mailing list archives
December 2007 OS database highlights
From: David Fifield <david () bamsoftware com>
Date: Fri, 7 Dec 2007 19:20:38 -0700
I just finished another round of OS integration. Here are noteworthy new
Apple iPhone mobile phone or iPod Touch audio player (Darwin 9.0.0d1)
We already had signatures for the iPhone. Sadly the iPod Touch
Apple Mac OS X 10.5 (Leopard) (Darwin 9.0.0)
Bosch Divar security system
Just as it sounds, this is a security system. Or more likely one
component of a security system.
It brightens my day to see submissions like this amidst all the
Linux 2.6s, Windows XP SP2s, and Cisco routers. I wonder if this
is the oldest OS in the database? A web page I found said 1976.
IBM OS/2 3.0 (Warp)
This is our earliest OS/2 signature. Wikipedia says 3.0 came out
Linux 2.6.22 - 2.6.23
Linux 2.6.22 appears to be distinguishable from earlier releases
in most cases. For this version the SEQ.ISR test has a higher
value (EF seems to be common). While I have not seen any
pre-2.6.22 Linuxes with such a high ISR, unfortunately there are
a few 2.6.22 and later that have a lower ISR, so there are some
fingerprints like "Linux 2.6.11 - 2.6.22".
NeXT NEXTSTEP 3.3 (patch level 3, m68k) or OPENSTEP 4.2
NeXT OPENSTEP 4.2
All sorts of capitalizations of these OS names are in use.
This is based on FreeBSD.
Nokia E90 Communicator or N95 mobile phone (Symbian OS 9.2 - 10.0)
Nokia E61 or E65 mobile phone (Symbian OS)
Nokia E70 mobile phone (Symbian OS)
Sony Ericsson W910i mobile phone
The E65, E70, E90, and W910i are new in this round.
Netgear EVA700 Digital Entertainer set top box
Roku HD1500 media player
Swisscom BlueWin TV set top box
Silicondust HDHomeRun set top box
Motorola QIP2500 set top box
A whole bunch of DVR-type devices.
And a few other unusual ones:
ThingMagic Mercury RFID reader running Yagi OS 2.4 (Linux 2.4.27-uc1)
OpenVZ Linux virtualization kernel (Linux 2.6.18-028stab023.1+31-openvz-smp)
Rockwell Automation 1761-NET-ENI Ethernet-to-RS-232-C interface module
BeaconMedaes TotalAlert medical gas alarm
Sent through the nmap-dev mailing list
Archived at http://SecLists.Org
- December 2007 OS database highlights David Fifield (Dec 08)