINE,REG_ICASE">
|
|
1145
1216
|
<description>Sun Solaris NTP</description>
|
|
1146
1217
|
<example>
|
|
@@ -1163,6 +1234,7 @@
|
|
|
1163
1234
|
<param pos="0" name="service.product" value="NTP"/>
|
|
1164
1235
|
<param pos="0" name="service.vendor" value="Sun"/>
|
|
1165
1236
|
</fingerprint>
|
|
1237
|
+
|
|
1166
1238
|
<fingerprint pattern="version="ntpd version = ([^ ]+)",\s*processor="([A-Z0-9]+)",\s*system="OpenVMS/V([A-Z0-9.-]+)" flags="REG_DOT_NEWLINE,REG_ICASE">
|
|
1167
1239
|
<description>OpenVMS NTP Server</description>
|
|
1168
1240
|
<example service.version="4.2.0" os.arch="PHMNFP" os.version="8.3">
|
|
@@ -1189,6 +1261,7 @@
|
|
|
1189
1261
|
<param pos="3" name="os.version"/>
|
|
1190
1262
|
<param pos="0" name="os.cpe23" value="cpe:/o:hp:openvms:{os.version}"/>
|
|
1191
1263
|
</fingerprint>
|
|
1264
|
+
|
|
1192
1265
|
<fingerprint pattern="version="ntpd version = ([^ ]+)",\s*processor="unknown",\s*system="OpenVMS AXP"" flags="REG_DOT_NEWLINE,REG_ICASE">
|
|
1193
1266
|
<description>OpenVMS AXP (Alpha) NTP Server</description>
|
|
1194
1267
|
<example service.version="4.1.0" os.arch="Alpha">
|
|
@@ -1201,6 +1274,7 @@
|
|
|
1201
1274
|
<param pos="0" name="os.product" value="OpenVMS"/>
|
|
1202
1275
|
<param pos="0" name="os.arch" value="Alpha"/>
|
|
1203
1276
|
</fingerprint>
|
|
1277
|
+
|
|
1204
1278
|
<fingerprint pattern=".*version="ntpd ([^ ]+)[^"]+",\s*processor="([^ ]+)",\s*system="BIG-IPBIG-IP\s+([^"]+)"" flags="REG_DOT_NEWLINE,REG_ICASE">
|
|
1205
1279
|
<description>F5 Big-IP Load Balancers NTP</description>
|
|
1206
1280
|
<example service.version="4.1.1a@1.791" os.arch="i386" os.version="4.5PTF-0">
|
|
@@ -1219,6 +1293,7 @@
|
|
|
1219
1293
|
<param pos="2" name="os.arch"/>
|
|
1220
1294
|
<param pos="3" name="os.version"/>
|
|
1221
1295
|
</fingerprint>
|
|
1296
|
+
|
|
1222
1297
|
<fingerprint pattern=".*version="ntpd ([^ ]+)[^"]+",\s*processor,\s*system="/"" flags="REG_DOT_NEWLINE,REG_ICASE">
|
|
1223
1298
|
<description>NTP on an unknown system</description>
|
|
1224
1299
|
<example service.version="4.2.6p2-RC4@1.2180-o">
|
|
@@ -1228,4 +1303,5 @@
|
|
|
1228
1303
|
<param pos="0" name="service.product" value="NTP"/>
|
|
1229
1304
|
<param pos="1" name="service.version"/>
|
|
1230
1305
|
</fingerprint>
|
|
1231
|
-
|
|
1306
|
+
|
|
1307
|
+
</fingerprints>
|