RubyGems - recog - Versions diffs - 2.0.13 → 2.0.14 - Mend

recog 2.0.13 → 2.0.14

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (52) hide show

checksums.yaml +4 -4
data/CONTRIBUTING.md +19 -6
data/features/{xml → data}/failing_banners_fingerprints.xml +0 -0
data/features/{xml → data}/matching_banners_fingerprints.xml +0 -0
data/features/{xml → data}/no_tests.xml +0 -0
data/features/{xml/banners.xml → data/sample_banner.txt} +0 -0
data/features/{xml → data}/successful_tests.xml +0 -0
data/features/{xml → data}/tests_with_failures.xml +0 -0
data/features/{xml → data}/tests_with_warnings.xml +0 -0
data/features/match.feature +2 -2
data/features/support/env.rb +1 -1
data/lib/recog/version.rb +1 -1
data/misc/order.xsl +17 -0
data/spec/lib/fingerprint_self_test_spec.rb +8 -0
data/xml/apache_os.xml +270 -334
data/xml/architecture.xml +28 -41
data/xml/fingerprints.xsd +37 -0
data/xml/ftp_banners.xml +52 -58
data/xml/h323_callresp.xml +597 -695
data/xml/hp_pjl_id.xml +370 -409
data/xml/http_cookies.xml +304 -348
data/xml/http_servers.xml +3202 -3483
data/xml/http_wwwauth.xml +342 -409
data/xml/imap_banners.xml +149 -190
data/xml/mdns_device-info_txt.xml +97 -111
data/xml/mdns_workstation_txt.xml +6 -6
data/xml/mysql_banners.xml +99 -198
data/xml/mysql_error.xml +4 -11
data/xml/nntp_banners.xml +42 -45
data/xml/ntp_banners.xml +2 -3
data/xml/pop_banners.xml +214 -247
data/xml/rsh_resp.xml +68 -76
data/xml/sip_banners.xml +19 -19
data/xml/sip_user_agents.xml +63 -74
data/xml/smb_native_os.xml +387 -433
data/xml/smtp_banners.xml +1318 -1460
data/xml/smtp_debug.xml +24 -27
data/xml/smtp_ehlo.xml +19 -22
data/xml/smtp_expn.xml +61 -70
data/xml/smtp_help.xml +139 -160
data/xml/smtp_mailfrom.xml +14 -16
data/xml/smtp_noop.xml +28 -31
data/xml/smtp_quit.xml +16 -18
data/xml/smtp_rcptto.xml +8 -10
data/xml/smtp_rset.xml +12 -13
data/xml/smtp_turn.xml +12 -13
data/xml/smtp_vrfy.xml +66 -76
data/xml/snmp_sysdescr.xml +7257 -8016
data/xml/snmp_sysobjid.xml +392 -434
data/xml/ssh_banners.xml +783 -867
data/xml/upnp_banners.xml +594 -628
metadata +11 -9

checksums.yaml CHANGED

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: 550cc41ba69213d60ced6ead986dc8c38d3129da
-  data.tar.gz: 317c61c92e185f982f0066ddafcd811a0b644224
+  metadata.gz: 2d08dc173999e1694bdc5f102a28be119f4e8866
+  data.tar.gz: 46283f711629cc12bb944b02cfe6ce1bbfc1f5d5
 SHA512:
-  metadata.gz: a6c71d5f88b88e952613346681a0f5834d0a47469df0e53420a114102626c52edb5eeb392a4fa8fb866b3c63de7f361a680e4e9a521e257948bb500f7a8f81af
-  data.tar.gz: 5db712820756886fd6bc2c1d550d5a82672d2291ae4237e3985a104b363c552d7d59fdf96028a11bc179a45ff0ad734cc64ec5b4058939cd0c12b0cc14707169
+  metadata.gz: 44b5b348c47caefd5998d36fa2439e64b05ae679daba22a58014d484b1a55baa0348b301ecbe3ccfeea337ca5fd2afb35b94580ebefa0f2161284f69d22c4c76
+  data.tar.gz: ab0237e095304a36ae8b72f1afbbb9abb6e2fd4423af1d8e071546c178eb3e547355c70b8f9ea4ec78a1e38738fe4b582b9e36a1ebf0ea0bbf9e8d3e3a63c060

data/CONTRIBUTING.md CHANGED

@@ -35,10 +35,23 @@ Generally, this should only need to be done once, or if you need to start over.
 2.  Clone ```git@github.com:<your-github-username>/recog.git```, replacing
 ```<your-github-username>``` with, you guessed it, your Github username.
 3.  Add the master Recog repository as your upstream:
-```
-git remote add upstream git://github.com/rapid7/recog.git
-git fetch --all
-```
+ ```
+   git remote add upstream git://github.com/rapid7/recog.git
+ ```
+4. Update your `.git/config` to ensure that the `remote ["upstream"]` section is configured to pull both branches and PRs from upstream.  It should look something like the following, in particular the second `fetch` option:
+    ```
+     [remote "upstream"]
+      url = git@github.com:rapid7/recog.git
+      fetch = +refs/heads/*:refs/remotes/upstream/*
+      fetch = +refs/pull/*/head:refs/remotes/upstream/pr/*
+     ```
+5. Fetch the latest revisions, including PRs:
+    ```
+    git fetch --all
+    ```
 ### Branch and Improve
@@ -80,7 +93,7 @@ PRs](https://github.com/rapid7/metasploit-framework/wiki/Landing-Pull-Requests).
 In short:
 1. Follow the "Fork and Clone" steps from above
-2. Update your `.git/config` to ensure that the `remote ["upstream"]` section is configure to pull both branches and PRs from upstream.  It should look something like the following, in particular the second `fetch` option:
+2. Update your `.git/config` to ensure that the `remote ["upstream"]` section is configured to pull both branches and PRs from upstream.  It should look something like the following, in particular the second `fetch` option:
     ```
      [remote "upstream"]
@@ -117,7 +130,7 @@ When Recog's critical parts are modified, for example its fingerprints or underl
 When a new version of Recog is to be released, you _must_ follow the instructions below.
 1. If are not already a Recog project contributor for the Recog gem (you'd be listed [here under OWNERS](https://rubygems.org/gems/recog)), become one:
-  1. 1. Get an account on [Rubygems](https://rubygems.org)
+  1. Get an account on [Rubygems](https://rubygems.org)
   2. Contact one of the Recog project contributors (listed [here under OWNERS](https://rubygems.org/gems/recog) and have them add you to the Recog gem.  They'll need to run:
     ```
       gem owner recog -a EMAIL

data/features/{xml → data}/failing_banners_fingerprints.xml RENAMED

File without changes

data/features/{xml → data}/matching_banners_fingerprints.xml RENAMED

File without changes

data/features/{xml → data}/no_tests.xml RENAMED

File without changes

data/features/{xml/banners.xml → data/sample_banner.txt} RENAMED

File without changes

data/features/{xml → data}/successful_tests.xml RENAMED

File without changes

data/features/{xml → data}/tests_with_failures.xml RENAMED

File without changes

data/features/{xml → data}/tests_with_warnings.xml RENAMED

File without changes

data/features/match.feature CHANGED

@@ -1,6 +1,6 @@
 Feature: Match
   Scenario: Finds matches
-    When I run `recog_match matching_banners_fingerprints.xml banners.xml`
+    When I run `recog_match matching_banners_fingerprints.xml sample_banner.txt`
     Then it should pass with:
       """
       MATCH: {"matched"=>"Pure-FTPd Config data can be zero or more of: [privsep] [TLS]", "pureftpd.config"=>"[privsep] [TLS] ", "service.family"=>"Pure-FTPd", "service.product"=>"Pure-FTPd", "data"=>"---------- Welcome to Pure-FTPd [privsep] [TLS] ----------"}
@@ -8,7 +8,7 @@ Feature: Match
       """
   Scenario: Fails at finding matches
-    When I run `recog_match failing_banners_fingerprints.xml banners.xml`
+    When I run `recog_match failing_banners_fingerprints.xml sample_banner.txt`
     Then it should pass with:
       """
       FAIL: ---------- Welcome to Pure-FTPd [privsep] [TLS] ----------

data/features/support/env.rb CHANGED

@@ -1,6 +1,6 @@
 require 'aruba/cucumber'
 Before do
-  @dirs = ["features/xml"]
+  @dirs = ["features/data"]
   @aruba_timeout_seconds = 30
 end

data/lib/recog/version.rb CHANGED

@@ -1,3 +1,3 @@
 module Recog
-  VERSION = '2.0.13'
+  VERSION = '2.0.14'
 end

data/misc/order.xsl ADDED

@@ -0,0 +1,17 @@
+<?xml version="1.0"?>
+<xsl:stylesheet xmlns:xsl="http://www.w3.org/1999/XSL/Transform" version="1.0">
+  <xsl:output encoding="UTF-8" indent="yes" method="xml"/>
+  <xsl:template match="@*|node()">
+    <xsl:copy>
+      <xsl:apply-templates select="@*|node()"/>
+    </xsl:copy>
+  </xsl:template>
+  <xsl:template match="fingerprints/fingerprint">
+    <xsl:copy>
+      <xsl:copy-of select="@*"/>
+      <xsl:apply-templates select="description"/>
+      <xsl:apply-templates select="example"/>
+      <xsl:apply-templates select="param"/>
+    </xsl:copy>
+  </xsl:template>
+</xsl:stylesheet>

data/spec/lib/fingerprint_self_test_spec.rb CHANGED

@@ -1,11 +1,19 @@
 require 'recog/db'
 require 'regexp_parser'
+require 'nokogiri'
 describe Recog::DB do
+  let(:schema) { Nokogiri::XML::Schema(open(File.expand_path(File.join(%w(xml fingerprints.xsd))))) }
   Dir[File.expand_path File.join('xml', '*.xml')].each do |xml_file_name|
     describe "##{File.basename(xml_file_name)}" do
+      it "is valid XML" do
+        doc = Nokogiri::XML(open(xml_file_name))
+        errors = schema.validate(doc)
+        expect(errors).to be_empty, "#{xml_file_name} is invalid recog XML -- #{errors.inspect}"
+      end
       db = Recog::DB.new(xml_file_name)
       it "has a match key" do

data/xml/apache_os.xml CHANGED

@@ -1,341 +1,277 @@
-<?xml version="1.0"?>
+<?xml version="1.0" encoding="UTF-8"?>
 <!--
 When an HTTP server is fingerprinted as Apache, a 2nd analysis pass is done
 on the server headers HTTPProtocolHelper.SERVER_HEADERS: they are matched
 against the following patterns to extract OS information.
 -->
 <fingerprints matches="apache_os">
-   <fingerprint pattern=".*\(iSeries\).*">
-      <description>IBM i5/OS iSeries (OS/400)</description>
-      <param pos="0" name="os.vendor" value="IBM"/>
-      <param pos="0" name="os.device" value="General"/>
-      <param pos="0" name="os.family" value="OS/400"/>
-      <param pos="0" name="os.product" value="OS/400"/>
-   </fingerprint>
-   <fingerprint pattern=".*\(Mandrake Linux/\d+\.\d+\.92mdk\).*">
-      <!-- (Mandrake Linux/6.12.92mdk) -->
-      <description>Mandriva (formerly Mandrake) Linux 9.2</description>
-      <param pos="0" name="os.certainty" value="0.9"/>
-      <param pos="0" name="os.vendor" value="Mandriva"/>
-      <param pos="0" name="os.device" value="General"/>
-      <param pos="0" name="os.family" value="Linux"/>
-      <param pos="0" name="os.product" value="Linux"/>
-      <param pos="0" name="os.version" value="9.2"/>
-   </fingerprint>
-   <fingerprint pattern=".*\(Mandrake Linux/\d+\.\d+\.100mdk\).*">
-      <!-- (Mandrake Linux/6.8.100mdk) -->
-      <description>Mandriva (formerly Mandrake) Linux 10.0</description>
-      <param pos="0" name="os.certainty" value="0.9"/>
-      <param pos="0" name="os.vendor" value="Mandriva"/>
-      <param pos="0" name="os.device" value="General"/>
-      <param pos="0" name="os.family" value="Linux"/>
-      <param pos="0" name="os.product" value="Linux"/>
-      <param pos="0" name="os.version" value="10.0"/>
-   </fingerprint>
-   <fingerprint pattern=".*\((?:Mandrake|Mandriva) Linux/.*">
-      <!-- (Mandrake Linux/11mdk)
-           (Mandriva Linux/PREFORK-13.3.20060mdk)
-           (Mandriva Linux/PREFORK-13mdk)
-           (Mandriva Linux/PREFORK-1.1mdv2007.0)
-       -->
-      <description>Mandriva (formerly Mandrake) Linux unknown version</description>
-      <param pos="0" name="os.vendor" value="Mandriva"/>
-      <param pos="0" name="os.device" value="General"/>
-      <param pos="0" name="os.family" value="Linux"/>
-      <param pos="0" name="os.product" value="Linux"/>
-   </fingerprint>
-   <fingerprint pattern=".*\(Mandrakelinux/.*">
-      <!-- (Mandrakelinux/PREFORK-9mdk) -->
-      <description>Mandriva (formerly Mandrake) Linux unknown version</description>
-      <param pos="0" name="os.vendor" value="Mandriva"/>
-      <param pos="0" name="os.device" value="General"/>
-      <param pos="0" name="os.family" value="Linux"/>
-      <param pos="0" name="os.product" value="Linux"/>
-   </fingerprint>
-   <fingerprint pattern=".*\(PalmOS\).*">
-      <description>PalmOS</description>
-      <param pos="0" name="os.vendor" value="Palm"/>
-      <param pos="0" name="os.device" value="General"/>
-      <param pos="0" name="os.family" value="PalmOS"/>
-      <param pos="0" name="os.product" value="PalmOS"/>
-   </fingerprint>
-   <fingerprint pattern=".*\(Win32\).*">
-      <description>Microsoft Windows</description>
-      <param pos="0" name="os.certainty" value="0.75"/>
-      <param pos="0" name="os.vendor" value="Microsoft"/>
-      <param pos="0" name="os.device" value="General"/>
-      <param pos="0" name="os.family" value="Windows"/>
-      <param pos="0" name="os.product" value="Windows"/>
-   </fingerprint>
-   <fingerprint pattern=".*\(Darwin\).*">
-      <description>Apple Mac OS X</description>
-      <param pos="0" name="os.vendor" value="Apple"/>
-      <param pos="0" name="os.device" value="General"/>
-      <param pos="0" name="os.family" value="Mac OS X"/>
-      <param pos="0" name="os.product" value="Mac OS X"/>
-   </fingerprint>
-   <fingerprint pattern=".*\(Ubuntu\).*">
-      <description>Ubuntu</description>
-      <param pos="0" name="os.vendor" value="Ubuntu"/>
-      <param pos="0" name="os.device" value="General"/>
-      <param pos="0" name="os.family" value="Linux"/>
-      <param pos="0" name="os.product" value="Linux"/>
-   </fingerprint>
-   <fingerprint pattern=".*(?:Sun )?Cobalt \(Unix\)?.*">
-      <!-- Sun Cobalt (Unix)
-           Cobalt (Unix)
-           Cobalt (Unix)  (Red Hat/Linux)
-        -->
-      <description>Sun Cobalt RaQ (Red Hat based Linux)</description>
-      <param pos="0" name="os.vendor" value="Sun"/>
-      <param pos="0" name="os.device" value="General"/>
-      <param pos="0" name="os.family" value="Linux"/>
-      <param pos="0" name="os.product" value="Cobalt RaQ"/>
-   </fingerprint>
-   <fingerprint pattern=".*\(BlueQuartz\).*">
-      <description>Blue Quartz is created by a Cobalt RaQ UG</description>
-      <param pos="0" name="os.vendor" value="Sun"/>
-      <param pos="0" name="os.device" value="General"/>
-      <param pos="0" name="os.family" value="Linux"/>
-      <param pos="0" name="os.product" value="Cobalt RaQ"/>
-   </fingerprint>
-   <fingerprint pattern="^Apache\/2\.2\.11.*\(Fedora\).*">
-      <description>Red Hat Fedora 11</description>
-      <param pos="0" name="os.vendor" value="Red Hat"/>
-      <param pos="0" name="os.device" value="General"/>
-      <param pos="0" name="os.family" value="Linux"/>
-      <param pos="0" name="os.product" value="Fedora Core Linux"/>
-      <param pos="0" name="os.version" value="11"/>
-   </fingerprint>
-   <fingerprint pattern="^Apache\/2\.2\.15.*\(Fedora\).*">
-      <description>Red Hat Fedora 13</description>
-      <param pos="0" name="os.vendor" value="Red Hat"/>
-      <param pos="0" name="os.device" value="General"/>
-      <param pos="0" name="os.family" value="Linux"/>
-      <param pos="0" name="os.product" value="Fedora Core Linux"/>
-      <param pos="0" name="os.version" value="13"/>
-   </fingerprint>
-   <fingerprint pattern="^Apache\/2\.2\.16.*\(Fedora\).*">
-      <description>Red Hat Fedora 14</description>
-      <param pos="0" name="os.vendor" value="Red Hat"/>
-      <param pos="0" name="os.device" value="General"/>
-      <param pos="0" name="os.family" value="Linux"/>
-      <param pos="0" name="os.product" value="Fedora Core Linux"/>
-      <param pos="0" name="os.version" value="14"/>
-   </fingerprint>
-   <fingerprint pattern="^Apache\/2\.2\.23.*\(Fedora\).*">
-      <description>Red Hat Fedora 17</description>
-      <param pos="0" name="os.vendor" value="Red Hat"/>
-      <param pos="0" name="os.device" value="General"/>
-      <param pos="0" name="os.family" value="Linux"/>
-      <param pos="0" name="os.product" value="Fedora Core Linux"/>
-      <param pos="0" name="os.version" value="17"/>
-   </fingerprint>
-   <fingerprint pattern="^Apache\/2\.4\.3.*\(Fedora\).*">
-      <description>Red Hat Fedora 18</description>
-      <param pos="0" name="os.vendor" value="Red Hat"/>
-      <param pos="0" name="os.device" value="General"/>
-      <param pos="0" name="os.family" value="Linux"/>
-      <param pos="0" name="os.product" value="Fedora Core Linux"/>
-      <param pos="0" name="os.version" value="18"/>
-   </fingerprint>
-   <fingerprint pattern=".*\(Fedora\).*">
-      <description>Red Hat Fedora</description>
-      <param pos="0" name="os.vendor" value="Red Hat"/>
-      <param pos="0" name="os.device" value="General"/>
-      <param pos="0" name="os.family" value="Linux"/>
-      <param pos="0" name="os.product" value="Fedora Core Linux"/>
-   </fingerprint>
-   <fingerprint pattern=".*\(RHEL\).*">
-      <description>Red Hat Fedora</description>
-      <param pos="0" name="os.vendor" value="Red Hat"/>
-      <param pos="0" name="os.device" value="General"/>
-      <param pos="0" name="os.family" value="Linux"/>
-      <param pos="0" name="os.product" value="Enterprise Linux"/>
-   </fingerprint>
-   <fingerprint pattern=".*\(Red[ -]Hat(?:[/ ]Linux)?\).*">
-      <!-- (Red Hat/Linux)
-           (Red-Hat/Linux)
-           (Red Hat Linux)
-           (Red Hat)
-        -->
-      <description>Red Hat Linux</description>
-      <param pos="0" name="os.vendor" value="Red Hat"/>
-      <param pos="0" name="os.device" value="General"/>
-      <param pos="0" name="os.family" value="Linux"/>
-      <param pos="0" name="os.product" value="Linux"/>
-   </fingerprint>
-   <fingerprint pattern=".*Debian(?:[/ ]GNU)?(?:/Linux)?.*">
-      <!-- (Debian)
-           (Debian GNU/Linux)
-           (Unix) Debian GNU/Linux
-           (Unix) Debian/GNU
-        -->
-      <description>Debian Linux</description>
-      <param pos="0" name="os.vendor" value="Debian"/>
-      <param pos="0" name="os.device" value="General"/>
-      <param pos="0" name="os.family" value="Linux"/>
-      <param pos="0" name="os.product" value="Linux"/>
-   </fingerprint>
-   <fingerprint pattern=".*\((?:Linux/)?S[uU]SE(?:/Linux)?\).*">
-      <!-- (SuSE)
-           (SuSE/Linux)
-           (Linux/SuSE)
-           (Linux/SUSE)
-        -->
-      <description>Novell SuSE Linux</description>
-      <param pos="0" name="os.vendor" value="SuSE"/>
-      <param pos="0" name="os.device" value="General"/>
-      <param pos="0" name="os.family" value="Linux"/>
-      <param pos="0" name="os.product" value="Linux"/>
-   </fingerprint>
-   <fingerprint pattern=".*\(NETWARE\).*">
-      <description>Novell NetWare</description>
-      <param pos="0" name="os.vendor" value="Novell"/>
-      <param pos="0" name="os.device" value="General"/>
-      <param pos="0" name="os.family" value="NetWare"/>
-      <param pos="0" name="os.product" value="NetWare"/>
-   </fingerprint>
-   <fingerprint pattern=".*HP-UX_Apache-based_Web_Server.*">
-      <description>HP HP-UX</description>
-      <param pos="0" name="os.vendor" value="HP"/>
-      <param pos="0" name="os.device" value="General"/>
-      <param pos="0" name="os.family" value="HP-UX"/>
-      <param pos="0" name="os.product" value="HP-UX"/>
-   </fingerprint>
-   <fingerprint pattern=".*\(CentOS\).*">
-      <description>CentOS Linux</description>
-      <param pos="0" name="os.vendor" value="CentOS"/>
-      <param pos="0" name="os.device" value="General"/>
-      <param pos="0" name="os.family" value="Linux"/>
-      <param pos="0" name="os.product" value="Linux"/>
-   </fingerprint>
-   <fingerprint pattern=".*\(Turbolinux\).*">
-      <description>Turbolinux</description>
-      <param pos="0" name="os.vendor" value="Turbolinux"/>
-      <param pos="0" name="os.device" value="General"/>
-      <param pos="0" name="os.family" value="Linux"/>
-      <param pos="0" name="os.product" value="Linux"/>
-   </fingerprint>
-   <fingerprint pattern=".*\(FreeBSD\).*">
-      <description>FreeBSD</description>
-      <param pos="0" name="os.vendor" value="FreeBSD"/>
-      <param pos="0" name="os.device" value="General"/>
-      <param pos="0" name="os.family" value="FreeBSD"/>
-      <param pos="0" name="os.product" value="FreeBSD"/>
-   </fingerprint>
-   <fingerprint pattern=".*\(Asianux\).*">
-      <description>Asianux Linux</description>
-      <param pos="0" name="os.vendor" value="Asianux"/>
-      <param pos="0" name="os.device" value="General"/>
-      <param pos="0" name="os.family" value="Linux"/>
-      <param pos="0" name="os.product" value="Linux"/>
-   </fingerprint>
-   <fingerprint pattern=".*\(Gentoo(?:/Linux)?\).*">
-      <description>Gentoo Linux</description>
-      <param pos="0" name="os.vendor" value="Gentoo"/>
-      <param pos="0" name="os.device" value="General"/>
-      <param pos="0" name="os.family" value="Linux"/>
-      <param pos="0" name="os.product" value="Linux"/>
-   </fingerprint>
-   <fingerprint pattern=".*\(Conectiva(?:/Linux)?\).*">
-      <description>CentOS Linux</description>
-      <param pos="0" name="os.vendor" value="Conectiva"/>
-      <param pos="0" name="os.device" value="General"/>
-      <param pos="0" name="os.family" value="Linux"/>
-      <param pos="0" name="os.product" value="Linux"/>
-   </fingerprint>
-   <fingerprint pattern=".*\(Trustix Secure Linux(?:/Linux)?\).*">
-      <description>CentOS Linux</description>
-      <param pos="0" name="os.vendor" value="Trustix"/>
-      <param pos="0" name="os.device" value="General"/>
-      <param pos="0" name="os.family" value="Linux"/>
-      <param pos="0" name="os.product" value="Secure Linux"/>
-   </fingerprint>
-   <fingerprint pattern=".*\(White Box\).*">
-      <description>White Box Enterprise Linux</description>
-      <param pos="0" name="os.vendor" value="White Box"/>
-      <param pos="0" name="os.device" value="General"/>
-      <param pos="0" name="os.family" value="Linux"/>
-      <param pos="0" name="os.product" value="Enterprise Linux"/>
-   </fingerprint>
-   <fingerprint pattern=".*\(UnitedLinux\).*">
-      <description>UnitedLinux</description>
-      <param pos="0" name="os.vendor" value="UnitedLinux"/>
-      <param pos="0" name="os.device" value="General"/>
-      <param pos="0" name="os.family" value="Linux"/>
-      <param pos="0" name="os.product" value="Linux"/>
-   </fingerprint>
-   <fingerprint pattern=".*\(PLD/Linux\).*">
-      <description>PLD Linux</description>
-      <param pos="0" name="os.vendor" value="PLD"/>
-      <param pos="0" name="os.device" value="General"/>
-      <param pos="0" name="os.family" value="Linux"/>
-      <param pos="0" name="os.product" value="Linux"/>
-   </fingerprint>
-   <fingerprint pattern=".*\(Vine/Linux\).*">
-      <description>Vine Linux</description>
-      <param pos="0" name="os.vendor" value="Vine"/>
-      <param pos="0" name="os.device" value="General"/>
-      <param pos="0" name="os.family" value="Linux"/>
-      <param pos="0" name="os.product" value="Linux"/>
-   </fingerprint>
-   <fingerprint pattern=".*\(rPath\).*">
-      <description>rPath Linux</description>
-      <param pos="0" name="os.vendor" value="rPath"/>
-      <param pos="0" name="os.device" value="General"/>
-      <param pos="0" name="os.family" value="Linux"/>
-      <param pos="0" name="os.product" value="Linux"/>
-   </fingerprint>
-   <fingerprint pattern=".*\(StartCom Linux\).*">
-      <description>StartCom Linux</description>
-      <param pos="0" name="os.vendor" value="StartCom"/>
-      <param pos="0" name="os.device" value="General"/>
-      <param pos="0" name="os.family" value="Linux"/>
-      <param pos="0" name="os.product" value="Linux"/>
-   </fingerprint>
-   <fingerprint pattern=".*Linux.*">
-      <description>Generic Linux fallback</description>
-      <param pos="0" name="os.certainty" value="0.75"/>
-      <param pos="0" name="os.device" value="General"/>
-      <param pos="0" name="os.family" value="Linux"/>
-      <param pos="0" name="os.product" value="Linux"/>
-   </fingerprint>
+  <fingerprint pattern=".*\(iSeries\).*">
+    <description>IBM i5/OS iSeries (OS/400)</description>
+    <param pos="0" name="os.vendor" value="IBM"/>
+    <param pos="0" name="os.device" value="General"/>
+    <param pos="0" name="os.family" value="OS/400"/>
+    <param pos="0" name="os.product" value="OS/400"/>
+  </fingerprint>
+  <fingerprint pattern=".*\(Mandrake Linux/\d+\.\d+\.92mdk\).*">
+    <description>Mandriva (formerly Mandrake) Linux 9.2</description>
+    <param pos="0" name="os.certainty" value="0.9"/>
+    <param pos="0" name="os.vendor" value="Mandriva"/>
+    <param pos="0" name="os.device" value="General"/>
+    <param pos="0" name="os.family" value="Linux"/>
+    <param pos="0" name="os.product" value="Linux"/>
+    <param pos="0" name="os.version" value="9.2"/>
+  </fingerprint>
+  <fingerprint pattern=".*\(Mandrake Linux/\d+\.\d+\.100mdk\).*">
+    <description>Mandriva (formerly Mandrake) Linux 10.0</description>
+    <param pos="0" name="os.certainty" value="0.9"/>
+    <param pos="0" name="os.vendor" value="Mandriva"/>
+    <param pos="0" name="os.device" value="General"/>
+    <param pos="0" name="os.family" value="Linux"/>
+    <param pos="0" name="os.product" value="Linux"/>
+    <param pos="0" name="os.version" value="10.0"/>
+  </fingerprint>
+  <fingerprint pattern=".*\((?:Mandrake|Mandriva) Linux/.*">
+    <description>Mandriva (formerly Mandrake) Linux unknown version</description>
+    <param pos="0" name="os.vendor" value="Mandriva"/>
+    <param pos="0" name="os.device" value="General"/>
+    <param pos="0" name="os.family" value="Linux"/>
+    <param pos="0" name="os.product" value="Linux"/>
+  </fingerprint>
+  <fingerprint pattern=".*\(Mandrakelinux/.*">
+    <description>Mandriva (formerly Mandrake) Linux unknown version</description>
+    <param pos="0" name="os.vendor" value="Mandriva"/>
+    <param pos="0" name="os.device" value="General"/>
+    <param pos="0" name="os.family" value="Linux"/>
+    <param pos="0" name="os.product" value="Linux"/>
+  </fingerprint>
+  <fingerprint pattern=".*\(PalmOS\).*">
+    <description>PalmOS</description>
+    <param pos="0" name="os.vendor" value="Palm"/>
+    <param pos="0" name="os.device" value="General"/>
+    <param pos="0" name="os.family" value="PalmOS"/>
+    <param pos="0" name="os.product" value="PalmOS"/>
+  </fingerprint>
+  <fingerprint pattern=".*\(Win32\).*">
+    <description>Microsoft Windows</description>
+    <param pos="0" name="os.certainty" value="0.75"/>
+    <param pos="0" name="os.vendor" value="Microsoft"/>
+    <param pos="0" name="os.device" value="General"/>
+    <param pos="0" name="os.family" value="Windows"/>
+    <param pos="0" name="os.product" value="Windows"/>
+  </fingerprint>
+  <fingerprint pattern=".*\(Darwin\).*">
+    <description>Apple Mac OS X</description>
+    <param pos="0" name="os.vendor" value="Apple"/>
+    <param pos="0" name="os.device" value="General"/>
+    <param pos="0" name="os.family" value="Mac OS X"/>
+    <param pos="0" name="os.product" value="Mac OS X"/>
+  </fingerprint>
+  <fingerprint pattern=".*\(Ubuntu\).*">
+    <description>Ubuntu</description>
+    <param pos="0" name="os.vendor" value="Ubuntu"/>
+    <param pos="0" name="os.device" value="General"/>
+    <param pos="0" name="os.family" value="Linux"/>
+    <param pos="0" name="os.product" value="Linux"/>
+  </fingerprint>
+  <fingerprint pattern=".*(?:Sun )?Cobalt \(Unix\)?.*">
+    <description>Sun Cobalt RaQ (Red Hat based Linux)</description>
+    <param pos="0" name="os.vendor" value="Sun"/>
+    <param pos="0" name="os.device" value="General"/>
+    <param pos="0" name="os.family" value="Linux"/>
+    <param pos="0" name="os.product" value="Cobalt RaQ"/>
+  </fingerprint>
+  <fingerprint pattern=".*\(BlueQuartz\).*">
+    <description>Blue Quartz is created by a Cobalt RaQ UG</description>
+    <param pos="0" name="os.vendor" value="Sun"/>
+    <param pos="0" name="os.device" value="General"/>
+    <param pos="0" name="os.family" value="Linux"/>
+    <param pos="0" name="os.product" value="Cobalt RaQ"/>
+  </fingerprint>
+  <fingerprint pattern="^Apache\/2\.2\.11.*\(Fedora\).*">
+    <description>Red Hat Fedora 11</description>
+    <param pos="0" name="os.vendor" value="Red Hat"/>
+    <param pos="0" name="os.device" value="General"/>
+    <param pos="0" name="os.family" value="Linux"/>
+    <param pos="0" name="os.product" value="Fedora Core Linux"/>
+    <param pos="0" name="os.version" value="11"/>
+  </fingerprint>
+  <fingerprint pattern="^Apache\/2\.2\.15.*\(Fedora\).*">
+    <description>Red Hat Fedora 13</description>
+    <param pos="0" name="os.vendor" value="Red Hat"/>
+    <param pos="0" name="os.device" value="General"/>
+    <param pos="0" name="os.family" value="Linux"/>
+    <param pos="0" name="os.product" value="Fedora Core Linux"/>
+    <param pos="0" name="os.version" value="13"/>
+  </fingerprint>
+  <fingerprint pattern="^Apache\/2\.2\.16.*\(Fedora\).*">
+    <description>Red Hat Fedora 14</description>
+    <param pos="0" name="os.vendor" value="Red Hat"/>
+    <param pos="0" name="os.device" value="General"/>
+    <param pos="0" name="os.family" value="Linux"/>
+    <param pos="0" name="os.product" value="Fedora Core Linux"/>
+    <param pos="0" name="os.version" value="14"/>
+  </fingerprint>
+  <fingerprint pattern="^Apache\/2\.2\.23.*\(Fedora\).*">
+    <description>Red Hat Fedora 17</description>
+    <param pos="0" name="os.vendor" value="Red Hat"/>
+    <param pos="0" name="os.device" value="General"/>
+    <param pos="0" name="os.family" value="Linux"/>
+    <param pos="0" name="os.product" value="Fedora Core Linux"/>
+    <param pos="0" name="os.version" value="17"/>
+  </fingerprint>
+  <fingerprint pattern="^Apache\/2\.4\.3.*\(Fedora\).*">
+    <description>Red Hat Fedora 18</description>
+    <param pos="0" name="os.vendor" value="Red Hat"/>
+    <param pos="0" name="os.device" value="General"/>
+    <param pos="0" name="os.family" value="Linux"/>
+    <param pos="0" name="os.product" value="Fedora Core Linux"/>
+    <param pos="0" name="os.version" value="18"/>
+  </fingerprint>
+  <fingerprint pattern=".*\(Fedora\).*">
+    <description>Red Hat Fedora</description>
+    <param pos="0" name="os.vendor" value="Red Hat"/>
+    <param pos="0" name="os.device" value="General"/>
+    <param pos="0" name="os.family" value="Linux"/>
+    <param pos="0" name="os.product" value="Fedora Core Linux"/>
+  </fingerprint>
+  <fingerprint pattern=".*\(RHEL\).*">
+    <description>Red Hat Fedora</description>
+    <param pos="0" name="os.vendor" value="Red Hat"/>
+    <param pos="0" name="os.device" value="General"/>
+    <param pos="0" name="os.family" value="Linux"/>
+    <param pos="0" name="os.product" value="Enterprise Linux"/>
+  </fingerprint>
+  <fingerprint pattern=".*\(Red[ -]Hat(?:[/ ]Linux)?\).*">
+    <description>Red Hat Linux</description>
+    <param pos="0" name="os.vendor" value="Red Hat"/>
+    <param pos="0" name="os.device" value="General"/>
+    <param pos="0" name="os.family" value="Linux"/>
+    <param pos="0" name="os.product" value="Linux"/>
+  </fingerprint>
+  <fingerprint pattern=".*Debian(?:[/ ]GNU)?(?:/Linux)?.*">
+    <description>Debian Linux</description>
+    <param pos="0" name="os.vendor" value="Debian"/>
+    <param pos="0" name="os.device" value="General"/>
+    <param pos="0" name="os.family" value="Linux"/>
+    <param pos="0" name="os.product" value="Linux"/>
+  </fingerprint>
+  <fingerprint pattern=".*\((?:Linux/)?S[uU]SE(?:/Linux)?\).*">
+    <description>Novell SuSE Linux</description>
+    <param pos="0" name="os.vendor" value="SuSE"/>
+    <param pos="0" name="os.device" value="General"/>
+    <param pos="0" name="os.family" value="Linux"/>
+    <param pos="0" name="os.product" value="Linux"/>
+  </fingerprint>
+  <fingerprint pattern=".*\(NETWARE\).*">
+    <description>Novell NetWare</description>
+    <param pos="0" name="os.vendor" value="Novell"/>
+    <param pos="0" name="os.device" value="General"/>
+    <param pos="0" name="os.family" value="NetWare"/>
+    <param pos="0" name="os.product" value="NetWare"/>
+  </fingerprint>
+  <fingerprint pattern=".*HP-UX_Apache-based_Web_Server.*">
+    <description>HP HP-UX</description>
+    <param pos="0" name="os.vendor" value="HP"/>
+    <param pos="0" name="os.device" value="General"/>
+    <param pos="0" name="os.family" value="HP-UX"/>
+    <param pos="0" name="os.product" value="HP-UX"/>
+  </fingerprint>
+  <fingerprint pattern=".*\(CentOS\).*">
+    <description>CentOS Linux</description>
+    <param pos="0" name="os.vendor" value="CentOS"/>
+    <param pos="0" name="os.device" value="General"/>
+    <param pos="0" name="os.family" value="Linux"/>
+    <param pos="0" name="os.product" value="Linux"/>
+  </fingerprint>
+  <fingerprint pattern=".*\(Turbolinux\).*">
+    <description>Turbolinux</description>
+    <param pos="0" name="os.vendor" value="Turbolinux"/>
+    <param pos="0" name="os.device" value="General"/>
+    <param pos="0" name="os.family" value="Linux"/>
+    <param pos="0" name="os.product" value="Linux"/>
+  </fingerprint>
+  <fingerprint pattern=".*\(FreeBSD\).*">
+    <description>FreeBSD</description>
+    <param pos="0" name="os.vendor" value="FreeBSD"/>
+    <param pos="0" name="os.device" value="General"/>
+    <param pos="0" name="os.family" value="FreeBSD"/>
+    <param pos="0" name="os.product" value="FreeBSD"/>
+  </fingerprint>
+  <fingerprint pattern=".*\(Asianux\).*">
+    <description>Asianux Linux</description>
+    <param pos="0" name="os.vendor" value="Asianux"/>
+    <param pos="0" name="os.device" value="General"/>
+    <param pos="0" name="os.family" value="Linux"/>
+    <param pos="0" name="os.product" value="Linux"/>
+  </fingerprint>
+  <fingerprint pattern=".*\(Gentoo(?:/Linux)?\).*">
+    <description>Gentoo Linux</description>
+    <param pos="0" name="os.vendor" value="Gentoo"/>
+    <param pos="0" name="os.device" value="General"/>
+    <param pos="0" name="os.family" value="Linux"/>
+    <param pos="0" name="os.product" value="Linux"/>
+  </fingerprint>
+  <fingerprint pattern=".*\(Conectiva(?:/Linux)?\).*">
+    <description>CentOS Linux</description>
+    <param pos="0" name="os.vendor" value="Conectiva"/>
+    <param pos="0" name="os.device" value="General"/>
+    <param pos="0" name="os.family" value="Linux"/>
+    <param pos="0" name="os.product" value="Linux"/>
+  </fingerprint>
+  <fingerprint pattern=".*\(Trustix Secure Linux(?:/Linux)?\).*">
+    <description>CentOS Linux</description>
+    <param pos="0" name="os.vendor" value="Trustix"/>
+    <param pos="0" name="os.device" value="General"/>
+    <param pos="0" name="os.family" value="Linux"/>
+    <param pos="0" name="os.product" value="Secure Linux"/>
+  </fingerprint>
+  <fingerprint pattern=".*\(White Box\).*">
+    <description>White Box Enterprise Linux</description>
+    <param pos="0" name="os.vendor" value="White Box"/>
+    <param pos="0" name="os.device" value="General"/>
+    <param pos="0" name="os.family" value="Linux"/>
+    <param pos="0" name="os.product" value="Enterprise Linux"/>
+  </fingerprint>
+  <fingerprint pattern=".*\(UnitedLinux\).*">
+    <description>UnitedLinux</description>
+    <param pos="0" name="os.vendor" value="UnitedLinux"/>
+    <param pos="0" name="os.device" value="General"/>
+    <param pos="0" name="os.family" value="Linux"/>
+    <param pos="0" name="os.product" value="Linux"/>
+  </fingerprint>
+  <fingerprint pattern=".*\(PLD/Linux\).*">
+    <description>PLD Linux</description>
+    <param pos="0" name="os.vendor" value="PLD"/>
+    <param pos="0" name="os.device" value="General"/>
+    <param pos="0" name="os.family" value="Linux"/>
+    <param pos="0" name="os.product" value="Linux"/>
+  </fingerprint>
+  <fingerprint pattern=".*\(Vine/Linux\).*">
+    <description>Vine Linux</description>
+    <param pos="0" name="os.vendor" value="Vine"/>
+    <param pos="0" name="os.device" value="General"/>
+    <param pos="0" name="os.family" value="Linux"/>
+    <param pos="0" name="os.product" value="Linux"/>
+  </fingerprint>
+  <fingerprint pattern=".*\(rPath\).*">
+    <description>rPath Linux</description>
+    <param pos="0" name="os.vendor" value="rPath"/>
+    <param pos="0" name="os.device" value="General"/>
+    <param pos="0" name="os.family" value="Linux"/>
+    <param pos="0" name="os.product" value="Linux"/>
+  </fingerprint>
+  <fingerprint pattern=".*\(StartCom Linux\).*">
+    <description>StartCom Linux</description>
+    <param pos="0" name="os.vendor" value="StartCom"/>
+    <param pos="0" name="os.device" value="General"/>
+    <param pos="0" name="os.family" value="Linux"/>
+    <param pos="0" name="os.product" value="Linux"/>
+  </fingerprint>
+  <fingerprint pattern=".*Linux.*">
+    <description>Generic Linux fallback</description>
+    <param pos="0" name="os.certainty" value="0.75"/>
+    <param pos="0" name="os.device" value="General"/>
+    <param pos="0" name="os.family" value="Linux"/>
+    <param pos="0" name="os.product" value="Linux"/>
+  </fingerprint>
 </fingerprints>