xml/rsh_resp.xml in recog-intrigue-2.3.7 vs xml/rsh_resp.xml in recog-intrigue-2.3.14
- old
+ new
@@ -1,68 +1,76 @@
-<?xml version="1.0" encoding="UTF-8"?>
+<?xml version='1.0' encoding='UTF-8'?>
<fingerprints protocol="rsh" database_type="service">
<!--
Rservices responses to requests are matched against these patterns to fingerprint the OSes of servers.
-->
+
<fingerprint pattern="^.Permission denied: Error 0$">
<description>Digital Unix rlogind</description>
<example>xPermission denied: Error 0</example>
<param pos="0" name="os.vendor" value="HP"/>
<param pos="0" name="os.family" value="Digital Unix"/>
</fingerprint>
+
<fingerprint pattern="^.Winsock RSHD/NT: Protocol negotiation error\..+$|^.in\.rlogind: Permission denied\..+$" flags="REG_DOT_NEWLINE">
<description>Windows rlogind</description>
<example>xWinsock RSHD/NT: Protocol negotiation error.
0</example>
<example>xin.rlogind: Permission denied.
</example>
<param pos="0" name="os.vendor" value="Microsoft"/>
<param pos="0" name="os.family" value="Windows"/>
</fingerprint>
+
<fingerprint pattern="^.permission denied\..+$" flags="REG_DOT_NEWLINE">
<description>Solaris rlogind</description>
<example>xpermission denied.
</example>
<param pos="0" name="os.vendor" value="Sun"/>
<param pos="0" name="os.family" value="Solaris"/>
<param pos="0" name="os.product" value="Solaris"/>
<param pos="0" name="os.cpe23" value="cpe:/o:sun:solaris:-"/>
</fingerprint>
+
<fingerprint pattern="^.rlogind: Acc.s refus.\..+$" flags="REG_DOT_NEWLINE">
<description>AIX rlogind</description>
<example>xrlogind: Accxs refusx.
</example>
<param pos="0" name="os.vendor" value="IBM"/>
<param pos="0" name="os.family" value="AIX"/>
<param pos="0" name="os.product" value="AIX"/>
<param pos="0" name="os.cpe23" value="cpe:/o:ibm:aix:-"/>
</fingerprint>
+
<fingerprint pattern="^.rlogind: Host name for your address \([\d.]+\) unknown\..*$" flags="REG_DOT_NEWLINE">
<description>A/UX rlogind</description>
<example>xrlogind: Host name for your address (127.0.0.1) unknown.
</example>
<param pos="0" name="os.vendor" value="Apple"/>
<param pos="0" name="os.family" value="A/UX"/>
</fingerprint>
+
<fingerprint pattern="^.rexecd: Login incorrect\..*$" flags="REG_DOT_NEWLINE">
<description>HP-UX rexecd</description>
<example>xrexecd: Login incorrect.
</example>
<param pos="0" name="os.vendor" value="HP"/>
<param pos="0" name="os.family" value="HP-UX"/>
<param pos="0" name="os.product" value="HP-UX"/>
<param pos="0" name="os.cpe23" value="cpe:/o:hp:hp-ux:-"/>
</fingerprint>
+
<fingerprint pattern="^.rexecd: [-\d]+.*$" flags="REG_DOT_NEWLINE">
<description>AIX rexecd</description>
<example>xrexecd: 0-1 The login is not correct.
</example>
<param pos="0" name="os.vendor" value="IBM"/>
<param pos="0" name="os.family" value="AIX"/>
<param pos="0" name="os.product" value="AIX"/>
<param pos="0" name="os.cpe23" value="cpe:/o:ibm:aix:-"/>
</fingerprint>
+
<fingerprint pattern="^.remshd: (?:getservbyname.+|Kerberos Authentication not enabled\..+|Error! Kerberos authentication failed)$" flags="REG_DOT_NEWLINE">
<description>HP-UX rshd</description>
<example>xremshd: getservbyname
</example>
<example>xremshd: Kerberos Authentication not enabled.
@@ -71,6 +79,7 @@
<param pos="0" name="os.vendor" value="HP"/>
<param pos="0" name="os.family" value="HP-UX"/>
<param pos="0" name="os.product" value="HP-UX"/>
<param pos="0" name="os.cpe23" value="cpe:/o:hp:hp-ux:-"/>
</fingerprint>
-</fingerprints>
+
+</fingerprints>
\ No newline at end of file