Do service fingerprint corrections.

nmap-os-db

@@ -29524,25 +29524,6 @@ T7(R=N)
 U1(DF=N%T=7B-85%TG=80%IPL=164%UN=0%RIPL=G%RID=G%RIPCK=G%RUCK=G%RUD=G)
 IE(DFI=N%T=7B-85%TG=80%CD=Z)
 
-# windows vista home basic version 6.0 compilacion 6000
-# 2008 server entreprise edition 64 bits with SP1 installed, french version
-Fingerprint Microsoft Windows Vista SP0 - SP2 or Windows Server 2008 SP1
-Class Microsoft | Windows | Vista | general purpose
-Class Microsoft | Windows | 2008 | general purpose
-SEQ(SP=F8-106%GCD=1-6%ISR=104-110%TI=I%II=I%SS=S%TS=7)
-OPS(O1=M5B4NW8ST11%O2=M5B4NW8ST11%O3=M5B4NW8NNT11%O4=M5B4NW8ST11%O5=M5B4NW8ST11%O6=M5B4ST11)
-WIN(W1=2000%W2=2000%W3=2000%W4=2000%W5=2000%W6=2000)
-ECN(R=Y%DF=Y%T=7B-85%TG=80%W=2000%O=M5B4NW8NNS%CC=N%Q=)
-T1(R=Y%DF=Y%T=7B-85%TG=80%S=O%A=S+%F=AS%RD=0%Q=)
-T2(R=N)
-T3(R=N)
-T4(R=N)
-T5(R=N)
-T6(R=N)
-T7(R=N)
-U1(DF=N%T=7B-85%TG=80%IPL=164%UN=0%RIPL=G%RID=G%RIPCK=G%RUCK=G%RUD=G)
-IE(DFI=N%T=7B-85%TG=80%CD=Z)
-
 # Microsoft Windows Vista English PRE-RC1 Build 5536
 # Vista Beta 2 Build 5472
 # Miscosoft Windows Vista Ultimate RTM (build 6000) (English), x86 running under VMware 5.5
@@ -29598,9 +29579,11 @@ IE(DFI=N%T=7B-85%TG=80%CD=Z)
 # version 6.0 (Build 6001:Service Pack 1)
 # Ver 6.0 Build 6001:Service Pack 1, Windows Vista Ultimate
 # Windows Server 2008 Standard Edition SP1 x64
-Fingerprint Microsoft Windows Vista SP0 or SP1 or Server 2008 SP1
+# Windows Seven Ultimate x64
+Fingerprint Microsoft Windows Vista SP0 or SP1, Server 2008 SP1, or Windows 7
 Class Microsoft | Windows | Vista | general purpose
 Class Microsoft | Windows | 2008 | general purpose
+Class Microsoft | Windows | 7 | general purpose
 SEQ(SP=E4-10A%GCD=1-6%ISR=F5-111%TI=I%II=I%SS=S%TS=7)
 OPS(O1=M5B4NW8ST11%O2=M5B4NW8ST11%O3=M5B4NW8NNT11%O4=M5B4NW8ST11%O5=M5B4NW8ST11%O6=M5B4ST11)
 WIN(W1=2000%W2=2000%W3=2000%W4=2000%W5=2000%W6=2000)

nmap-service-probes

@@ -294,6 +294,7 @@ match ftp m|^220 ([-/.+\w]+) IBM TCP/IP for OS/2 - FTP Server [Vv]er \d+:\d+:\d+
 match ftp m|^220 ([-/.+\w]+) IBM TCP/IP f\xfcr OS/2 - FTP-Server [Vv]er \d+:\d+:\d+ .* bereit\.\r\n| p|IBM OS/2 ftpd| h/$1/ o|OS/2| i/German/
 match ftp m|^220 ([-/.+\w]+) Lexmark ([-/.+\w ]+) FTP Server (\d[-.\w]+) ready\.\r\n| p/Lexmark $2 printer ftpd/ v/$3/ h/$1/ d/printer/
 #atch ftp m|^220 LXK14ED59 Lexmark Optra SC 1275 FTP Server ([\d.]+) ready\.\r\n| p/Lexmark Optra SC 1275 ftpd/ v/$1/ d/printer/
+match ftp m|^220 YUZU Lexmark Optra S 1625 FTP Server ([\d.]+) ready\.\r\n| p/Lexmark Optra S 1625 ftpd/ v/$1/ d/printer/
 match ftp m|^220 Internet Rex (\d[-.\w ]+) \(([-/.+\w]+)\) FTP server awaiting your command\.\r\n| p/Internet Rex ftpd/ v/$1/ i/$2/
 match ftp m|^220 ([-.+\w]+) FTP server \(Version (\d[-.\w]+)\([^\)]+\) [A-Z][a-z][a-z] [A-Z].*200\d\) ready\.\r\n| p/HP-UX ftpd/ h/$1/ v/$2/ o/HP-UX/
 match ftp m|^530 Connection refused, unknown IP address\.\r\n$| p/Microsoft IIS ftpd/ i/IP address rejected/ o/Windows/
@@ -455,9 +456,7 @@ match ftp m|220  FTP Server for NW 3.1x, 4.xx  \((v1.10)\), \(c\) 199[0-9] HellS
 match ftp m|^220 ([-.\w]+) MultiNet FTP Server Process V(\S+) at .+\r\n$| p/DEC OpenVMS MultiNet FTPd/ h/$1/ v/$2/
 match ftp m|^220-\r\n220 ([-.\w]+) FTP server \(NetBSD-ftpd ([-.\w]+)\) ready.\r\n$| p/NetBSD lukemftpd/ h/$1/ v/$2/
 match ftp m|^220 ([-.\w]+) Network Management Card AOS v([-.\w]+) FTP server ready.\r\n$| p/APC AOS ftpd/ v/$2/ i/on APC $1 network management card/ d/power-device/ o/AOS/
-# G-Net BB0060 ADSL Modem - the ftpd might be by "GlobespanVirata" as that
-# is what the t3lnetd on this device said.
-match ftp m|^220 FTP Server \(Version 1.0\) ready.\r\n$| p/G-Net DSL Modem ftpd/ v/1.0/ d/broadband router/
+match ftp m|^220 FTP Server \(Version 1.0\) ready.\r\n$| p/GlobespanVirata ftpd/ v/1.0/ d/broadband router/
 # HP-UX B.11.00
 match ftp m|^220 ([-.\w ]+) FTP server \(Version (1.1.2[.\d]+) [A-Z][a-z]{2} [A-Z][a-z]{2} .*\) ready.\r\n| p/HP-UX ftpd/ h/$1/ v/$2/ o/HP-UX/
 # 220 mirrors.midco.net FTP server ready.
@@ -1916,6 +1915,7 @@ match smtp m|^220[\s-](\S+) E?SMTP Sendmail @\(#\)Sendmail version (\d[^; ]+) -
 match smtp m|^220[\s-](\S+) Sendmail (SMI-\S+) ready at .*\r\n$| p/Sendmail/ h/$1/ v/$2/ o/Unix/
 match smtp m|^220[\s-]([-\w_.]+) Sendmail (\S+) ready at .*\r\n| p/Sendmail/ h/$1/ v/$2/ o/Unix/
 match smtp m|^220[\s-]([-\w_.]+) ESMTP Sendmail SGI-(\d[^; ]+)| p/Sendmail/ h/$1/ v/$2/ o/IRIX/
+match smtp m|^421 4\.3\.2 Connection rate limit exceeded\.\r\n$| p/Sendmail/
 match smtp m/^220[- ]([^\r\n]+) ESMTP Exim (V?\d\S+)/ p/Exim smtpd/ h/$1/ v/$2/
 match smtp m/^220[- ].*\r\n220[- ]([^\r\n]+) ESMTP Exim /s p/Exim smtpd/ h/$1/
 match smtp m/^220 CheckPoint FireWall-1 secure ESMTP server\r\n$/ p/Checkpoint FireWall-1 smtpd/ d/firewall/
@@ -3435,7 +3435,6 @@ match http m|^\(null\) 400 Bad Request\r\nServer: \r\n.*<HTML>\n            <HEA
 match http m|^HTTP/1\.0 400 Bad Request\r\nServer: Extent/([\d.]+)\r\n\r\n<HTML><HEAD>\n<TITLE>Error</TITLE>\n</HEAD>\n<BODY>\n<H2>400 Bad Request</H2></BODY>\n</HTML>\n$| p/Alepo Extent/ v/$1/
 
 match http-proxy m|^HTTP/1\.0 400 Bad Request\r\nContent-Type: text/html\r\nPragma: no-cache\r\nConnection: close\r\nContent-Type: text/html; charset=utf-8\r\n\r\n<html><body>Invalid request<P><HR><i>This message was created by WinRoute Proxy</i></body></html>| p/WinRoute http proxy/ o/Windows/
-match http-proxy m|^514 Authentication required\.\r\n$| p/Tor control port/ i/Authentication required/
 match http-proxy m|^HTTP/1\.0 400 Bad Request\r\n.*<html><body>\t\t<i><h2>Invalid request:</h2></i><p><pre>Bad request format\.\n</pre><b>\t\t</b><p>Please, check URL\.<p>\t\t<hr>\t\tGenerated by Oops\.\t\t</body>\t\t</html>$|s p/Oops! http proxy/ d/proxy server/
 
 match icecast m|^HTTP/1\.0 200 OK\r\nServer: icecast/(\d[-.\w]+)\r\n| p|Shoutcast/Icecast streaming audio| v|$1|
@@ -3599,6 +3598,8 @@ match telemecanique m|^220 Service ready on ([\w._-]+) system Version:([\w._:-]+
 #match telnet m|^\xff\xfb\x03\xff\xfb\x01$| p/Nokia M1112 router telnetd/ d/router/
 match telnet m|^\xff\xfb\x01\xff\xfb\x03\r\nUser:\r\n\r\nUser:\r\n\r\nUser:| p/Dell PowerConnect M6220-series switch telnetd/ d/switch/
 
+match tor-control m|^514 Authentication required\.\r\n$| p/Tor control port/ i/Authentication required/
+
 # Solaris 9
 match uucp m|^login: Please enter user name: Password: $| p/Solaris uucpd/ o/Solaris/
 # SunOS 4
@@ -6690,6 +6691,7 @@ rarity 1
 ports 17,88,111,407,500,517,518,1419,2427,4045,10000,10080,12203,27960,32750-32810,38978
 
 match amanda m|^Amanda ([\d.]+) NAK HANDLE  SEQ 0\nERROR expected \"Amanda\", got \"r\xfe\x1d\x13\"\n| p/Amanda backup service/ v/$1/ o/Unix/
+match domain m=^r\xfe\x9d\x04\0\0\0\0\0\0\0\x02\0\x01\x86\xa0\0\x01\x97\|\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0$= p/Zoom X5 ADSL modem DNS/ d/broadband router/
 match rpcbind m|^\x72\xFE\x1D\x13\0\0\0\x01\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\x01|
 match rpcbind m|^\x72\xFE\x1D\x13\0\0\0\x01\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\x02|
 # OpenAFS 1.2.10 on Linux 2.4.22
@@ -6757,8 +6759,6 @@ match domain m|^\0\x06\x81\x85\0\0\0\0\0\0\0\0$| p/ISC BIND/ v/9.X/
 match domain m|\x07version\x04bind\0\0\x10\0\x03\x07VERSION\x04BIND\0\0\x10\0\x03\0\0\0\0\0| p/ISC BIND/ v/8.X/
 # Tinydns 1.05
 match domain m|^\0\x06\x81\x81\0\x01\0\0\0\0\0\0\x07version\x04bind\0\0\x10\0\x03$| p/TinyDNS/
-# Microsoft DNS Windows 2000, SP4
-match domain m|^\0\x06\x81\x04\0\x01\0\0\0\0\0\0\x07version\x04bind\0\0\x10\0\x03$| p/Microsoft DNS/ o/Windows/
 # MyDNS 0.10.0 on Linux
 match domain m|^\0\x06\x81\x04\0\0\0\0\0\0\0\0$| p/MyDNS/
 # PowerDNS 2.9.11
@@ -6768,6 +6768,10 @@ match domain m|^\0\x06\x85\x83\0\x01\0\0\0\0\0\0\x07version\x04bind\0\0\x10\0\x0
 
 match nstx m|^\0\x06\x84\x80\0\x01\0\x01\0\0\0\0\x07version\x04bind\0\0\x10\0\x01\xc0\x0c\0\x10\0\x01\0\0\0\0| p/NSTX IP-over-DNS tunnel/
 
+# Microsoft DNS Windows 2000, SP4
+# Zoom X5 ADSL modem DNS
+match domain m|^\0\x06\x81\x04\0\x01\0\0\0\0\0\0\x07version\x04bind\0\0\x10\0\x03$|
+
 # This fallback is because many people customize their BIND version to avoid
 # revealing specific version information. This rule should always be below the
 # detailed rules above.
@@ -6818,7 +6822,9 @@ match domain m|\x07version\x04bind\0.*Microsoft DNS ([-\w_.]+) \(|s p/Microsoft
 
 # Novell 5.1 DNS Server
 # BIND 4.9.7-REL on OpenBSD
-match domain m|^\0\x1e\0\x06\x81.\0\x01\0\0\0\0\0\0\x07version\x04bind\0\0\x10\0\x03$|s p/ISC BIND/ v/4.X/
+# JDNSS 1.4.5
+match domain m|^\0\x1e\0\x06\x81.\0\x01\0\0\0\0\0\0\x07version\x04bind\0\0\x10\0\x03$|s
+
 # PowerDNS 2.9.6 on FreeBSD
 # PowerDNS 2.9.8 Linux
 match domain m|^\0.\0\x06\x85\0\0\x01\0\x01\0\0\0\0\x07version\x04bind\0\0\x10\0.\xc0\x0c\0\x10\0\x01\0\0\0\x05\0..Served by POWERDNS (\d[-.\w]+) |s p/PowerDNS/ v/$1/
@@ -7497,8 +7503,8 @@ match microsoft-ds m|^\0\0\0.\xffSMBr\0\0\0\0\x88\x01@\0\0\0\0\0\0\0\0\0\0\0\0\0
 # Windows XP SP1
 match microsoft-ds m|^\0\0\0.\xffSMBr\0\0\0\0\x88\x01@\0\0\0\0\0\0\0\0\0\0\0\0\0\0@\x06\0\0\x01\0\x11\x07\0.\n\0\x01\0\x04\x11\0\0\0\0\x01\0\0\0\0\0\xfd\xe3\0\0|s p/Microsoft Windows XP microsoft-ds/ o/Windows/
 match microsoft-ds m|^\0\0\0.\xffSMBr\0\0\0\0\x88\x01@\0\0\0\0\0\0\0\0\0\0\0\0\0\0@\x06\0\0\x01\0\x11\x07\0.2\0\x01\0\x04A\0\0\0\0\x01\0\0\0\0\0\xfd\xf3\0\0|s p/Microsoft Windows 2000 microsoft-ds/ o/Windows/
-# Microsoft Windows 2003
-match microsoft-ds m|^\0\0\0.\xffSMBr\0\0\0\0\x88\x01@\0\0\0\0\0\0\0\0\0\0\0\0\0\0@\x06\0\0\x01\0\x11\x07\0.2\0\x01\0\x04.\0\0\0\0\x01\0\0\0\0\0\xfd\xf3\x01\0|s p/Microsoft Windows 2003 microsoft-ds/ o/Windows/
+# Microsoft Windows 2003 or 2008
+match microsoft-ds m|^\0\0\0.\xffSMBr\0\0\0\0\x88\x01@\0\0\0\0\0\0\0\0\0\0\0\0\0\0@\x06\0\0\x01\0\x11\x07\0.2\0\x01\0\x04.\0\0\0\0\x01\0\0\0\0\0\xfd\xf3\x01\0|s p/Microsoft Windows 2003 or 2008 microsoft-ds/ o/Windows/
 # Microsoft Windows 2000 Server
 # Microsoft Windows 2000 Server SP4
 match microsoft-ds m|^\0\0\0.\xffSMBr\0\0\0\0\x88\x01@\0\0\0\0\0\0\0\0\0\0\0\0\0\0@\x06\0\0\x01\0\x11\x07\0.[}2]\0\x01\0\x04A\0\0\0\0\x01\0\0\0\0\0\xfd[\xe3\xf3]\0\0|s p/Microsoft Windows 2000 microsoft-ds/ o/Windows/