February 2012 OS detection highlights

[David Fifield <david () bamsoftware com>]

I recently finished a round of about 1,900 OS fingerprint submissions
since June 2011. Here is a summary of how the database changed.

Line count went from 67041 to 66739 (-302, -0%).
Fingerprint count went from 3618 to 3572 (-46, -1%).

What?! I hear you cry. The database actually decreased in size. This is
because of something that happened in r26218, where a lot of
fingerprints got duplicated for some reason. I removed all the
duplicates, and that accounts for the decrease. If you ignore the 5,405
lines and 302 fingerprints that were deleted, it's more like:

Line count went from 58666 to 66739 (+8073, +14%).
Fingerprint count went from 3316 to 3572 (+256, +8%).

New vendors:
4G Systems, AirLive, Barrelfish, Bowers & Wilkins, Cyberoam, ETH Zurich,
Express Logic, FireBrick, Haiku, Hitron, ITW, Kronos, LG, LaCrosse,
Lenel, LifeSize, Marantz, Nexenta, Oracle, PCMeasure, Schneider
Electric, Schrack, Sonus, Symmetricon, T-Marc, Teradici, Toptech, Ubee.
No removed vendors.

Thanks to all the submitters; you are helping keep the database up to
date. If you look at the diff (svn diff -r 28048:28107 nmap-os-db), you
will see that each round of submissions not only adds new fingerprints,
but refines and improves existing fingerprints.

Interesting new fingerprints:

Fingerprint Haiku R1 Alpha 3
        I'm surprised it has taken this long, but this is our first
        Haiku fingerprint.
        http://haiku-os.org/

Fingerprint Apple iOS 5.0.1
        iOS is what runs on iPads and iPhones.

Fingerprint OpenBSD 4.9 - 5.0
        OpenBSD 5.0 was released in November 2011. Here is their release
        song "What Me Worry?":
        http://openbsd.org/lyrics.html#50

# Oracle JRockitVE (JRockit Virtual Edition) on Virtualbox, which is an OSless solution to provide Java Virtual Machine
Fingerprint Oracle JRockit Java virtual machine
        This is a Java VM that runs on bare metal without an OS.
        https://en.wikipedia.org/wiki/JRockit
        http://docs.oracle.com/cd/E17090_01/doc.1111/e15206/introduction002.htm
        ("Oracle Fusion Middleware User's Guide for Oracle JRockit Virtual
        Edition" section 1.2 "About Oracle JRockit Virtual Edition" because that
        second link looks fragile.)

Fingerprint Nexenta OS 3.0 - 3.0.4 (OpenSolaris snv_130 - snv_134f)
        Nexenta is OpenSolaris with a GNU-like userland.
        http://www.nexenta.org/
        Apparently both Nexenta and OpenIndiana are ending and
        converging on a new project called Illumian.
        https://www.illumos.org/projects/illumian

Fingerprint FreeBSD 7.0-RELEASE-p1 - 9.0-PRERELEASE
        FreeBSD 9.0 was released in January 2012.

Fingerprint RF-Space SDR-IP software radio
        It was neat to see that this software-defined radio runs its own
        firmware, not embedded Linux or something like that.
        http://www.rfspace.com/RFSPACE/SDR-IP.html
        https://en.wikipedia.org/wiki/Software-defined_radio

Fingerprint Barrelfish before release2011-09-02
        This is an experimental OS built at ETH Zurich. I don't know of
        any public servers running this other than barrelfish.org, but
        you can apparently build and install it yourself. There had been
        no release yet at the time the fingerprint was submitted.
        http://barrelfish.org/
        We also got service fingerprints for its web server, whose code
        you can find here:
        http://hg.barrelfish.org/file/tip/usr/webserver

Fingerprint Bluebottle OS
        Another OS from ETH Zurich. This one seems to have gone by many
        names over the years, so I'm not sure that I have the label
        exactly right.
        http://www.a2.ethz.ch/
        https://en.wikipedia.org/wiki/Bluebottle_OS

David Fifield
_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://seclists.org/nmap-dev/