RubyGems - recog - Versions diffs - 2.0.13 → 2.0.14 - Mend

recog 2.0.13 → 2.0.14

Files changed (52) hide show

checksums.yaml +4 -4
data/CONTRIBUTING.md +19 -6
data/features/{xml → data}/failing_banners_fingerprints.xml +0 -0
data/features/{xml → data}/matching_banners_fingerprints.xml +0 -0
data/features/{xml → data}/no_tests.xml +0 -0
data/features/{xml/banners.xml → data/sample_banner.txt} +0 -0
data/features/{xml → data}/successful_tests.xml +0 -0
data/features/{xml → data}/tests_with_failures.xml +0 -0
data/features/{xml → data}/tests_with_warnings.xml +0 -0
data/features/match.feature +2 -2
data/features/support/env.rb +1 -1
data/lib/recog/version.rb +1 -1
data/misc/order.xsl +17 -0
data/spec/lib/fingerprint_self_test_spec.rb +8 -0
data/xml/apache_os.xml +270 -334
data/xml/architecture.xml +28 -41
data/xml/fingerprints.xsd +37 -0
data/xml/ftp_banners.xml +52 -58
data/xml/h323_callresp.xml +597 -695
data/xml/hp_pjl_id.xml +370 -409
data/xml/http_cookies.xml +304 -348
data/xml/http_servers.xml +3202 -3483
data/xml/http_wwwauth.xml +342 -409
data/xml/imap_banners.xml +149 -190
data/xml/mdns_device-info_txt.xml +97 -111
data/xml/mdns_workstation_txt.xml +6 -6
data/xml/mysql_banners.xml +99 -198
data/xml/mysql_error.xml +4 -11
data/xml/nntp_banners.xml +42 -45
data/xml/ntp_banners.xml +2 -3
data/xml/pop_banners.xml +214 -247
data/xml/rsh_resp.xml +68 -76
data/xml/sip_banners.xml +19 -19
data/xml/sip_user_agents.xml +63 -74
data/xml/smb_native_os.xml +387 -433
data/xml/smtp_banners.xml +1318 -1460
data/xml/smtp_debug.xml +24 -27
data/xml/smtp_ehlo.xml +19 -22
data/xml/smtp_expn.xml +61 -70
data/xml/smtp_help.xml +139 -160
data/xml/smtp_mailfrom.xml +14 -16
data/xml/smtp_noop.xml +28 -31
data/xml/smtp_quit.xml +16 -18
data/xml/smtp_rcptto.xml +8 -10
data/xml/smtp_rset.xml +12 -13
data/xml/smtp_turn.xml +12 -13
data/xml/smtp_vrfy.xml +66 -76
data/xml/snmp_sysdescr.xml +7257 -8016
data/xml/snmp_sysobjid.xml +392 -434
data/xml/ssh_banners.xml +783 -867
data/xml/upnp_banners.xml +594 -628
metadata +11 -9

checksums.yaml CHANGED

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: 550cc41ba69213d60ced6ead986dc8c38d3129da
-  data.tar.gz: 317c61c92e185f982f0066ddafcd811a0b644224
+  metadata.gz: 2d08dc173999e1694bdc5f102a28be119f4e8866
+  data.tar.gz: 46283f711629cc12bb944b02cfe6ce1bbfc1f5d5
 SHA512:
-  metadata.gz: a6c71d5f88b88e952613346681a0f5834d0a47469df0e53420a114102626c52edb5eeb392a4fa8fb866b3c63de7f361a680e4e9a521e257948bb500f7a8f81af
-  data.tar.gz: 5db712820756886fd6bc2c1d550d5a82672d2291ae4237e3985a104b363c552d7d59fdf96028a11bc179a45ff0ad734cc64ec5b4058939cd0c12b0cc14707169
+  metadata.gz: 44b5b348c47caefd5998d36fa2439e64b05ae679daba22a58014d484b1a55baa0348b301ecbe3ccfeea337ca5fd2afb35b94580ebefa0f2161284f69d22c4c76
+  data.tar.gz: ab0237e095304a36ae8b72f1afbbb9abb6e2fd4423af1d8e071546c178eb3e547355c70b8f9ea4ec78a1e38738fe4b582b9e36a1ebf0ea0bbf9e8d3e3a63c060

data/CONTRIBUTING.md CHANGED

@@ -35,10 +35,23 @@ Generally, this should only need to be done once, or if you need to start over.
 2.  Clone ```git@github.com:<your-github-username>/recog.git```, replacing
 ```<your-github-username>``` with, you guessed it, your Github username.
 3.  Add the master Recog repository as your upstream:
-```
-git remote add upstream git://github.com/rapid7/recog.git
-git fetch --all
-```
+ ```
+   git remote add upstream git://github.com/rapid7/recog.git
+ ```
+4. Update your `.git/config` to ensure that the `remote ["upstream"]` section is configured to pull both branches and PRs from upstream.  It should look something like the following, in particular the second `fetch` option:
+    ```
+     [remote "upstream"]
+      url = git@github.com:rapid7/recog.git
+      fetch = +refs/heads/*:refs/remotes/upstream/*
+      fetch = +refs/pull/*/head:refs/remotes/upstream/pr/*
+     ```
+5. Fetch the latest revisions, including PRs:
+    ```
+    git fetch --all
+    ```
 ### Branch and Improve
@@ -80,7 +93,7 @@ PRs](https://github.com/rapid7/metasploit-framework/wiki/Landing-Pull-Requests).
 In short:
 1. Follow the "Fork and Clone" steps from above
-2. Update your `.git/config` to ensure that the `remote ["upstream"]` section is configure to pull both branches and PRs from upstream.  It should look something like the following, in particular the second `fetch` option:
+2. Update your `.git/config` to ensure that the `remote ["upstream"]` section is configured to pull both branches and PRs from upstream.  It should look something like the following, in particular the second `fetch` option:
     ```
      [remote "upstream"]
@@ -117,7 +130,7 @@ When Recog's critical parts are modified, for example its fingerprints or underl
 When a new version of Recog is to be released, you _must_ follow the instructions below.
 1. If are not already a Recog project contributor for the Recog gem (you'd be listed [here under OWNERS](https://rubygems.org/gems/recog)), become one:
-  1. 1. Get an account on [Rubygems](https://rubygems.org)
+  1. Get an account on [Rubygems](https://rubygems.org)
   2. Contact one of the Recog project contributors (listed [here under OWNERS](https://rubygems.org/gems/recog) and have them add you to the Recog gem.  They'll need to run:
     ```
       gem owner recog -a EMAIL

data/features/{xml → data}/failing_banners_fingerprints.xml RENAMED

File without changes

data/features/{xml → data}/matching_banners_fingerprints.xml RENAMED

File without changes

data/features/{xml → data}/no_tests.xml RENAMED

File without changes

data/features/{xml/banners.xml → data/sample_banner.txt} RENAMED

File without changes

data/features/{xml → data}/successful_tests.xml RENAMED

File without changes

data/features/{xml → data}/tests_with_failures.xml RENAMED

File without changes

data/features/{xml → data}/tests_with_warnings.xml RENAMED

File without changes

data/features/match.feature CHANGED

@@ -1,6 +1,6 @@
 Feature: Match
   Scenario: Finds matches
-    When I run `recog_match matching_banners_fingerprints.xml banners.xml`
+    When I run `recog_match matching_banners_fingerprints.xml sample_banner.txt`
     Then it should pass with:
       """
       MATCH: {"matched"=>"Pure-FTPd Config data can be zero or more of: [privsep] [TLS]", "pureftpd.config"=>"[privsep] [TLS] ", "service.family"=>"Pure-FTPd", "service.product"=>"Pure-FTPd", "data"=>"---------- Welcome to Pure-FTPd [privsep] [TLS] ----------"}
@@ -8,7 +8,7 @@ Feature: Match
       """
   Scenario: Fails at finding matches
-    When I run `recog_match failing_banners_fingerprints.xml banners.xml`
+    When I run `recog_match failing_banners_fingerprints.xml sample_banner.txt`
     Then it should pass with:
       """
       FAIL: ---------- Welcome to Pure-FTPd [privsep] [TLS] ----------

data/features/support/env.rb CHANGED

@@ -1,6 +1,6 @@
 require 'aruba/cucumber'
 Before do
-  @dirs = ["features/xml"]
+  @dirs = ["features/data"]
   @aruba_timeout_seconds = 30
 end

data/lib/recog/version.rb CHANGED

@@ -1,3 +1,3 @@
 module Recog
-  VERSION = '2.0.13'
+  VERSION = '2.0.14'
 end

data/misc/order.xsl ADDED

@@ -0,0 +1,17 @@
+<?xml version="1.0"?>
+<xsl:stylesheet xmlns:xsl="http://www.w3.org/1999/XSL/Transform" version="1.0">
+  <xsl:output encoding="UTF-8" indent="yes" method="xml"/>
+  <xsl:template match="@*|node()">
+    <xsl:copy>
+      <xsl:apply-templates select="@*|node()"/>
+    </xsl:copy>
+  </xsl:template>
+  <xsl:template match="fingerprints/fingerprint">
+    <xsl:copy>
+      <xsl:copy-of select="@*"/>
+      <xsl:apply-templates select="description"/>
+      <xsl:apply-templates select="example"/>
+      <xsl:apply-templates select="param"/>
+    </xsl:copy>
+  </xsl:template>
+</xsl:stylesheet>

data/spec/lib/fingerprint_self_test_spec.rb CHANGED

@@ -1,11 +1,19 @@
 require 'recog/db'
 require 'regexp_parser'
+require 'nokogiri'
 describe Recog::DB do
+  let(:schema) { Nokogiri::XML::Schema(open(File.expand_path(File.join(%w(xml fingerprints.xsd))))) }
   Dir[File.expand_path File.join('xml', '*.xml')].each do |xml_file_name|
     describe "##{File.basename(xml_file_name)}" do
+      it "is valid XML" do
+        doc = Nokogiri::XML(open(xml_file_name))
+        errors = schema.validate(doc)
+        expect(errors).to be_empty, "#{xml_file_name} is invalid recog XML -- #{errors.inspect}"
+      end
       db = Recog::DB.new(xml_file_name)
       it "has a match key" do

data/xml/apache_os.xml CHANGED

@@ -1,341 +1,277 @@
-<?xml version="1.0"?>
+<?xml version="1.0" encoding="UTF-8"?>
 <!--
 When an HTTP server is fingerprinted as Apache, a 2nd analysis pass is done
 on the server headers HTTPProtocolHelper.SERVER_HEADERS: they are matched
 against the following patterns to extract OS information.
 -->
 <fingerprints matches="apache_os">
-   <fingerprint pattern=".*\(iSeries\).*">
-      <description>IBM i5/OS iSeries (OS/400)</description>
-      <param pos="0" name="os.vendor" value="IBM"/>
-      <param pos="0" name="os.device" value="General"/>
-      <param pos="0" name="os.family" value="OS/400"/>
-      <param pos="0" name="os.product" value="OS/400"/>
-   </fingerprint>
-   <fingerprint pattern=".*\(Mandrake Linux/\d+\.\d+\.92mdk\).*">
-      <!-- (Mandrake Linux/6.12.92mdk) -->
-      <description>Mandriva (formerly Mandrake) Linux 9.2</description>
-      <param pos="0" name="os.certainty" value="0.9"/>
-      <param pos="0" name="os.vendor" value="Mandriva"/>
-      <param pos="0" name="os.device" value="General"/>
-      <param pos="0" name="os.family" value="Linux"/>
-      <param pos="0" name="os.product" value="Linux"/>
-      <param pos="0" name="os.version" value="9.2"/>
-   </fingerprint>
-   <fingerprint pattern=".*\(Mandrake Linux/\d+\.\d+\.100mdk\).*">
-      <!-- (Mandrake Linux/6.8.100mdk) -->
-      <description>Mandriva (formerly Mandrake) Linux 10.0</description>
-      <param pos="0" name="os.certainty" value="0.9"/>
-      <param pos="0" name="os.vendor" value="Mandriva"/>
-      <param pos="0" name="os.device" value="General"/>
-      <param pos="0" name="os.family" value="Linux"/>
-      <param pos="0" name="os.product" value="Linux"/>
-      <param pos="0" name="os.version" value="10.0"/>
-   </fingerprint>
-   <fingerprint pattern=".*\((?:Mandrake|Mandriva) Linux/.*">
-      <!-- (Mandrake Linux/11mdk)
-           (Mandriva Linux/PREFORK-13.3.20060mdk)
-           (Mandriva Linux/PREFORK-13mdk)
-           (Mandriva Linux/PREFORK-1.1mdv2007.0)
-       -->
-      <description>Mandriva (formerly Mandrake) Linux unknown version</description>
-      <param pos="0" name="os.vendor" value="Mandriva"/>
-      <param pos="0" name="os.device" value="General"/>
-      <param pos="0" name="os.family" value="Linux"/>
-      <param pos="0" name="os.product" value="Linux"/>
-   </fingerprint>
-   <fingerprint pattern=".*\(Mandrakelinux/.*">
-      <!-- (Mandrakelinux/PREFORK-9mdk) -->
-      <description>Mandriva (formerly Mandrake) Linux unknown version</description>
-      <param pos="0" name="os.vendor" value="Mandriva"/>
-      <param pos="0" name="os.device" value="General"/>
-      <param pos="0" name="os.family" value="Linux"/>
-      <param pos="0" name="os.product" value="Linux"/>
-   </fingerprint>
-   <fingerprint pattern=".*\(PalmOS\).*">
-      <description>PalmOS</description>
-      <param pos="0" name="os.vendor" value="Palm"/>
-      <param pos="0" name="os.device" value="General"/>
-      <param pos="0" name="os.family" value="PalmOS"/>
-      <param pos="0" name="os.product" value="PalmOS"/>
-   </fingerprint>
-   <fingerprint pattern=".*\(Win32\).*">
-      <description>Microsoft Windows</description>
-      <param pos="0" name="os.certainty" value="0.75"/>
-      <param pos="0" name="os.vendor" value="Microsoft"/>
-      <param pos="0" name="os.device" value="General"/>
-      <param pos="0" name="os.family" value="Windows"/>
-      <param pos="0" name="os.product" value="Windows"/>
-   </fingerprint>
-   <fingerprint pattern=".*\(Darwin\).*">
-      <description>Apple Mac OS X</description>
-      <param pos="0" name="os.vendor" value="Apple"/>
-      <param pos="0" name="os.device" value="General"/>
-      <param pos="0" name="os.family" value="Mac OS X"/>
-      <param pos="0" name="os.product" value="Mac OS X"/>
-   </fingerprint>
-   <fingerprint pattern=".*\(Ubuntu\).*">
-      <description>Ubuntu</description>
-      <param pos="0" name="os.vendor" value="Ubuntu"/>
-      <param pos="0" name="os.device" value="General"/>
-      <param pos="0" name="os.family" value="Linux"/>
-      <param pos="0" name="os.product" value="Linux"/>
-   </fingerprint>
-   <fingerprint pattern=".*(?:Sun )?Cobalt \(Unix\)?.*">
-      <!-- Sun Cobalt (Unix)
-           Cobalt (Unix)
-           Cobalt (Unix)  (Red Hat/Linux)
-        -->
-      <description>Sun Cobalt RaQ (Red Hat based Linux)</description>
-      <param pos="0" name="os.vendor" value="Sun"/>
-      <param pos="0" name="os.device" value="General"/>
-      <param pos="0" name="os.family" value="Linux"/>
-      <param pos="0" name="os.product" value="Cobalt RaQ"/>
-   </fingerprint>
-   <fingerprint pattern=".*\(BlueQuartz\).*">
-      <description>Blue Quartz is created by a Cobalt RaQ UG</description>
-      <param pos="0" name="os.vendor" value="Sun"/>
-      <param pos="0" name="os.device" value="General"/>
-      <param pos="0" name="os.family" value="Linux"/>
-      <param pos="0" name="os.product" value="Cobalt RaQ"/>
-   </fingerprint>
-   <fingerprint pattern="^Apache\/2\.2\.11.*\(Fedora\).*">
-      <description>Red Hat Fedora 11</description>
-      <param pos="0" name="os.vendor" value="Red Hat"/>
-      <param pos="0" name="os.device" value="General"/>
-      <param pos="0" name="os.family" value="Linux"/>
-      <param pos="0" name="os.product" value="Fedora Core Linux"/>
-      <param pos="0" name="os.version" value="11"/>
-   </fingerprint>
-   <fingerprint pattern="^Apache\/2\.2\.15.*\(Fedora\).*">
-      <description>Red Hat Fedora 13</description>
-      <param pos="0" name="os.vendor" value="Red Hat"/>
-      <param pos="0" name="os.device" value="General"/>
-      <param pos="0" name="os.family" value="Linux"/>
-      <param pos="0" name="os.product" value="Fedora Core Linux"/>
-      <param pos="0" name="os.version" value="13"/>
-   </fingerprint>
-   <fingerprint pattern="^Apache\/2\.2\.16.*\(Fedora\).*">
-      <description>Red Hat Fedora 14</description>
-      <param pos="0" name="os.vendor" value="Red Hat"/>
-      <param pos="0" name="os.device" value="General"/>
-      <param pos="0" name="os.family" value="Linux"/>
-      <param pos="0" name="os.product" value="Fedora Core Linux"/>
-      <param pos="0" name="os.version" value="14"/>
-   </fingerprint>
-   <fingerprint pattern="^Apache\/2\.2\.23.*\(Fedora\).*">
-      <description>Red Hat Fedora 17</description>
-      <param pos="0" name="os.vendor" value="Red Hat"/>
-      <param pos="0" name="os.device" value="General"/>
-      <param pos="0" name="os.family" value="Linux"/>
-      <param pos="0" name="os.product" value="Fedora Core Linux"/>
-      <param pos="0" name="os.version" value="17"/>
-   </fingerprint>
-   <fingerprint pattern="^Apache\/2\.4\.3.*\(Fedora\).*">
-      <description>Red Hat Fedora 18</description>
-      <param pos="0" name="os.vendor" value="Red Hat"/>
-      <param pos="0" name="os.device" value="General"/>
-      <param pos="0" name="os.family" value="Linux"/>
-      <param pos="0" name="os.product" value="Fedora Core Linux"/>
-      <param pos="0" name="os.version" value="18"/>
-   </fingerprint>
-   <fingerprint pattern=".*\(Fedora\).*">
-      <description>Red Hat Fedora</description>
-      <param pos="0" name="os.vendor" value="Red Hat"/>
-      <param pos="0" name="os.device" value="General"/>
-      <param pos="0" name="os.family" value="Linux"/>
-      <param pos="0" name="os.product" value="Fedora Core Linux"/>
-   </fingerprint>
-   <fingerprint pattern=".*\(RHEL\).*">
-      <description>Red Hat Fedora</description>
-      <param pos="0" name="os.vendor" value="Red Hat"/>
-      <param pos="0" name="os.device" value="General"/>
-      <param pos="0" name="os.family" value="Linux"/>
-      <param pos="0" name="os.product" value="Enterprise Linux"/>
-   </fingerprint>
-   <fingerprint pattern=".*\(Red[ -]Hat(?:[/ ]Linux)?\).*">
-      <!-- (Red Hat/Linux)
-           (Red-Hat/Linux)
-           (Red Hat Linux)
-           (Red Hat)
-        -->
-      <description>Red Hat Linux</description>
-      <param pos="0" name="os.vendor" value="Red Hat"/>
-      <param pos="0" name="os.device" value="General"/>
-      <param pos="0" name="os.family" value="Linux"/>
-      <param pos="0" name="os.product" value="Linux"/>
-   </fingerprint>
-   <fingerprint pattern=".*Debian(?:[/ ]GNU)?(?:/Linux)?.*">
-      <!-- (Debian)
-           (Debian GNU/Linux)
-           (Unix) Debian GNU/Linux
-           (Unix) Debian/GNU
-        -->
-      <description>Debian Linux</description>
-      <param pos="0" name="os.vendor" value="Debian"/>
-      <param pos="0" name="os.device" value="General"/>
-      <param pos="0" name="os.family" value="Linux"/>
-      <param pos="0" name="os.product" value="Linux"/>
-   </fingerprint>
-   <fingerprint pattern=".*\((?:Linux/)?S[uU]SE(?:/Linux)?\).*">
-      <!-- (SuSE)
-           (SuSE/Linux)
-           (Linux/SuSE)
-           (Linux/SUSE)
-        -->
-      <description>Novell SuSE Linux</description>
-      <param pos="0" name="os.vendor" value="SuSE"/>
-      <param pos="0" name="os.device" value="General"/>
-      <param pos="0" name="os.family" value="Linux"/>
-      <param pos="0" name="os.product" value="Linux"/>
-   </fingerprint>
-   <fingerprint pattern=".*\(NETWARE\).*">
-      <description>Novell NetWare</description>
-      <param pos="0" name="os.vendor" value="Novell"/>
-      <param pos="0" name="os.device" value="General"/>
-      <param pos="0" name="os.family" value="NetWare"/>
-      <param pos="0" name="os.product" value="NetWare"/>
-   </fingerprint>
-   <fingerprint pattern=".*HP-UX_Apache-based_Web_Server.*">
-      <description>HP HP-UX</description>
-      <param pos="0" name="os.vendor" value="HP"/>
-      <param pos="0" name="os.device" value="General"/>
-      <param pos="0" name="os.family" value="HP-UX"/>
-      <param pos="0" name="os.product" value="HP-UX"/>
-   </fingerprint>
-   <fingerprint pattern=".*\(CentOS\).*">
-      <description>CentOS Linux</description>
-      <param pos="0" name="os.vendor" value="CentOS"/>
-      <param pos="0" name="os.device" value="General"/>
-      <param pos="0" name="os.family" value="Linux"/>
-      <param pos="0" name="os.product" value="Linux"/>
-   </fingerprint>
-   <fingerprint pattern=".*\(Turbolinux\).*">
-      <description>Turbolinux</description>
-      <param pos="0" name="os.vendor" value="Turbolinux"/>
-      <param pos="0" name="os.device" value="General"/>
-      <param pos="0" name="os.family" value="Linux"/>
-      <param pos="0" name="os.product" value="Linux"/>
-   </fingerprint>
-   <fingerprint pattern=".*\(FreeBSD\).*">
-      <description>FreeBSD</description>
-      <param pos="0" name="os.vendor" value="FreeBSD"/>
-      <param pos="0" name="os.device" value="General"/>
-      <param pos="0" name="os.family" value="FreeBSD"/>
-      <param pos="0" name="os.product" value="FreeBSD"/>
-   </fingerprint>
-   <fingerprint pattern=".*\(Asianux\).*">
-      <description>Asianux Linux</description>
-      <param pos="0" name="os.vendor" value="Asianux"/>
-      <param pos="0" name="os.device" value="General"/>
-      <param pos="0" name="os.family" value="Linux"/>
-      <param pos="0" name="os.product" value="Linux"/>
-   </fingerprint>
-   <fingerprint pattern=".*\(Gentoo(?:/Linux)?\).*">
-      <description>Gentoo Linux</description>
-      <param pos="0" name="os.vendor" value="Gentoo"/>
-      <param pos="0" name="os.device" value="General"/>
-      <param pos="0" name="os.family" value="Linux"/>
-      <param pos="0" name="os.product" value="Linux"/>
-   </fingerprint>
-   <fingerprint pattern=".*\(Conectiva(?:/Linux)?\).*">
-      <description>CentOS Linux</description>
-      <param pos="0" name="os.vendor" value="Conectiva"/>
-      <param pos="0" name="os.device" value="General"/>
-      <param pos="0" name="os.family" value="Linux"/>
-      <param pos="0" name="os.product" value="Linux"/>
-   </fingerprint>
-   <fingerprint pattern=".*\(Trustix Secure Linux(?:/Linux)?\).*">
-      <description>CentOS Linux</description>
-      <param pos="0" name="os.vendor" value="Trustix"/>
-      <param pos="0" name="os.device" value="General"/>
-      <param pos="0" name="os.family" value="Linux"/>
-      <param pos="0" name="os.product" value="Secure Linux"/>
-   </fingerprint>
-   <fingerprint pattern=".*\(White Box\).*">
-      <description>White Box Enterprise Linux</description>
-      <param pos="0" name="os.vendor" value="White Box"/>
-      <param pos="0" name="os.device" value="General"/>
-      <param pos="0" name="os.family" value="Linux"/>
-      <param pos="0" name="os.product" value="Enterprise Linux"/>
-   </fingerprint>
-   <fingerprint pattern=".*\(UnitedLinux\).*">
-      <description>UnitedLinux</description>
-      <param pos="0" name="os.vendor" value="UnitedLinux"/>
-      <param pos="0" name="os.device" value="General"/>
-      <param pos="0" name="os.family" value="Linux"/>
-      <param pos="0" name="os.product" value="Linux"/>
-   </fingerprint>
-   <fingerprint pattern=".*\(PLD/Linux\).*">
-      <description>PLD Linux</description>
-      <param pos="0" name="os.vendor" value="PLD"/>
-      <param pos="0" name="os.device" value="General"/>
-      <param pos="0" name="os.family" value="Linux"/>
-      <param pos="0" name="os.product" value="Linux"/>
-   </fingerprint>
-   <fingerprint pattern=".*\(Vine/Linux\).*">
-      <description>Vine Linux</description>
-      <param pos="0" name="os.vendor" value="Vine"/>
-      <param pos="0" name="os.device" value="General"/>
-      <param pos="0" name="os.family" value="Linux"/>
-      <param pos="0" name="os.product" value="Linux"/>
-   </fingerprint>
-   <fingerprint pattern=".*\(rPath\).*">
-      <description>rPath Linux</description>
-      <param pos="0" name="os.vendor" value="rPath"/>
-      <param pos="0" name="os.device" value="General"/>
-      <param pos="0" name="os.family" value="Linux"/>
-      <param pos="0" name="os.product" value="Linux"/>
-   </fingerprint>
-   <fingerprint pattern=".*\(StartCom Linux\).*">
-      <description>StartCom Linux</description>
-      <param pos="0" name="os.vendor" value="StartCom"/>
-      <param pos="0" name="os.device" value="General"/>
-      <param pos="0" name="os.family" value="Linux"/>
-      <param pos="0" name="os.product" value="Linux"/>
-   </fingerprint>
-   <fingerprint pattern=".*Linux.*">
-      <description>Generic Linux fallback</description>
-      <param pos="0" name="os.certainty" value="0.75"/>
-      <param pos="0" name="os.device" value="General"/>
-      <param pos="0" name="os.family" value="Linux"/>
-      <param pos="0" name="os.product" value="Linux"/>
-   </fingerprint>
+  <fingerprint pattern=".*\(iSeries\).*">
+    <description>IBM i5/OS iSeries (OS/400)</description>
+    <param pos="0" name="os.vendor" value="IBM"/>
+    <param pos="0" name="os.device" value="General"/>
+    <param pos="0" name="os.family" value="OS/400"/>
+    <param pos="0" name="os.product" value="OS/400"/>
+  </fingerprint>
+  <fingerprint pattern=".*\(Mandrake Linux/\d+\.\d+\.92mdk\).*">
+    <description>Mandriva (formerly Mandrake) Linux 9.2</description>
+    <param pos="0" name="os.certainty" value="0.9"/>
+    <param pos="0" name="os.vendor" value="Mandriva"/>
+    <param pos="0" name="os.device" value="General"/>
+    <param pos="0" name="os.family" value="Linux"/>
+    <param pos="0" name="os.product" value="Linux"/>
+    <param pos="0" name="os.version" value="9.2"/>
+  </fingerprint>
+  <fingerprint pattern=".*\(Mandrake Linux/\d+\.\d+\.100mdk\).*">
+    <description>Mandriva (formerly Mandrake) Linux 10.0</description>
+    <param pos="0" name="os.certainty" value="0.9"/>
+    <param pos="0" name="os.vendor" value="Mandriva"/>
+    <param pos="0" name="os.device" value="General"/>
+    <param pos="0" name="os.family" value="Linux"/>
+    <param pos="0" name="os.product" value="Linux"/>
+    <param pos="0" name="os.version" value="10.0"/>
+  </fingerprint>
+  <fingerprint pattern=".*\((?:Mandrake|Mandriva) Linux/.*">
+    <description>Mandriva (formerly Mandrake) Linux unknown version</description>
+    <param pos="0" name="os.vendor" value="Mandriva"/>
+    <param pos="0" name="os.device" value="General"/>
+    <param pos="0" name="os.family" value="Linux"/>
+    <param pos="0" name="os.product" value="Linux"/>
+  </fingerprint>
+  <fingerprint pattern=".*\(Mandrakelinux/.*">
+    <description>Mandriva (formerly Mandrake) Linux unknown version</description>
+    <param pos="0" name="os.vendor" value="Mandriva"/>
+    <param pos="0" name="os.device" value="General"/>
+    <param pos="0" name="os.family" value="Linux"/>
+    <param pos="0" name="os.product" value="Linux"/>
+  </fingerprint>
+  <fingerprint pattern=".*\(PalmOS\).*">
+    <description>PalmOS</description>
+    <param pos="0" name="os.vendor" value="Palm"/>
+    <param pos="0" name="os.device" value="General"/>
+    <param pos="0" name="os.family" value="PalmOS"/>
+    <param pos="0" name="os.product" value="PalmOS"/>
+  </fingerprint>
+  <fingerprint pattern=".*\(Win32\).*">
+    <description>Microsoft Windows</description>
+    <param pos="0" name="os.certainty" value="0.75"/>
+    <param pos="0" name="os.vendor" value="Microsoft"/>
+    <param pos="0" name="os.device" value="General"/>
+    <param pos="0" name="os.family" value="Windows"/>
+    <param pos="0" name="os.product" value="Windows"/>
+  </fingerprint>
+  <fingerprint pattern=".*\(Darwin\).*">
+    <description>Apple Mac OS X</description>
+    <param pos="0" name="os.vendor" value="Apple"/>
+    <param pos="0" name="os.device" value="General"/>
+    <param pos="0" name="os.family" value="Mac OS X"/>
+    <param pos="0" name="os.product" value="Mac OS X"/>
+  </fingerprint>
+  <fingerprint pattern=".*\(Ubuntu\).*">
+    <description>Ubuntu</description>
+    <param pos="0" name="os.vendor" value="Ubuntu"/>
+    <param pos="0" name="os.device" value="General"/>
+    <param pos="0" name="os.family" value="Linux"/>
+    <param pos="0" name="os.product" value="Linux"/>
+  </fingerprint>
+  <fingerprint pattern=".*(?:Sun )?Cobalt \(Unix\)?.*">
+    <description>Sun Cobalt RaQ (Red Hat based Linux)</description>
+    <param pos="0" name="os.vendor" value="Sun"/>
+    <param pos="0" name="os.device" value="General"/>
+    <param pos="0" name="os.family" value="Linux"/>
+    <param pos="0" name="os.product" value="Cobalt RaQ"/>
+  </fingerprint>
+  <fingerprint pattern=".*\(BlueQuartz\).*">
+    <description>Blue Quartz is created by a Cobalt RaQ UG</description>
+    <param pos="0" name="os.vendor" value="Sun"/>
+    <param pos="0" name="os.device" value="General"/>
+    <param pos="0" name="os.family" value="Linux"/>
+    <param pos="0" name="os.product" value="Cobalt RaQ"/>
+  </fingerprint>
+  <fingerprint pattern="^Apache\/2\.2\.11.*\(Fedora\).*">
+    <description>Red Hat Fedora 11</description>
+    <param pos="0" name="os.vendor" value="Red Hat"/>
+    <param pos="0" name="os.device" value="General"/>
+    <param pos="0" name="os.family" value="Linux"/>
+    <param pos="0" name="os.product" value="Fedora Core Linux"/>
+    <param pos="0" name="os.version" value="11"/>
+  </fingerprint>
+  <fingerprint pattern="^Apache\/2\.2\.15.*\(Fedora\).*">
+    <description>Red Hat Fedora 13</description>
+    <param pos="0" name="os.vendor" value="Red Hat"/>
+    <param pos="0" name="os.device" value="General"/>
+    <param pos="0" name="os.family" value="Linux"/>
+    <param pos="0" name="os.product" value="Fedora Core Linux"/>
+    <param pos="0" name="os.version" value="13"/>
+  </fingerprint>
+  <fingerprint pattern="^Apache\/2\.2\.16.*\(Fedora\).*">
+    <description>Red Hat Fedora 14</description>
+    <param pos="0" name="os.vendor" value="Red Hat"/>
+    <param pos="0" name="os.device" value="General"/>
+    <param pos="0" name="os.family" value="Linux"/>
+    <param pos="0" name="os.product" value="Fedora Core Linux"/>
+    <param pos="0" name="os.version" value="14"/>
+  </fingerprint>
+  <fingerprint pattern="^Apache\/2\.2\.23.*\(Fedora\).*">
+    <description>Red Hat Fedora 17</description>
+    <param pos="0" name="os.vendor" value="Red Hat"/>
+    <param pos="0" name="os.device" value="General"/>
+    <param pos="0" name="os.family" value="Linux"/>
+    <param pos="0" name="os.product" value="Fedora Core Linux"/>
+    <param pos="0" name="os.version" value="17"/>
+  </fingerprint>
+  <fingerprint pattern="^Apache\/2\.4\.3.*\(Fedora\).*">
+    <description>Red Hat Fedora 18</description>
+    <param pos="0" name="os.vendor" value="Red Hat"/>
+    <param pos="0" name="os.device" value="General"/>
+    <param pos="0" name="os.family" value="Linux"/>
+    <param pos="0" name="os.product" value="Fedora Core Linux"/>
+    <param pos="0" name="os.version" value="18"/>
+  </fingerprint>
+  <fingerprint pattern=".*\(Fedora\).*">
+    <description>Red Hat Fedora</description>
+    <param pos="0" name="os.vendor" value="Red Hat"/>
+    <param pos="0" name="os.device" value="General"/>
+    <param pos="0" name="os.family" value="Linux"/>
+    <param pos="0" name="os.product" value="Fedora Core Linux"/>
+  </fingerprint>
+  <fingerprint pattern=".*\(RHEL\).*">
+    <description>Red Hat Fedora</description>
+    <param pos="0" name="os.vendor" value="Red Hat"/>
+    <param pos="0" name="os.device" value="General"/>
+    <param pos="0" name="os.family" value="Linux"/>
+    <param pos="0" name="os.product" value="Enterprise Linux"/>
+  </fingerprint>
+  <fingerprint pattern=".*\(Red[ -]Hat(?:[/ ]Linux)?\).*">
+    <description>Red Hat Linux</description>
+    <param pos="0" name="os.vendor" value="Red Hat"/>
+    <param pos="0" name="os.device" value="General"/>
+    <param pos="0" name="os.family" value="Linux"/>
+    <param pos="0" name="os.product" value="Linux"/>
+  </fingerprint>
+  <fingerprint pattern=".*Debian(?:[/ ]GNU)?(?:/Linux)?.*">
+    <description>Debian Linux</description>
+    <param pos="0" name="os.vendor" value="Debian"/>
+    <param pos="0" name="os.device" value="General"/>
+    <param pos="0" name="os.family" value="Linux"/>
+    <param pos="0" name="os.product" value="Linux"/>
+  </fingerprint>
+  <fingerprint pattern=".*\((?:Linux/)?S[uU]SE(?:/Linux)?\).*">
+    <description>Novell SuSE Linux</description>
+    <param pos="0" name="os.vendor" value="SuSE"/>
+    <param pos="0" name="os.device" value="General"/>
+    <param pos="0" name="os.family" value="Linux"/>
+    <param pos="0" name="os.product" value="Linux"/>
+  </fingerprint>
+  <fingerprint pattern=".*\(NETWARE\).*">
+    <description>Novell NetWare</description>
+    <param pos="0" name="os.vendor" value="Novell"/>
+    <param pos="0" name="os.device" value="General"/>
+    <param pos="0" name="os.family" value="NetWare"/>
+    <param pos="0" name="os.product" value="NetWare"/>
+  </fingerprint>
+  <fingerprint pattern=".*HP-UX_Apache-based_Web_Server.*">
+    <description>HP HP-UX</description>
+    <param pos="0" name="os.vendor" value="HP"/>
+    <param pos="0" name="os.device" value="General"/>
+    <param pos="0" name="os.family" value="HP-UX"/>
+    <param pos="0" name="os.product" value="HP-UX"/>
+  </fingerprint>
+  <fingerprint pattern=".*\(CentOS\).*">
+    <description>CentOS Linux</description>
+    <param pos="0" name="os.vendor" value="CentOS"/>
+    <param pos="0" name="os.device" value="General"/>
+    <param pos="0" name="os.family" value="Linux"/>
+    <param pos="0" name="os.product" value="Linux"/>
+  </fingerprint>
+  <fingerprint pattern=".*\(Turbolinux\).*">
+    <description>Turbolinux</description>
+    <param pos="0" name="os.vendor" value="Turbolinux"/>
+    <param pos="0" name="os.device" value="General"/>
+    <param pos="0" name="os.family" value="Linux"/>
+    <param pos="0" name="os.product" value="Linux"/>
+  </fingerprint>
+  <fingerprint pattern=".*\(FreeBSD\).*">
+    <description>FreeBSD</description>
+    <param pos="0" name="os.vendor" value="FreeBSD"/>
+    <param pos="0" name="os.device" value="General"/>
+    <param pos="0" name="os.family" value="FreeBSD"/>
+    <param pos="0" name="os.product" value="FreeBSD"/>
+  </fingerprint>
+  <fingerprint pattern=".*\(Asianux\).*">
+    <description>Asianux Linux</description>
+    <param pos="0" name="os.vendor" value="Asianux"/>
+    <param pos="0" name="os.device" value="General"/>
+    <param pos="0" name="os.family" value="Linux"/>
+    <param pos="0" name="os.product" value="Linux"/>
+  </fingerprint>
+  <fingerprint pattern=".*\(Gentoo(?:/Linux)?\).*">
+    <description>Gentoo Linux</description>
+    <param pos="0" name="os.vendor" value="Gentoo"/>
+    <param pos="0" name="os.device" value="General"/>
+    <param pos="0" name="os.family" value="Linux"/>
+    <param pos="0" name="os.product" value="Linux"/>
+  </fingerprint>
+  <fingerprint pattern=".*\(Conectiva(?:/Linux)?\).*">
+    <description>CentOS Linux</description>
+    <param pos="0" name="os.vendor" value="Conectiva"/>
+    <param pos="0" name="os.device" value="General"/>
+    <param pos="0" name="os.family" value="Linux"/>
+    <param pos="0" name="os.product" value="Linux"/>
+  </fingerprint>
+  <fingerprint pattern=".*\(Trustix Secure Linux(?:/Linux)?\).*">
+    <description>CentOS Linux</description>
+    <param pos="0" name="os.vendor" value="Trustix"/>
+    <param pos="0" name="os.device" value="General"/>
+    <param pos="0" name="os.family" value="Linux"/>
+    <param pos="0" name="os.product" value="Secure Linux"/>
+  </fingerprint>
+  <fingerprint pattern=".*\(White Box\).*">
+    <description>White Box Enterprise Linux</description>
+    <param pos="0" name="os.vendor" value="White Box"/>
+    <param pos="0" name="os.device" value="General"/>
+    <param pos="0" name="os.family" value="Linux"/>
+    <param pos="0" name="os.product" value="Enterprise Linux"/>
+  </fingerprint>
+  <fingerprint pattern=".*\(UnitedLinux\).*">
+    <description>UnitedLinux</description>
+    <param pos="0" name="os.vendor" value="UnitedLinux"/>
+    <param pos="0" name="os.device" value="General"/>
+    <param pos="0" name="os.family" value="Linux"/>
+    <param pos="0" name="os.product" value="Linux"/>
+  </fingerprint>
+  <fingerprint pattern=".*\(PLD/Linux\).*">
+    <description>PLD Linux</description>
+    <param pos="0" name="os.vendor" value="PLD"/>
+    <param pos="0" name="os.device" value="General"/>
+    <param pos="0" name="os.family" value="Linux"/>
+    <param pos="0" name="os.product" value="Linux"/>
+  </fingerprint>
+  <fingerprint pattern=".*\(Vine/Linux\).*">
+    <description>Vine Linux</description>
+    <param pos="0" name="os.vendor" value="Vine"/>
+    <param pos="0" name="os.device" value="General"/>
+    <param pos="0" name="os.family" value="Linux"/>
+    <param pos="0" name="os.product" value="Linux"/>
+  </fingerprint>
+  <fingerprint pattern=".*\(rPath\).*">
+    <description>rPath Linux</description>
+    <param pos="0" name="os.vendor" value="rPath"/>
+    <param pos="0" name="os.device" value="General"/>
+    <param pos="0" name="os.family" value="Linux"/>
+    <param pos="0" name="os.product" value="Linux"/>
+  </fingerprint>
+  <fingerprint pattern=".*\(StartCom Linux\).*">
+    <description>StartCom Linux</description>
+    <param pos="0" name="os.vendor" value="StartCom"/>
+    <param pos="0" name="os.device" value="General"/>
+    <param pos="0" name="os.family" value="Linux"/>
+    <param pos="0" name="os.product" value="Linux"/>
+  </fingerprint>
+  <fingerprint pattern=".*Linux.*">
+    <description>Generic Linux fallback</description>
+    <param pos="0" name="os.certainty" value="0.75"/>
+    <param pos="0" name="os.device" value="General"/>
+    <param pos="0" name="os.family" value="Linux"/>
+    <param pos="0" name="os.product" value="Linux"/>
+  </fingerprint>
 </fingerprints>