From 42145701c3fa744e4646d6f9406cfe3d0f5ee9e8 Mon Sep 17 00:00:00 2001
From: fyodor <fyodor@e0a8ed71-7df4-0310-8962-fdc924857419>
Date: Wed, 20 Jul 2005 23:25:38 +0000
Subject: [PATCH] Some fixes for Zhao's update

---
 nmap-os-fingerprints | 5830 +++++++++++++++++++++---------------------
 1 file changed, 2915 insertions(+), 2915 deletions(-)

diff --git a/nmap-os-fingerprints b/nmap-os-fingerprints
index 0008b771a..39fc87f68 100644
--- a/nmap-os-fingerprints
+++ b/nmap-os-fingerprints
@@ -79,19 +79,6 @@ T6(DF=N%W=0%ACK=O%Flags=R%Ops=)
 T7(DF=N%W=0%ACK=S%Flags=AR%Ops=)
 PU(Resp=N)
 
-# 3com OfficeConnect Remote 812 ADSL Router (Firmware V1.1.7)
-Fingerprint 3com OfficeConnect Remote 812 ADSL Router
-Class 3Com | embedded || router
-TSeq(Class=TD%gcd=<C354%SI=<1E%IPID=I%TS=U)
-T1(DF=N%W=200%ACK=S++%Flags=AS%Ops=M)
-T2(Resp=Y%DF=N%W=0%ACK=S%Flags=AR%Ops=)
-T3(Resp=Y%DF=N%W=200%ACK=S++%Flags=AS%Ops=M)
-T4(DF=N%W=0%ACK=O%Flags=R%Ops=)
-T5(DF=N%W=0%ACK=S++%Flags=AR%Ops=)
-T6(DF=N%W=0%ACK=O%Flags=R%Ops=)
-T7(DF=N%W=0%ACK=S++%Flags=AR%Ops=)
-PU(DF=N%TOS=0%IPLEN=38%RIPTL=148%RID=E%RIPCK=E%UCK=E%ULEN=134%DAT=E)
-
 # 3Com Sharkfin/Tailfin Cable Modem boot code 01.00.003a main image 1.17 hardware 2.00 web 604
 Fingerprint 3Com Sharkfin/Tailfin Cable Modem
 Class 3Com | embedded || broadband router
@@ -117,6 +104,19 @@ T6(DF=N%W=0%ACK=O%Flags=R%Ops=)
 T7(DF=N%W=0%ACK=S++%Flags=AR%Ops=)
 PU(DF=N%TOS=0%IPLEN=38%RIPTL=148%RID=E%RIPCK=F%UCK=F%ULEN=134%DAT=E)
 
+# US Robotics USR8000 Broadband router, firmware 1.27 patched
+Fingerprint US Robotics USR8000 Broadband router
+Class 3Com | embedded || broadband router
+TSeq(Class=RI%gcd=<68%SI=<726%IPID=BI%TS=U)
+T1(DF=N%W=800|C00%ACK=S++%Flags=AR%Ops=)
+T2(Resp=Y%DF=N%W=400|1000%ACK=S%Flags=AR%Ops=)
+T3(Resp=Y%DF=N%W=1000|400%ACK=S++%Flags=AR%Ops=)
+T4(DF=N%W=800|C00|400%ACK=S%Flags=AR%Ops=)
+T5(DF=N%W=400|800|1000%ACK=S++%Flags=AR%Ops=)
+T6(DF=N%W=1000|400|800%ACK=S%Flags=AR%Ops=)
+T7(DF=N%W=C00|1000%ACK=S++%Flags=AR%Ops=)
+PU(DF=N%TOS=0%IPLEN=38%RIPTL=148%RID=E%RIPCK=E%UCK=E%ULEN=134%DAT=E)
+
 # 3Com NBX Superstack 3 IP PBX running firmware 4_1_11
 # 3Com NBX-100 (version R4_1_4) Phone System Processor
 Fingerprint 3Com NBX PBX
@@ -230,6 +230,19 @@ T6(DF=N%W=0%ACK=O%Flags=AR%Ops=)
 T7(DF=N%W=0%ACK=O%Flags=AR%Ops=)
 PU(DF=N%TOS=0%IPLEN=164%RIPTL=148%RID=E%RIPCK=E%UCK=E%ULEN=134%DAT=E)
 
+# 3com OfficeConnect Remote 812 ADSL Router (Firmware V1.1.7)
+Fingerprint 3com OfficeConnect Remote 812 ADSL Router
+Class 3Com | embedded || router
+TSeq(Class=TD%gcd=<C354%SI=<1E%IPID=I%TS=U)
+T1(DF=N%W=200%ACK=S++%Flags=AS%Ops=M)
+T2(Resp=Y%DF=N%W=0%ACK=S%Flags=AR%Ops=)
+T3(Resp=Y%DF=N%W=200%ACK=S++%Flags=AS%Ops=M)
+T4(DF=N%W=0%ACK=O%Flags=R%Ops=)
+T5(DF=N%W=0%ACK=S++%Flags=AR%Ops=)
+T6(DF=N%W=0%ACK=O%Flags=R%Ops=)
+T7(DF=N%W=0%ACK=S++%Flags=AR%Ops=)
+PU(DF=N%TOS=0%IPLEN=38%RIPTL=148%RID=E%RIPCK=E%UCK=E%ULEN=134%DAT=E)
+
 Fingerprint 3Com / USR TotalSwitch Firmware: 02.02.00R
 Class 3Com | embedded || switch
 TSeq(Class=C|TD%gcd=3D090%SI=0)
@@ -242,6 +255,21 @@ T6(Resp=Y%DF=N%W=0%ACK=O%Flags=R%Ops=)
 T7(Resp=Y%DF=N%W=0%ACK=S++%Flags=AR%Ops=)
 PU(DF=N%TOS=0%IPLEN=38%RIPTL=148%RID=E%RIPCK=E%UCK=E%ULEN=134%DAT=E)
 
+# 3com Switch 7700 firmware v2.01
+# Huawei S6506R routing switch VRP 3.10 release 1009
+Fingerprint 3Com 7700/8800 Switch or Huawei S6506R routing switch VRP 3.10
+Class 3Com | embedded || switch
+Class Huawei | VRP || switch
+TSeq(Class=64K%IPID=I%TS=U)
+T1(DF=N%W=2000%ACK=S++%Flags=AS%Ops=M)
+T2(Resp=N)
+T3(Resp=Y%DF=N%W=1FC4%ACK=O%Flags=A%Ops=)
+T4(DF=N%W=2000%ACK=O%Flags=R%Ops=)
+T5(DF=N%W=0%ACK=S++%Flags=AR%Ops=)
+T6(DF=N%W=0%ACK=O%Flags=R%Ops=)
+T7(DF=N%W=0%ACK=S%Flags=AR%Ops=)
+PU(DF=N%TOS=0%IPLEN=38%RIPTL=148%RID=E%RIPCK=E%UCK=0%ULEN=134%DAT=E)
+
 Fingerprint 3Com Access Builder 4000 Switch
 Class 3Com | embedded || switch
 T1(DF=N%W=0|800%ACK=S++%Flags=AR|AS%Ops=|M)
@@ -279,21 +307,6 @@ T6(DF=N%W=0%ACK=S%Flags=APR%Ops=)
 T7(DF=N%W=0%ACK=S%Flags=APR%Ops=)
 PU(DF=N%TOS=0%IPLEN=38%RIPTL=148%RID=E%RIPCK=E%UCK=E%ULEN=134%DAT=E)
 
-# 3com Switch 7700 firmware v2.01
-# Huawei S6506R routing switch VRP 3.10 release 1009
-Fingerprint 3Com 7700/8800 Switch or Huawei S6506R routing switch VRP 3.10
-Class 3Com | embedded || switch
-Class Huawei | VRP || switch
-TSeq(Class=64K%IPID=I%TS=U)
-T1(DF=N%W=2000%ACK=S++%Flags=AS%Ops=M)
-T2(Resp=N)
-T3(Resp=Y%DF=N%W=1FC4%ACK=O%Flags=A%Ops=)
-T4(DF=N%W=2000%ACK=O%Flags=R%Ops=)
-T5(DF=N%W=0%ACK=S++%Flags=AR%Ops=)
-T6(DF=N%W=0%ACK=O%Flags=R%Ops=)
-T7(DF=N%W=0%ACK=S%Flags=AR%Ops=)
-PU(DF=N%TOS=0%IPLEN=38%RIPTL=148%RID=E%RIPCK=E%UCK=0%ULEN=134%DAT=E)
-
 Fingerprint 3Com SuperStack II switch SW/NBSI-CF,11.1.0.00S38
 Class 3Com | embedded || switch
 TSeq(Class=TD%gcd=<68%SI=<3C)
@@ -812,6 +825,18 @@ T6(DF=N%W=0%ACK=O%Flags=R%Ops=)
 T7(DF=N%W=0%ACK=S++%Flags=AR%Ops=)
 PU(DF=N%TOS=0%IPLEN=38%RIPTL=148%RID=E%RIPCK=E%UCK=F%ULEN=134%DAT=E)
 
+Fingerprint APC Network management Card AP9616
+Class APC | embedded || power-device
+TSeq(Class=TD%gcd=<3D094%SI=<14%IPID=I%TS=1000HZ)
+T1(DF=Y%W=10CD%ACK=S++%Flags=AS%Ops=MENWNNT)
+T2(Resp=N)
+T3(Resp=Y%DF=Y%W=10CD%ACK=S++%Flags=AS%Ops=MENWNNT)
+T4(DF=N%W=0%ACK=O%Flags=R%Ops=)
+T5(DF=N%W=0%ACK=S++%Flags=AR%Ops=)
+T6(DF=N%W=0%ACK=O%Flags=R%Ops=)
+T7(DF=N%W=0%ACK=S++%Flags=AR%Ops=)
+PU(DF=N%TOS=0%IPLEN=38%RIPTL=148%RID=E%RIPCK=E%UCK=E%ULEN=134%DAT=E)
+
 # APC AP9617  network management card inside Matrix 5000 UPS
 Fingerprint APC network-enabled UPS
 Class APC | embedded || power-device
@@ -825,6 +850,19 @@ T6(DF=N%W=0%ACK=O%Flags=R%Ops=)
 T7(Resp=N)
 PU(DF=N%TOS=0%IPLEN=38%RIPTL=148%RID=E%RIPCK=E%UCK=E%ULEN=134%DAT=E)
 
+# APC UPS Network Management Card, Model AP9617
+Fingerprint APC UPS Network Management Card
+Class APC | embedded || power-device
+TSeq(Class=TD%gcd=<61AC%SI=<3C%IPID=I%TS=1000HZ)
+T1(DF=Y%W=10CD%ACK=S++%Flags=AS%Ops=MENWNNT)
+T2(Resp=N)
+T3(Resp=Y%DF=N%W=0%ACK=O%Flags=AR%Ops=)
+T4(DF=N%W=0%ACK=O%Flags=R%Ops=)
+T5(DF=N%W=0%ACK=S++%Flags=AR%Ops=)
+T6(DF=N%W=0%ACK=O%Flags=R%Ops=)
+T7(Resp=N)
+PU(DF=N%TOS=80%IPLEN=38%RIPTL=148%RID=E%RIPCK=F%UCK=F%ULEN=134%DAT=E)
+
 # SmartUPS 3000RM Firmware: 92.14.I
 # APC PDU AOS v1.1.6
 Fingerprint APC UPS system
@@ -839,10 +877,11 @@ T6(DF=N%W=0%ACK=O%Flags=R%Ops=)
 T7(Resp=N)
 PU(DF=N%TOS=0%IPLEN=38%RIPTL=148%RID=E%RIPCK=E%UCK=E%ULEN=134%DAT=E)
 
-Fingerprint APC Network management Card AP9616
+# American Power Conversion / Network Management Card AOS v2.5.3 / Symmetra LX 16000 RM / This is a network management interface on a high end UPS
+Fingerprint APC UPS System network management card (runs AOS v2.5.3)
 Class APC | embedded || power-device
-TSeq(Class=TD%gcd=<3D094%SI=<14%IPID=I%TS=1000HZ)
-T1(DF=Y%W=10CD%ACK=S++%Flags=AS%Ops=MENWNNT)
+TSeq(Class=TD%gcd=<3D094%SI=<1E%IPID=I%TS=1000HZ)
+T1(DF=N%W=0%ACK=S++%Flags=AR%Ops=)
 T2(Resp=N)
 T3(Resp=Y%DF=Y%W=10CD%ACK=S++%Flags=AS%Ops=MENWNNT)
 T4(DF=N%W=0%ACK=O%Flags=R%Ops=)
@@ -870,32 +909,6 @@ T6(DF=N%W=0%ACK=O%Flags=R%Ops=)
 T7(Resp=Y%DF=N%W=0%ACK=S++%Flags=AR%Ops=)
 PU(DF=N%TOS=0%IPLEN=38%RIPTL=148%RID=E%RIPCK=E%UCK=E%ULEN=134%DAT=E)
 
-# APC UPS Network Management Card, Model AP9617
-Fingerprint APC UPS Network Management Card
-Class APC | embedded || power-device
-TSeq(Class=TD%gcd=<61AC%SI=<3C%IPID=I%TS=1000HZ)
-T1(DF=Y%W=10CD%ACK=S++%Flags=AS%Ops=MENWNNT)
-T2(Resp=N)
-T3(Resp=Y%DF=N%W=0%ACK=O%Flags=AR%Ops=)
-T4(DF=N%W=0%ACK=O%Flags=R%Ops=)
-T5(DF=N%W=0%ACK=S++%Flags=AR%Ops=)
-T6(DF=N%W=0%ACK=O%Flags=R%Ops=)
-T7(Resp=N)
-PU(DF=N%TOS=80%IPLEN=38%RIPTL=148%RID=E%RIPCK=F%UCK=F%ULEN=134%DAT=E)
-
-# American Power Conversion / Network Management Card AOS v2.5.3 / Symmetra LX 16000 RM / This is a network management interface on a high end UPS
-Fingerprint APC UPS System network management card (runs AOS v2.5.3)
-Class APC | embedded || power-device
-TSeq(Class=TD%gcd=<3D094%SI=<1E%IPID=I%TS=1000HZ)
-T1(DF=N%W=0%ACK=S++%Flags=AR%Ops=)
-T2(Resp=N)
-T3(Resp=Y%DF=Y%W=10CD%ACK=S++%Flags=AS%Ops=MENWNNT)
-T4(DF=N%W=0%ACK=O%Flags=R%Ops=)
-T5(DF=N%W=0%ACK=S++%Flags=AR%Ops=)
-T6(DF=N%W=0%ACK=O%Flags=R%Ops=)
-T7(DF=N%W=0%ACK=S++%Flags=AR%Ops=)
-PU(DF=N%TOS=0%IPLEN=38%RIPTL=148%RID=E%RIPCK=E%UCK=E%ULEN=134%DAT=E)
-
 Fingerprint APC Web/SNMP UPS management card
 Class APC | embedded || power-device
 TSeq(Class=RI%gcd=<6%SI=<52FB700&>D46DF)
@@ -969,18 +982,6 @@ T6(DF=N%W=800%ACK=O%Flags=R%Ops=)
 T7(DF=N%W=800%ACK=S++%Flags=AR%Ops=)
 PU(DF=N%TOS=0%IPLEN=38%RIPTL=148%RID=E%RIPCK=E%UCK=E%ULEN=134%DAT=E)
 
-Fingerprint Apple LaserWriter 12/640 PS
-Class Apple | embedded || printer
-TSeq(Class=C%Val=85BD001%IPID=I%TS=U)
-T1(DF=Y%W=111C%ACK=S++%Flags=AS%Ops=M)
-T2(Resp=N)
-T3(Resp=Y%DF=N%W=0%ACK=O%Flags=R%Ops=)
-T4(DF=N%W=0%ACK=O%Flags=R%Ops=)
-T5(DF=N%W=0%ACK=O%Flags=R%Ops=)
-T6(DF=N%W=0%ACK=O%Flags=R%Ops=)
-T7(DF=N%W=0%ACK=O%Flags=R%Ops=)
-PU(Resp=N)
-
 Fingerprint Apple Color LaserWriter 600 Printer
 Class Apple | embedded || printer
 TSeq(Class=C)
@@ -993,6 +994,18 @@ T6(DF=N%W=1000%ACK=O%Flags=R%Ops=)
 T7(DF=N%W=1000%ACK=S++%Flags=AR%Ops=)
 PU(DF=N%TOS=0%IPLEN=38%RIPTL=148%RID=E%RIPCK=E%UCK=E%ULEN=134%DAT=E)
 
+Fingerprint Apple LaserWriter 12/640 PS
+Class Apple | embedded || printer
+TSeq(Class=C%Val=85BD001%IPID=I%TS=U)
+T1(DF=Y%W=111C%ACK=S++%Flags=AS%Ops=M)
+T2(Resp=N)
+T3(Resp=Y%DF=N%W=0%ACK=O%Flags=R%Ops=)
+T4(DF=N%W=0%ACK=O%Flags=R%Ops=)
+T5(DF=N%W=0%ACK=O%Flags=R%Ops=)
+T6(DF=N%W=0%ACK=O%Flags=R%Ops=)
+T7(DF=N%W=0%ACK=O%Flags=R%Ops=)
+PU(Resp=N)
+
 Fingerprint Apple LaserWriter 16/600 PS, HP 6P, or HP 5 Printer
 Class Apple | embedded || printer
 TSeq(Class=C)
@@ -1020,6 +1033,20 @@ T6(Resp=Y%DF=N%W=0%ACK=O%Flags=R%Ops=)
 T7(Resp=Y%DF=N%W=0%ACK=O%Flags=R%Ops=)
 PU(Resp=N)
 
+# Apple AirPort Extreme Base Station Firmware 5.1.1
+Fingerprint Apple Airport Extreme Base Station (WAP) or ARRIS Cadant C3 CMTS Cable Modem
+Class Apple | embedded || WAP
+Class ARRIS | embedded || broadband router
+TSeq(Class=RI%gcd=<6%SI=<94160&>15CB%IPID=I%TS=2HZ)
+T1(DF=Y%W=2000|4000%ACK=S++%Flags=AS%Ops=MNWNNT)
+T2(Resp=N)
+T3(Resp=Y%DF=Y%W=2000|4000%ACK=O%Flags=A%Ops=NNT)
+T4(DF=N%W=2000|4000%ACK=O%Flags=R%Ops=)
+T5(DF=N%W=0%ACK=S++%Flags=AR%Ops=)
+T6(DF=N%W=0%ACK=O%Flags=R%Ops=)
+T7(DF=N%W=0%ACK=S%Flags=AR%Ops=)
+PU(DF=Y|N%TOS=0%IPLEN=38%RIPTL=148%RID=E%RIPCK=0%UCK=0%ULEN=134%DAT=E)
+
 # Apple Airport Express (Wireless Router/Bridge) (Firmware v6.1)
 # Apple AirPort Express (Apple Base Station V6.0)
 # OKI Phaser B6300N laser printer
@@ -1040,32 +1067,6 @@ T6(DF=N%W=0%ACK=O%Flags=R%Ops=)
 T7(DF=N%W=0%ACK=S%Flags=AR%Ops=)
 PU(DF=N%TOS=0%IPLEN=38%RIPTL=148%RID=E%RIPCK=0%UCK=0%ULEN=134%DAT=E)
 
-# Apple AirPort Extreme Base Station Firmware 5.1.1
-Fingerprint Apple Airport Extreme Base Station (WAP) or ARRIS Cadant C3 CMTS Cable Modem
-Class Apple | embedded || WAP
-Class ARRIS | embedded || broadband router
-TSeq(Class=RI%gcd=<6%SI=<94160&>15CB%IPID=I%TS=2HZ)
-T1(DF=Y%W=2000|4000%ACK=S++%Flags=AS%Ops=MNWNNT)
-T2(Resp=N)
-T3(Resp=Y%DF=Y%W=2000|4000%ACK=O%Flags=A%Ops=NNT)
-T4(DF=N%W=2000|4000%ACK=O%Flags=R%Ops=)
-T5(DF=N%W=0%ACK=S++%Flags=AR%Ops=)
-T6(DF=N%W=0%ACK=O%Flags=R%Ops=)
-T7(DF=N%W=0%ACK=S%Flags=AR%Ops=)
-PU(DF=Y|N%TOS=0%IPLEN=38%RIPTL=148%RID=E%RIPCK=0%UCK=0%ULEN=134%DAT=E)
-
-Fingerprint Apple Mac OS 7.0-7.1 With MacTCP 1.1.1 - 2.0.6
-Class Apple | Mac OS | 7.X | general purpose
-TSeq(Class=C|TD)
-T1(DF=N%W=192F|2D25%ACK=S++%Flags=AS%Ops=M)
-T2(Resp=N)
-T3(Resp=Y%DF=N%W=0%ACK=O%Flags=A%Ops=)
-T4(DF=N%W=400|800|C00|1000%ACK=O%Flags=R%Ops=)
-T5(DF=N%W=400|800|C00|1000%ACK=S++%Flags=AR%Ops=)
-T6(DF=N%W=400|800|C00|1000%ACK=O%Flags=R%Ops=)
-T7(DF=N%W=400|800|C00|1000%ACK=S++%Flags=AR%Ops=)
-PU(DF=N%TOS=0%IPLEN=38%RIPTL=148%RIPCK=E%UCK=E%ULEN=134%DAT=E)
-
 # Mac OS X 1.1-1.2
 Fingerprint Apple Mac OS X 1.1-1.2 (Rhapsody 5.5-5.6) on a G3
 Class Apple | Mac OS X | 10.0.X | general purpose
@@ -1203,6 +1204,20 @@ T6(DF=N%W=0%ACK=O%Flags=R%Ops=)
 T7(Resp=N)
 PU(DF=N%TOS=0%IPLEN=38%RIPTL=148%RID=E%RIPCK=E%UCK=0%ULEN=134%DAT=E)
 
+# Apple Mac OS 10.3.5 (Darwin Kernel Version 7.5.0)
+# Mac OS 10.3.7 Server, Darwain, PPC. Kernel version 7.70. All relevant updates as of 2/2/05
+Fingerprint Apple Mac OS X 10.3.5 or 10.3.7
+Class Apple | Mac OS X | 10.3.X | general purpose
+TSeq(Class=TR%gcd=<6%IPID=I%TS=2HZ)
+T1(DF=Y%W=FFFF%ACK=S++%Flags=AS%Ops=MNWNNT)
+T2(Resp=N)
+T3(Resp=N)
+T4(DF=N%W=0%ACK=O%Flags=R%Ops=)
+T5(DF=N%W=0%ACK=S++%Flags=AR%Ops=)
+T6(DF=N%W=0%ACK=O%Flags=R%Ops=)
+T7(DF=N%W=0%ACK=S%Flags=AR%Ops=)
+PU(DF=N%TOS=0%IPLEN=38%RIPTL=148%RID=E%RIPCK=E%UCK=0%ULEN=134%DAT=E)
+
 Fingerprint Apple Mac OS X 10.3.3 (Panther)
 Class Apple | Mac OS X | 10.3.X | general purpose
 TSeq(Class=TR%gcd=<6%IPID=I%TS=2HZ)
@@ -1215,20 +1230,6 @@ T6(DF=Y%W=0%ACK=O%Flags=R%Ops=)
 T7(DF=Y%W=0%ACK=S%Flags=AR%Ops=)
 PU(DF=Y%TOS=0%IPLEN=38%RIPTL=148%RID=E%RIPCK=E%UCK=0%ULEN=134%DAT=E)
 
-# Apple Mac OS 10.3.5 (Darwin Kernel Version 7.5.0)
-# Mac OS 10.3.7 Server, Darwain, PPC. Kernel version 7.70. All relevant updates as of 2/2/05
-Fingerprint Apple Mac OS 10.3.5 or 10.3.7
-Class Apple | Mac OS X | 10.3.X | general purpose
-TSeq(Class=TR%gcd=<6%IPID=I%TS=2HZ)
-T1(DF=Y%W=FFFF%ACK=S++%Flags=AS%Ops=MNWNNT)
-T2(Resp=N)
-T3(Resp=N)
-T4(DF=N%W=0%ACK=O%Flags=R%Ops=)
-T5(DF=N%W=0%ACK=S++%Flags=AR%Ops=)
-T6(DF=N%W=0%ACK=O%Flags=R%Ops=)
-T7(DF=N%W=0%ACK=S%Flags=AR%Ops=)
-PU(DF=N%TOS=0%IPLEN=38%RIPTL=148%RID=E%RIPCK=E%UCK=0%ULEN=134%DAT=E)
-
 # Darwin 7.7.0 Power Macintosh powerpc, OS X, version 10.3.7
 # Apple Mac OS X 10.3.6 (7R28) -  (Darwin 7.6.0)
 Fingerprint Apple Mac OS X 10.3.6 or 10.3.7
@@ -1255,20 +1256,6 @@ T6(DF=N%W=0%ACK=O%Flags=R%Ops=)
 T7(DF=N%W=0%ACK=S%Flags=AR%Ops=)
 PU(DF=N%TOS=0%IPLEN=38%RIPTL=148%RID=E%RIPCK=E%UCK=0%ULEN=134%DAT=E)
 
-# Apple Mac OS X 10.3.8 (Panther); Darwin Kernel Version 7.8.0
-# Apple Mac OS X 10.4 (Build: 8A428); Kernel: Darwin 8.0.0
-Fingerprint Apple Mac OS X 10.3.8 or 10.4
-Class Apple | Mac OS X | 10.4.X | general purpose
-TSeq(Class=TR%gcd=<6%IPID=I%TS=2HZ)
-T1(DF=Y%W=FFFF%ACK=S++%Flags=AS%Ops=MNWNNT)
-T2(Resp=N)
-T3(Resp=N)
-T4(DF=N%W=0%ACK=O%Flags=R%Ops=)
-T5(DF=Y%W=0%ACK=S++%Flags=AR%Ops=)
-T6(DF=Y%W=0%ACK=O%Flags=R%Ops=)
-T7(DF=Y%W=0%ACK=S++%Flags=AR%Ops=)
-PU(DF=N%TOS=C0%IPLEN=164%RIPTL=148%RID=E%RIPCK=E%UCK=E%ULEN=134%DAT=E)
-
 # Apple Mac OS X 10.4.0 (Tiger) - Darwin Kernel Version 8.0.0
 # Apple Macintosh PowerBook G4 15" Titanium, Mac OS X 10.4.0 (Tiger) build 8A428
 # Mac OS X 10.4 Darwin 8.0.0 Darwin Kernel Version 8.0.0: Sat Mar 26 14:15:22 PST 2005;
@@ -1298,6 +1285,32 @@ T6(DF=N%W=0%ACK=O%Flags=R%Ops=)
 T7(DF=N%W=0%ACK=S%Flags=AR%Ops=)
 PU(DF=N%TOS=0%IPLEN=38%RIPTL=148%RID=E%RIPCK=E%UCK=0%ULEN=134%DAT=E)
 
+# Apple Mac OS X 10.3.8 (Panther); Darwin Kernel Version 7.8.0
+# Apple Mac OS X 10.4 (Build: 8A428); Kernel: Darwin 8.0.0
+Fingerprint Apple Mac OS X 10.3.8 or 10.4
+Class Apple | Mac OS X | 10.4.X | general purpose
+TSeq(Class=TR%gcd=<6%IPID=I%TS=2HZ)
+T1(DF=Y%W=FFFF%ACK=S++%Flags=AS%Ops=MNWNNT)
+T2(Resp=N)
+T3(Resp=N)
+T4(DF=N%W=0%ACK=O%Flags=R%Ops=)
+T5(DF=Y%W=0%ACK=S++%Flags=AR%Ops=)
+T6(DF=Y%W=0%ACK=O%Flags=R%Ops=)
+T7(DF=Y%W=0%ACK=S++%Flags=AR%Ops=)
+PU(DF=N%TOS=C0%IPLEN=164%RIPTL=148%RID=E%RIPCK=E%UCK=E%ULEN=134%DAT=E)
+
+Fingerprint Apple Mac OS 7.0-7.1 With MacTCP 1.1.1 - 2.0.6
+Class Apple | Mac OS | 7.X | general purpose
+TSeq(Class=C|TD)
+T1(DF=N%W=192F|2D25%ACK=S++%Flags=AS%Ops=M)
+T2(Resp=N)
+T3(Resp=Y%DF=N%W=0%ACK=O%Flags=A%Ops=)
+T4(DF=N%W=400|800|C00|1000%ACK=O%Flags=R%Ops=)
+T5(DF=N%W=400|800|C00|1000%ACK=S++%Flags=AR%Ops=)
+T6(DF=N%W=400|800|C00|1000%ACK=O%Flags=R%Ops=)
+T7(DF=N%W=400|800|C00|1000%ACK=S++%Flags=AR%Ops=)
+PU(DF=N%TOS=0%IPLEN=38%RIPTL=148%RIPCK=E%UCK=E%ULEN=134%DAT=E)
+
 # Not really constant -- just slow incrementation
 # This is an LCIII
 Fingerprint Apple Mac OS 7.1
@@ -2090,6 +2103,18 @@ T6(Resp=Y%DF=N%W=0%ACK=O%Flags=R%Ops=)
 T7(Resp=Y%DF=N%W=0%ACK=S++%Flags=AR%Ops=)
 PU(Resp=N)
 
+Fingerprint Axis print server firmware 7.0.2
+Class AXIS | embedded || print server
+TSeq(Class=TR%gcd=<6%IPID=I%TS=U)
+T1(DF=N%W=100%ACK=S++%Flags=AS%Ops=ME)
+T2(Resp=N)
+T3(Resp=Y%DF=N%W=100%ACK=O%Flags=A%Ops=)
+T4(DF=N%W=100%ACK=O%Flags=R%Ops=)
+T5(DF=N%W=0%ACK=S++%Flags=AR%Ops=)
+T6(DF=N%W=0%ACK=O%Flags=R%Ops=)
+T7(DF=N%W=0%ACK=S++%Flags=AR%Ops=)
+PU(Resp=N)
+
 Fingerprint Axis 200+ Web Camera running OS v1.42
 Class AXIS | embedded || webcam
 T1(DF=N%W=100%ACK=S++%Flags=AS%Ops=ME)
@@ -2112,18 +2137,6 @@ T6(DF=N%W=400%ACK=S%Flags=AR%Ops=)
 T7(DF=N%W=400%ACK=S++%Flags=AR%Ops=)
 PU(DF=N%TOS=C0%IPLEN=164%RIPTL=148%RID=E%RIPCK=E%UCK=E%ULEN=134%DAT=E)
 
-Fingerprint AXIS NetEye Camera Server V1.20
-Class AXIS | embedded || webcam
-TSeq(Class=C)
-T1(Resp=Y%DF=N%W=100%ACK=S++%Flags=AS%Ops=M)
-T2(Resp=Y%DF=N%W=0%ACK=S%Flags=AR%Ops=)
-T3(Resp=Y%DF=N%W=100|0%ACK=O|S++%Flags=A|AR%Ops=)
-T4(Resp=Y%DF=N%W=100|0%ACK=O%Flags=R%Ops=)
-T5(Resp=Y%DF=N%W=0%ACK=S++%Flags=AR%Ops=)
-T6(Resp=Y%DF=N%W=0%ACK=O%Flags=R%Ops=)
-T7(Resp=Y%DF=N%W=0%ACK=S++%Flags=AR%Ops=)
-PU(Resp=N)
-
 # AXIS 200+ Webcam running software version is 1.42
 Fingerprint AXIS Neteye 200+ Webcam running software version 1.42
 Class AXIS | embedded || webcam
@@ -2137,16 +2150,16 @@ T6(DF=N%W=0%ACK=O%Flags=R%Ops=)
 T7(DF=N%W=0%ACK=S++%Flags=AR%Ops=)
 PU(Resp=N)
 
-Fingerprint Axis print server firmware 7.0.2
-Class AXIS | embedded || print server
-TSeq(Class=TR%gcd=<6%IPID=I%TS=U)
-T1(DF=N%W=100%ACK=S++%Flags=AS%Ops=ME)
-T2(Resp=N)
-T3(Resp=Y%DF=N%W=100%ACK=O%Flags=A%Ops=)
-T4(DF=N%W=100%ACK=O%Flags=R%Ops=)
-T5(DF=N%W=0%ACK=S++%Flags=AR%Ops=)
-T6(DF=N%W=0%ACK=O%Flags=R%Ops=)
-T7(DF=N%W=0%ACK=S++%Flags=AR%Ops=)
+Fingerprint AXIS NetEye Camera Server V1.20
+Class AXIS | embedded || webcam
+TSeq(Class=C)
+T1(Resp=Y%DF=N%W=100%ACK=S++%Flags=AS%Ops=M)
+T2(Resp=Y%DF=N%W=0%ACK=S%Flags=AR%Ops=)
+T3(Resp=Y%DF=N%W=100|0%ACK=O|S++%Flags=A|AR%Ops=)
+T4(Resp=Y%DF=N%W=100|0%ACK=O%Flags=R%Ops=)
+T5(Resp=Y%DF=N%W=0%ACK=S++%Flags=AR%Ops=)
+T6(Resp=Y%DF=N%W=0%ACK=O%Flags=R%Ops=)
+T7(Resp=Y%DF=N%W=0%ACK=S++%Flags=AR%Ops=)
 PU(Resp=N)
 
 # AXIS 540+/542+
@@ -2248,6 +2261,18 @@ T6(Resp=Y%DF=N%W=0%ACK=O%Flags=R%Ops=)
 T7(Resp=Y%DF=N%W=0%ACK=S++%Flags=AR%Ops=)
 PU(DF=N%TOS=0%IPLEN=38%RIPTL=148%RID=E%RIPCK=E%UCK=E%ULEN=134%DAT=E)
 
+Fingerprint BayStack 28115/ADV Fast Ethernet Switch
+Class Bay Networks | embedded || switch
+TSeq(Class=TD%gcd=<6%SI=<FF)
+T1(DF=N%W=200%ACK=S++%Flags=AS%Ops=M)
+T2(Resp=Y%DF=N%W=0%ACK=S%Flags=AR%Ops=)
+T3(Resp=Y%DF=N%W=0%ACK=O%Flags=AR%Ops=)
+T4(DF=N%W=0%ACK=O%Flags=R%Ops=)
+T5(DF=N%W=0%ACK=S++%Flags=AR%Ops=)
+T6(DF=N%W=0%ACK=O%Flags=R%Ops=)
+T7(DF=N%W=0%ACK=S++%Flags=AR%Ops=)
+PU(DF=N%TOS=0%IPLEN=38%RIPTL=148%RID=E%RIPCK=E%UCK=E%ULEN=134%DAT=E)
+
 # Fingerprint BayStack 450-24T HW:RevL  FW:V1.47 SW:v3.1.0.22  ISVN:1
 Fingerprint BayStack 450-24T switch
 Class Bay Networks | embedded || switch
@@ -2261,18 +2286,6 @@ T6(DF=N%W=C00|400%ACK=S%Flags=AR%Ops=WNMETL)
 T7(DF=N%W=400|800%ACK=S++%Flags=AR%Ops=WNMETL)
 PU(DF=N%TOS=0%IPLEN=38%RIPTL=148%RID=E%RIPCK=E%UCK=E%ULEN=134%DAT=E)
 
-Fingerprint BayStack 28115/ADV Fast Ethernet Switch
-Class Bay Networks | embedded || switch
-TSeq(Class=TD%gcd=<6%SI=<FF)
-T1(DF=N%W=200%ACK=S++%Flags=AS%Ops=M)
-T2(Resp=Y%DF=N%W=0%ACK=S%Flags=AR%Ops=)
-T3(Resp=Y%DF=N%W=0%ACK=O%Flags=AR%Ops=)
-T4(DF=N%W=0%ACK=O%Flags=R%Ops=)
-T5(DF=N%W=0%ACK=S++%Flags=AR%Ops=)
-T6(DF=N%W=0%ACK=O%Flags=R%Ops=)
-T7(DF=N%W=0%ACK=S++%Flags=AR%Ops=)
-PU(DF=N%TOS=0%IPLEN=38%RIPTL=148%RID=E%RIPCK=E%UCK=E%ULEN=134%DAT=E)
-
 # BayTech RPC4 with Network Module (Data Switch Series - F3.03 (C)2000 DS72C808 Bay Technical Associates DS72)
 # BayTech rpc3-15NC Remote Power Control device
 Fingerprint BayTech Remote Power Control RPC3-15NC or RPC4
@@ -2287,6 +2300,18 @@ T6(DF=N%W=400|800|1000%ACK=S%Flags=AR%Ops=)
 T7(DF=N%W=C00|1000%ACK=S++%Flags=AR%Ops=)
 PU(DF=N%TOS=0%IPLEN=38%RIPTL=148%RID=E%RIPCK=E%UCK=E%ULEN=134%DAT=E)
 
+Fingerprint BBIagent v1.8.1 software router
+Class BBIagent | Linux | 2.4.X | software router
+TSeq(Class=RI%gcd=<6%SI=<18C54&>3B8%IPID=I)
+T1(DF=Y%W=402E%ACK=S++%Flags=AS%Ops=MNWNNT)
+T2(Resp=Y%DF=Y%W=0%ACK=S%Flags=AR%Ops=)
+T3(Resp=Y%DF=Y%W=402E%ACK=S++%Flags=AS%Ops=MNWNNT)
+T4(DF=N%W=0%ACK=O%Flags=R%Ops=)
+T5(DF=Y%W=0%ACK=S++%Flags=AR%Ops=)
+T6(DF=Y%W=0%ACK=O%Flags=R%Ops=)
+T7(DF=Y%W=0%ACK=S++%Flags=AR%Ops=)
+PU(DF=N%TOS=C0%IPLEN=164%RIPTL=148%RID=E%RIPCK=E%UCK=E%ULEN=134%DAT=E)
+
 # Running on a BeBox 66Mhz
 Fingerprint BeOS 4 - 4.5
 Class Be | BeOS | 4.X | general purpose
@@ -2477,19 +2502,6 @@ T6(DF=N%W=0%ACK=S%Flags=R%Ops=)
 T7(DF=N%W=0%ACK=S++%Flags=AR%Ops=)
 PU(DF=N%TOS=0%IPLEN=38%RIPTL=148%RID=E|F%RIPCK=F%UCK=E%ULEN=134%DAT=E)
 
-# VPN Access 25 version V.7.1 Rev. 12
-Fingerprint VPN Access 25 version V. 7.1
-Class BinTec | embedded || broadband router
-TSeq(Class=TD%gcd=<6%SI=<1E%TS=U)
-T1(DF=N%W=4000%ACK=O|S++%Flags=A|AS%Ops=|M)
-T2(Resp=Y%DF=N%W=0%ACK=S%Flags=AR%Ops=)
-T3(Resp=Y%DF=N%W=0%ACK=O%Flags=AR%Ops=)
-T4(DF=N%W=0%ACK=S%Flags=R%Ops=)
-T5(DF=N%W=0%ACK=S++%Flags=AR%Ops=)
-T6(DF=N%W=0%ACK=S%Flags=R%Ops=)
-T7(DF=N%W=0%ACK=S++%Flags=AR%Ops=)
-PU(DF=N%TOS=0%IPLEN=38%RIPTL=148%RID=E|F%RIPCK=F%UCK=E%ULEN=134%DAT=E)
-
 # XS SW Release 4.9.1 ISDN access router
 # BinTec BIANCA XM OS version 4.93
 Fingerprint BinTec XS/XM ISDN access router V. 4.9.1-4.9.3
@@ -2504,6 +2516,19 @@ T6(DF=N%W=0%ACK=S%Flags=R%Ops=)
 T7(DF=N%W=0%ACK=S++%Flags=AR%Ops=)
 PU(DF=N%TOS=0%IPLEN=38%RIPTL=148%RID=0%RIPCK=F%UCK=E%ULEN=134%DAT=E)
 
+# VPN Access 25 version V.7.1 Rev. 12
+Fingerprint VPN Access 25 version V. 7.1
+Class BinTec | embedded || broadband router
+TSeq(Class=TD%gcd=<6%SI=<1E%TS=U)
+T1(DF=N%W=4000%ACK=O|S++%Flags=A|AS%Ops=|M)
+T2(Resp=Y%DF=N%W=0%ACK=S%Flags=AR%Ops=)
+T3(Resp=Y%DF=N%W=0%ACK=O%Flags=AR%Ops=)
+T4(DF=N%W=0%ACK=S%Flags=R%Ops=)
+T5(DF=N%W=0%ACK=S++%Flags=AR%Ops=)
+T6(DF=N%W=0%ACK=S%Flags=R%Ops=)
+T7(DF=N%W=0%ACK=S++%Flags=AR%Ops=)
+PU(DF=N%TOS=0%IPLEN=38%RIPTL=148%RID=E|F%RIPCK=F%UCK=E%ULEN=134%DAT=E)
+
 Fingerprint Blue Coat Security Proxy Appliance
 Class Blue Coat | embedded || web proxy
 TSeq(Class=RI%gcd=<6%SI=<A4704&>780%IPID=I%TS=2HZ)
@@ -2860,19 +2885,6 @@ T6(DF=N%W=400|800|C00|1000%ACK=S%Flags=AR%Ops=WNMETL)
 T7(DF=N%W=400|800|C00|1000%ACK=S++%Flags=AR%Ops=WNMETL)
 PU(DF=N%TOS=0%IPLEN=38%RIPTL=148%RID=E%RIPCK=0%UCK=0%ULEN=134%DAT=E)
 
-# Canon imageRunner iR2270 printer
-Fingerprint Canon iR2270 printer
-Class Canon | embedded || printer
-TSeq(Class=RI%gcd=<6%SI=<977D4&>5EC%IPID=I%TS=2HZ)
-T1(DF=Y%W=4000%ACK=S++%Flags=AS%Ops=MNWNNT)
-T2(Resp=N)
-T3(Resp=Y%DF=Y%W=4000%ACK=O%Flags=AS%Ops=MNWNNT)
-T4(DF=N%W=4000%ACK=O%Flags=R%Ops=)
-T5(DF=N%W=0%ACK=S++%Flags=AR%Ops=)
-T6(DF=N%W=0%ACK=O%Flags=R%Ops=)
-T7(DF=N%W=0%ACK=S%Flags=AR%Ops=)
-PU(DF=N%TOS=0%IPLEN=38%RIPTL=148%RID=E%RIPCK=0%UCK=0%ULEN=134%DAT=E)
-
 # Canon Image Runner C3200
 Fingerprint Canon iR C3200 printer
 Class Canon | embedded || printer
@@ -2885,18 +2897,18 @@ T6(DF=Y%W=0%ACK=O%Flags=R%Ops=)
 T7(DF=Y%W=0%ACK=S++%Flags=AR%Ops=)
 PU(DF=N%TOS=C0%IPLEN=164%RIPTL=148%RID=E%RIPCK=E%UCK=E%ULEN=134%DAT=E)
 
-# Canon inkjet printer iP4000R with wireless interface
-Fingerprint Canon Pixmar IP4000R printer
+# Canon imageRunner iR2270 printer
+Fingerprint Canon iR2270 printer
 Class Canon | embedded || printer
-TSeq(Class=TD%gcd=<20004%SI=<1E%IPID=I%TS=U)
-T1(DF=N%W=2000%ACK=S++%Flags=AS%Ops=M)
+TSeq(Class=RI%gcd=<6%SI=<977D4&>5EC%IPID=I%TS=2HZ)
+T1(DF=Y%W=4000%ACK=S++%Flags=AS%Ops=MNWNNT)
 T2(Resp=N)
-T3(Resp=Y%DF=N%W=2000%ACK=S++|O%Flags=AS|A%Ops=M|)
-T4(DF=N%W=2000%ACK=O%Flags=R%Ops=)
+T3(Resp=Y%DF=Y%W=4000%ACK=O%Flags=AS%Ops=MNWNNT)
+T4(DF=N%W=4000%ACK=O%Flags=R%Ops=)
 T5(DF=N%W=0%ACK=S++%Flags=AR%Ops=)
 T6(DF=N%W=0%ACK=O%Flags=R%Ops=)
-T7(DF=N%W=0%ACK=S++%Flags=AR%Ops=)
-PU(DF=N%TOS=0%IPLEN=38%RIPTL=148%RID=E%RIPCK=E%UCK=E%ULEN=134%DAT=E)
+T7(DF=N%W=0%ACK=S%Flags=AR%Ops=)
+PU(DF=N%TOS=0%IPLEN=38%RIPTL=148%RID=E%RIPCK=0%UCK=0%ULEN=134%DAT=E)
 
 Fingerprint Canon iR6000 printer
 Class Canon | embedded || printer
@@ -2934,6 +2946,19 @@ T6(Resp=Y%DF=N%W=0%ACK=O%Flags=R%Ops=)
 T7(Resp=Y%DF=N%W=0%ACK=S%Flags=AR%Ops=)
 PU(Resp=N)
 
+# Canon inkjet printer iP4000R with wireless interface
+Fingerprint Canon Pixmar IP4000R printer
+Class Canon | embedded || printer
+TSeq(Class=TD%gcd=<20004%SI=<1E%IPID=I%TS=U)
+T1(DF=N%W=2000%ACK=S++%Flags=AS%Ops=M)
+T2(Resp=N)
+T3(Resp=Y%DF=N%W=2000%ACK=S++|O%Flags=AS|A%Ops=M|)
+T4(DF=N%W=2000%ACK=O%Flags=R%Ops=)
+T5(DF=N%W=0%ACK=S++%Flags=AR%Ops=)
+T6(DF=N%W=0%ACK=O%Flags=R%Ops=)
+T7(DF=N%W=0%ACK=S++%Flags=AR%Ops=)
+PU(DF=N%TOS=0%IPLEN=38%RIPTL=148%RID=E%RIPCK=E%UCK=E%ULEN=134%DAT=E)
+
 Fingerprint Capellix 3000 Modular SAN Switch
 Class Capellix | embedded || storage-misc
 TSeq(Class=64K%IPID=I%TS=U)
@@ -2982,19 +3007,6 @@ T6(Resp=N)
 T7(Resp=N)
 PU(Resp=N)
 
-# Netopia Cayman 3341-ENT firmware v8.3.1r0
-Fingerprint Netopia Cayman 3341-ENT ADSL Router
-Class Netopia | embedded || broadband router
-TSeq(Class=TR%gcd=<6%IPID=I%TS=U)
-T1(DF=N%W=400%ACK=S++%Flags=AS%Ops=M)
-T2(Resp=N)
-T3(Resp=Y%DF=N%W=400%ACK=S++%Flags=AS%Ops=M)
-T4(DF=N%W=0%ACK=O%Flags=R%Ops=)
-T5(DF=N%W=0%ACK=S++%Flags=AR%Ops=)
-T6(DF=N%W=0%ACK=O%Flags=R%Ops=)
-T7(DF=N%W=0%ACK=S++%Flags=AR%Ops=)
-PU(Resp=N)
-
 Fingerprint Netopia Cayman 3346 DSL router
 Class Cayman | embedded || broadband router
 TSeq(Class=TR%gcd=<6%IPID=I%TS=U)
@@ -3351,6 +3363,30 @@ T6(DF=N%W=0%ACK=O%Flags=R%Ops=)
 T7(DF=N%W=0%ACK=S%Flags=AR%Ops=)
 PU(DF=N%TOS=0%IPLEN=38%RIPTL=148%RID=E%RIPCK=E%UCK=E%ULEN=134%DAT=E)
 
+Fingerprint Cisco CSS 11501 Content Services Switch
+Class Cisco | embedded || load balancer
+TSeq(Class=TR%gcd=<6%IPID=I)
+T1(DF=Y%W=FFFF%ACK=S++%Flags=AS%Ops=MNWNNT)
+T2(Resp=Y%DF=N%W=1000%ACK=S%Flags=AR%Ops=WNMETL)
+T3(Resp=Y%DF=N%W=800|C00%ACK=S++%Flags=AR%Ops=WNMETL)
+T4(DF=N%W=800|1000%ACK=S%Flags=AR%Ops=WNMETL)
+T5(DF=N%W=1000|C00%ACK=S++%Flags=AR%Ops=WNMETL)
+T6(DF=N%W=C00|800%ACK=S%Flags=AR%Ops=WNMETL)
+T7(DF=N%W=400|800|1000%ACK=S++%Flags=AR%Ops=WNMETL)
+PU(Resp=N)
+
+Fingerprint Cisco CSS 11501 Content Services Switch
+Class Cisco | embedded || load balancer
+TSeq(Class=RI%gcd=<6%SI=<159FA&>235%IPID=I%TS=U)
+T1(DF=N%W=2000%ACK=S++%Flags=AS%Ops=M)
+T2(Resp=Y%DF=N%W=1000|800|400%ACK=S%Flags=AR%Ops=WNMETL)
+T3(Resp=Y%DF=N%W=C00|800|1000%ACK=S++%Flags=AR%Ops=WNMETL)
+T4(DF=N%W=1000|800%ACK=S%Flags=AR%Ops=WNMETL)
+T5(DF=N%W=0%ACK=S++%Flags=AR%Ops=)
+T6(DF=N%W=1000|C00%ACK=S%Flags=AR%Ops=WNMETL)
+T7(DF=N%W=400|C00|800%ACK=S++%Flags=AR%Ops=WNMETL)
+PU(DF=N%TOS=0%IPLEN=38%RIPTL=148%RID=E%RIPCK=E%UCK=0%ULEN=134%DAT=E)
+
 Fingerprint Cisco Local Director 420 version 2.1.1
 Class Cisco | embedded || load balancer
 TSeq(Class=C)
@@ -3391,29 +3427,17 @@ T6(DF=N%W=400|800|C00|1000%ACK=O%Flags=AR%Ops=)
 T7(DF=N%W=400|800|C00|1000%ACK=O%Flags=AR%Ops=)
 PU(Resp=N)
 
-Fingerprint Cisco CSS 11501 Content Services Switch
-Class Cisco | embedded || load balancer
-TSeq(Class=TR%gcd=<6%IPID=I)
-T1(DF=Y%W=FFFF%ACK=S++%Flags=AS%Ops=MNWNNT)
-T2(Resp=Y%DF=N%W=1000%ACK=S%Flags=AR%Ops=WNMETL)
-T3(Resp=Y%DF=N%W=800|C00%ACK=S++%Flags=AR%Ops=WNMETL)
-T4(DF=N%W=800|1000%ACK=S%Flags=AR%Ops=WNMETL)
-T5(DF=N%W=1000|C00%ACK=S++%Flags=AR%Ops=WNMETL)
-T6(DF=N%W=C00|800%ACK=S%Flags=AR%Ops=WNMETL)
-T7(DF=N%W=400|800|1000%ACK=S++%Flags=AR%Ops=WNMETL)
-PU(Resp=N)
-
-Fingerprint Cisco CSS 11501 Content Services Switch
-Class Cisco | embedded || load balancer
-TSeq(Class=RI%gcd=<6%SI=<159FA&>235%IPID=I%TS=U)
-T1(DF=N%W=2000%ACK=S++%Flags=AS%Ops=M)
-T2(Resp=Y%DF=N%W=1000|800|400%ACK=S%Flags=AR%Ops=WNMETL)
-T3(Resp=Y%DF=N%W=C00|800|1000%ACK=S++%Flags=AR%Ops=WNMETL)
-T4(DF=N%W=1000|800%ACK=S%Flags=AR%Ops=WNMETL)
+Fingerprint Cisco Router C2600 running IOS 12.2(2)T
+Class Cisco | embedded || router
+TSeq(Class=TR%gcd=<6%IPID=Z%TS=U)
+T1(DF=N%W=1020%ACK=S++%Flags=AS%Ops=ME)
+T2(Resp=Y%DF=N%W=400|C00|800%ACK=S%Flags=AR%Ops=WNMETL)
+T3(Resp=Y%DF=N%W=C00|800|400%ACK=S++%Flags=AR%Ops=WNMETL)
+T4(DF=N%W=400|800|C00%ACK=S%Flags=AR%Ops=WNMETL)
 T5(DF=N%W=0%ACK=S++%Flags=AR%Ops=)
-T6(DF=N%W=1000|C00%ACK=S%Flags=AR%Ops=WNMETL)
-T7(DF=N%W=400|C00|800%ACK=S++%Flags=AR%Ops=WNMETL)
-PU(DF=N%TOS=0%IPLEN=38%RIPTL=148%RID=E%RIPCK=E%UCK=0%ULEN=134%DAT=E)
+T6(DF=N%W=800|1000%ACK=S%Flags=AR%Ops=WNMETL)
+T7(DF=N%W=1000|C00%ACK=S++%Flags=AR%Ops=WNMETL)
+PU(DF=N%TOS=C0%IPLEN=38%RIPTL=148%RID=E%RIPCK=E%UCK=E%ULEN=134%DAT=E)
 
 Fingerprint Cisco X.25/TCP/LAT Protocol Translator ver 8.2(4)
 Class Cisco | embedded || router
@@ -3481,6 +3505,19 @@ T6(DF=N%W=0%ACK=O%Flags=R%Ops=)
 T7(DF=N%W=0%ACK=S%Flags=AR%Ops=)
 PU(DF=N|Y%TOS=0%IPLEN=38%RIPTL=148%RID=E%RIPCK=0%UCK=0%ULEN=134%DAT=E)
 
+# Cisco 6509 Cisco Internetwork Operating System Software IOS Version 12.1(23)E
+Fingerprint Cisco Catalyst 6509 switch running IOS Version 12.1(23)E
+Class Cisco | embedded || switch
+TSeq(Class=TR%gcd=<6%IPID=Z%TS=U)
+T1(DF=N%W=1020%ACK=S++%Flags=AS%Ops=MEL|MENN)
+T2(Resp=Y%DF=N%W=0%ACK=S%Flags=AR%Ops=)
+T3(Resp=Y%DF=N%W=1020%ACK=S++%Flags=AS%Ops=MNW|MW|ML)
+T4(DF=N%W=0%ACK=O%Flags=R%Ops=)
+T5(DF=N%W=0%ACK=S++%Flags=AR%Ops=)
+T6(DF=N%W=0%ACK=O%Flags=R%Ops=)
+T7(DF=N%W=0%ACK=S%Flags=AR%Ops=)
+PU(Resp=N)
+
 Fingerprint Cisco Catalyst switch
 Class Cisco | embedded || switch
 TSeq(Class=TR%gcd=<6%IPID=I%TS=U)
@@ -3814,32 +3851,6 @@ T6(DF=N%W=0%ACK=O%Flags=R%Ops=)
 T7(DF=N%W=0%ACK=S%Flags=AR%Ops=)
 PU(DF=N%TOS=0%IPLEN=38%RIPTL=148%RID=E%RIPCK=E%UCK=E%ULEN=134%DAT=E)
 
-# Cisco 2611 router running IOS 12.0(7)T
-Fingerprint Cisco 2611 router running IOS 12.0(7)T
-Class Cisco | IOS | 12.X | router
-TSeq(Class=RI%gcd=<6%SI=<C8546&>49%IPID=Z%TS=U)
-T1(DF=N%W=1020%ACK=S++%Flags=AS%Ops=M)
-T2(Resp=Y%DF=N%W=1000|800%ACK=S%Flags=AR%Ops=WNMETL)
-T3(Resp=Y%DF=N%W=C00|1000%ACK=S%Flags=AR%Ops=WNMETL)
-T4(DF=N%W=400|C00|1000%ACK=S%Flags=AR%Ops=WNMETL)
-T5(DF=N%W=0%ACK=S++%Flags=AR%Ops=)
-T6(DF=N%W=400|1000|C00%ACK=S%Flags=AR%Ops=WNMETL)
-T7(DF=N%W=C00|1000|800%ACK=S%Flags=AR%Ops=WNMETL)
-PU(Resp=N)
-
-# IOS (tm) C800 Software (C800-Y6-MW), Version 12.0(7)T,  RELEASE SOFTWARE (fc2)
-Fingerprint Cisco 800 Series Broadband Routers running IOS 12.0(7)T
-Class Cisco | IOS | 12.X | router
-TSeq(Class=TD|RI%gcd=<8%SI=<1399EE&>3219%IPID=Z%TS=U)
-T1(DF=Y%W=1020%ACK=S++%Flags=AS%Ops=MM)
-T2(Resp=Y%DF=N%W=0%ACK=S%Flags=AR%Ops=)
-T3(Resp=Y%DF=Y%W=1020%ACK=S++%Flags=AS%Ops=MM)
-T4(DF=N%W=0%ACK=O%Flags=R%Ops=)
-T5(DF=N%W=0%ACK=S++%Flags=AR%Ops=)
-T6(DF=N%W=0%ACK=O%Flags=R%Ops=)
-T7(DF=N%W=0%ACK=S%Flags=AR%Ops=)
-PU(Resp=N)
-
 Fingerprint Cisco 827 ADSL router running IOS 112.2(11)
 Class Cisco | IOS | 12.X | broadband router
 TSeq(Class=RI%gcd=<6%SI=<1B1F2&>24E%IPID=Z%TS=U)
@@ -3901,17 +3912,30 @@ T6(DF=N%W=0%ACK=O%Flags=R%Ops=)
 T7(DF=N%W=0%ACK=S%Flags=AR%Ops=)
 PU(Resp=N)
 
-Fingerprint Cisco Router C2600 running IOS 12.2(2)T
-Class Cisco | embedded || router
+Fingerprint Cisco 2514 router running IOS 12.0(21)
+Class Cisco | IOS | 12.X | router
 TSeq(Class=TR%gcd=<6%IPID=Z%TS=U)
-T1(DF=N%W=1020%ACK=S++%Flags=AS%Ops=ME)
-T2(Resp=Y%DF=N%W=400|C00|800%ACK=S%Flags=AR%Ops=WNMETL)
-T3(Resp=Y%DF=N%W=C00|800|400%ACK=S++%Flags=AR%Ops=WNMETL)
-T4(DF=N%W=400|800|C00%ACK=S%Flags=AR%Ops=WNMETL)
+T1(DF=N%W=1020%ACK=S++%Flags=AS%Ops=M)
+T2(Resp=Y%DF=N%W=0%ACK=S%Flags=AR%Ops=)
+T3(Resp=Y%DF=N%W=1020%ACK=S++%Flags=AS%Ops=M)
+T4(DF=N%W=0%ACK=O%Flags=R%Ops=)
 T5(DF=N%W=0%ACK=S++%Flags=AR%Ops=)
-T6(DF=N%W=800|1000%ACK=S%Flags=AR%Ops=WNMETL)
-T7(DF=N%W=1000|C00%ACK=S++%Flags=AR%Ops=WNMETL)
-PU(DF=N%TOS=C0%IPLEN=38%RIPTL=148%RID=E%RIPCK=E%UCK=E%ULEN=134%DAT=E)
+T6(DF=N%W=0%ACK=O%Flags=R%Ops=)
+T7(DF=N%W=0%ACK=S%Flags=AR%Ops=)
+PU(Resp=N)
+
+# CIsco 2600 router running IOS 12.2(3)
+Fingerprint CIsco 2600 router running IOS 12.2(3)
+Class Cisco | IOS | 12.X | router
+TSeq(Class=TD|RI%gcd=<8%SI=<F302&>249%IPID=Z%TS=U)
+T1(DF=N%W=1020%ACK=S++%Flags=AS%Ops=ME)
+T2(Resp=Y%DF=N%W=0%ACK=S%Flags=AR%Ops=)
+T3(Resp=Y%DF=N%W=1020%ACK=S++%Flags=AS%Ops=M)
+T4(DF=N%W=0%ACK=O%Flags=R%Ops=)
+T5(DF=N%W=0%ACK=S++%Flags=AR%Ops=)
+T6(DF=N%W=0%ACK=O%Flags=R%Ops=)
+T7(DF=N%W=0%ACK=S%Flags=AR%Ops=)
+PU(DF=N%TOS=0%IPLEN=38%RIPTL=148%RID=E%RIPCK=E%UCK=E%ULEN=134%DAT=E)
 
 # CISCO 2610 router running IOS 12.2(21a)
 Fingerprint CISCO 2610 router running IOS 12.2(21a)
@@ -3926,6 +3950,19 @@ T6(DF=N%W=1000|C00%ACK=S%Flags=AR%Ops=WNMETL)
 T7(DF=N%W=800|1000%ACK=S++%Flags=AR%Ops=WNMETL)
 PU(DF=N%TOS=0%IPLEN=38%RIPTL=148%RID=E%RIPCK=E%UCK=F%ULEN=134%DAT=E)
 
+# Cisco 2611 router running IOS 12.0(7)T
+Fingerprint Cisco 2611 router running IOS 12.0(7)T
+Class Cisco | IOS | 12.X | router
+TSeq(Class=RI%gcd=<6%SI=<C8546&>49%IPID=Z%TS=U)
+T1(DF=N%W=1020%ACK=S++%Flags=AS%Ops=M)
+T2(Resp=Y%DF=N%W=1000|800%ACK=S%Flags=AR%Ops=WNMETL)
+T3(Resp=Y%DF=N%W=C00|1000%ACK=S%Flags=AR%Ops=WNMETL)
+T4(DF=N%W=400|C00|1000%ACK=S%Flags=AR%Ops=WNMETL)
+T5(DF=N%W=0%ACK=S++%Flags=AR%Ops=)
+T6(DF=N%W=400|1000|C00%ACK=S%Flags=AR%Ops=WNMETL)
+T7(DF=N%W=C00|1000|800%ACK=S%Flags=AR%Ops=WNMETL)
+PU(Resp=N)
+
 # Cisco 2611 router running IOS 12.2(7a)
 Fingerprint Cisco 2611 router running IOS 12.2(7a)
 Class Cisco | IOS | 12.X | router
@@ -3953,6 +3990,19 @@ T6(DF=N%W=0%ACK=O%Flags=R%Ops=)
 T7(DF=N%W=0%ACK=S%Flags=AR%Ops=)
 PU(DF=N%TOS=C0%IPLEN=38%RIPTL=148%RID=E%RIPCK=E%UCK=E%ULEN=134%DAT=E)
 
+# Cisco 2620 router running IK903S3-M ios ver 12.3(5)
+Fingerprint Cisco 2620 router running IOS 12.3(5)
+Class Cisco | IOS | 12.X | router
+TSeq(Class=TR%gcd=<6%IPID=Z%TS=U)
+T1(DF=N%W=1020%ACK=S++%Flags=AS%Ops=ME)
+T2(Resp=Y%DF=N%W=0%ACK=S%Flags=AR%Ops=)
+T3(Resp=Y%DF=N%W=1020%ACK=S++%Flags=AS%Ops=ME)
+T4(DF=N%W=0%ACK=O%Flags=R%Ops=)
+T5(DF=N%W=0%ACK=S++%Flags=AR%Ops=)
+T6(DF=N%W=0%ACK=O%Flags=R%Ops=)
+T7(DF=N%W=0%ACK=S%Flags=AR%Ops=)
+PU(DF=N%TOS=20%IPLEN=38%RIPTL=148%RID=E%RIPCK=E%UCK=E%ULEN=134%DAT=E)
+
 Fingerprint Cisco 2620 running IOS 12.2(19a)
 Class Cisco | IOS | 12.X | router
 TSeq(Class=TR%gcd=<6%IPID=Z%TS=U)
@@ -3977,18 +4027,18 @@ T6(DF=N%W=0%ACK=O%Flags=R%Ops=)
 T7(DF=N%W=0%ACK=S%Flags=AR%Ops=)
 PU(DF=N%TOS=0%IPLEN=38%RIPTL=148%RID=E%RIPCK=E%UCK=E%ULEN=134%DAT=E)
 
-# router Cisco 3640, IOS 12.2(23a)
-Fingerprint router Cisco 3640 running IOS 12.2(23a)
+# Cisco 3660, IOS 12.0(6r)T
+Fingerprint Cisco 3660 running IOS 12.0(6r)T
 Class Cisco | IOS | 12.X | router
 TSeq(Class=TR%gcd=<6%IPID=Z%TS=U)
-T1(DF=N%W=400%ACK=S++%Flags=AS%Ops=ME)
+T1(DF=N%W=1020%ACK=S++%Flags=AS%Ops=MEM)
 T2(Resp=Y%DF=N%W=0%ACK=S%Flags=AR%Ops=)
-T3(Resp=Y%DF=N%W=400%ACK=S++%Flags=AS%Ops=M)
+T3(Resp=Y%DF=N%W=1020%ACK=S++%Flags=AS%Ops=M)
 T4(DF=N%W=0%ACK=O%Flags=R%Ops=)
 T5(DF=N%W=0%ACK=S++%Flags=AR%Ops=)
 T6(DF=N%W=0%ACK=O%Flags=R%Ops=)
 T7(DF=N%W=0%ACK=S%Flags=AR%Ops=)
-PU(DF=N%TOS=C0%IPLEN=38%RIPTL=148%RID=E%RIPCK=E%UCK=E%ULEN=134%DAT=E)
+PU(Resp=N)
 
 # cisco 3725 IOS (tm) 3700 Software (C3725-IS-M), Version 12.3(6c), RELEASE SOFTWARE (fc1)
 Fingerprint Cisco 3725 router running IOS 12.3(6c)
@@ -4003,6 +4053,19 @@ T6(DF=N%W=0%ACK=O%Flags=R%Ops=)
 T7(DF=N%W=0%ACK=S%Flags=AR%Ops=)
 PU(DF=N%TOS=C0%IPLEN=38%RIPTL=148%RID=E%RIPCK=E%UCK=E%ULEN=134%DAT=E)
 
+# Cisco 3745 Router running IOS version 12.2(15)T13
+Fingerprint Cisco 3745 Router running IOS 12.2(15)T13
+Class Cisco | IOS | 12.X | router
+TSeq(Class=TR%gcd=<6%IPID=Z%TS=U)
+T1(DF=Y%W=1020%ACK=S++%Flags=AS%Ops=ME)
+T2(Resp=Y%DF=N%W=0%ACK=S%Flags=AR%Ops=)
+T3(Resp=Y%DF=Y%W=1020%ACK=S++%Flags=AS%Ops=ME)
+T4(DF=N%W=0%ACK=O%Flags=R%Ops=)
+T5(DF=N%W=0%ACK=S++%Flags=AR%Ops=)
+T6(DF=N%W=0%ACK=O%Flags=R%Ops=)
+T7(DF=N%W=0%ACK=S%Flags=AR%Ops=)
+PU(DF=N%TOS=0%IPLEN=38%RIPTL=148%RID=E%RIPCK=F%UCK=F%ULEN=134%DAT=E)
+
 # Cisco 4000 series, IOS 4500 Software (C4500-P-m), Version 12.0(10.3)S
 Fingerprint Cisco 4000 Series running IOS 12.0(10.3)
 Class Cisco | IOS | 12.X | router
@@ -4040,6 +4103,19 @@ T6(DF=N%W=0%ACK=O%Flags=R%Ops=)
 T7(DF=N%W=0%ACK=S%Flags=AR%Ops=)
 PU(DF=N%TOS=C0%IPLEN=38%RIPTL=148%RID=E%RIPCK=E%UCK=E%ULEN=134%DAT=E)
 
+# Cisco 7200 running IOS 12.4(1a)
+Fingerprint Cisco 7200 router running IOS 12.4(1a)
+Class Cisco | IOS | 12.X | router
+TSeq(Class=TR%gcd=<6%IPID=Z%TS=U)
+T1(DF=N%W=1020%ACK=S++%Flags=AS%Ops=ME)
+T2(Resp=Y%DF=N%W=0%ACK=S%Flags=AR%Ops=)
+T3(Resp=N)
+T4(DF=N%W=0%ACK=O%Flags=R%Ops=)
+T5(DF=N%W=0%ACK=S++%Flags=AR%Ops=)
+T6(DF=N%W=0%ACK=O%Flags=R%Ops=)
+T7(DF=N%W=0%ACK=S%Flags=AR%Ops=)
+PU(DF=N%TOS=B8%IPLEN=38%RIPTL=148%RID=E%RIPCK=E%UCK=E%ULEN=134%DAT=E)
+
 # Cisco 7204 IOS (tm) 7200 Software (C7200-IS-M), Version 12.1(19), RELEASE SOFTWARE (fc1)
 Fingerprint Cisco 7204 router running IOS 12.1(19)
 Class Cisco | IOS | 12.X | router
@@ -4066,31 +4142,18 @@ T6(DF=N%W=0%ACK=O%Flags=R%Ops=)
 T7(DF=N%W=0%ACK=S%Flags=AR%Ops=)
 PU(DF=N%TOS=C0%IPLEN=38%RIPTL=148%RID=E%RIPCK=E%UCK=E%ULEN=134%DAT=E)
 
-# Cisco 2620 router running IK903S3-M ios ver 12.3(5)
-Fingerprint Cisco 2620 router running IOS 12.3(5)
+# IOS (tm) C800 Software (C800-Y6-MW), Version 12.0(7)T,  RELEASE SOFTWARE (fc2)
+Fingerprint Cisco 800 Series Broadband Routers running IOS 12.0(7)T
 Class Cisco | IOS | 12.X | router
-TSeq(Class=TR%gcd=<6%IPID=Z%TS=U)
-T1(DF=N%W=1020%ACK=S++%Flags=AS%Ops=ME)
+TSeq(Class=TD|RI%gcd=<8%SI=<1399EE&>3219%IPID=Z%TS=U)
+T1(DF=Y%W=1020%ACK=S++%Flags=AS%Ops=MM)
 T2(Resp=Y%DF=N%W=0%ACK=S%Flags=AR%Ops=)
-T3(Resp=Y%DF=N%W=1020%ACK=S++%Flags=AS%Ops=ME)
+T3(Resp=Y%DF=Y%W=1020%ACK=S++%Flags=AS%Ops=MM)
 T4(DF=N%W=0%ACK=O%Flags=R%Ops=)
 T5(DF=N%W=0%ACK=S++%Flags=AR%Ops=)
 T6(DF=N%W=0%ACK=O%Flags=R%Ops=)
 T7(DF=N%W=0%ACK=S%Flags=AR%Ops=)
-PU(DF=N%TOS=20%IPLEN=38%RIPTL=148%RID=E%RIPCK=E%UCK=E%ULEN=134%DAT=E)
-
-# Cisco 837 Router IOS version 12.3T(8)
-Fingerprint Cisco 837 router running IOS 12.3(8)T
-Class Cisco | IOS | 12.X | router
-TSeq(Class=TR%gcd=<6%IPID=Z%TS=1000HZ)
-T1(DF=Y%W=16A0%ACK=S++%Flags=AS%Ops=MNNTNW)
-T2(Resp=N)
-T3(Resp=Y%DF=Y%W=16A0%ACK=S++%Flags=AS%Ops=MNNTNW)
-T4(DF=N%W=800|1000%ACK=S++%Flags=AR%Ops=)
-T5(DF=N%W=0%ACK=S++%Flags=AR%Ops=)
-T6(DF=N%W=C00|400|800%ACK=S++%Flags=AR%Ops=)
-T7(DF=N%W=800|1000%ACK=S++%Flags=AR%Ops=)
-PU(DF=N%TOS=C0%IPLEN=38%RIPTL=148%RID=E%RIPCK=E%UCK=E%ULEN=134%DAT=E)
+PU(Resp=N)
 
 # Cisco 837 router running IOS 12.3(11)T
 # Cisco 2811 router running IOS 12.3(8r)T7
@@ -4106,12 +4169,26 @@ T6(DF=N%W=0%ACK=O%Flags=R|BR%Ops=)
 T7(DF=N%W=0%ACK=S%Flags=AR%Ops=)
 PU(DF=N%TOS=C0%IPLEN=38%RIPTL=148%RID=E%RIPCK=E%UCK=E%ULEN=134%DAT=E)
 
-Fingerprint Cisco 2514 router running IOS 12.0(21)
+# Cisco 837 Router IOS version 12.3T(8)
+Fingerprint Cisco 837 router running IOS 12.3(8)T
 Class Cisco | IOS | 12.X | router
-TSeq(Class=TR%gcd=<6%IPID=Z%TS=U)
-T1(DF=N%W=1020%ACK=S++%Flags=AS%Ops=M)
+TSeq(Class=TR%gcd=<6%IPID=Z%TS=1000HZ)
+T1(DF=Y%W=16A0%ACK=S++%Flags=AS%Ops=MNNTNW)
+T2(Resp=N)
+T3(Resp=Y%DF=Y%W=16A0%ACK=S++%Flags=AS%Ops=MNNTNW)
+T4(DF=N%W=800|1000%ACK=S++%Flags=AR%Ops=)
+T5(DF=N%W=0%ACK=S++%Flags=AR%Ops=)
+T6(DF=N%W=C00|400|800%ACK=S++%Flags=AR%Ops=)
+T7(DF=N%W=800|1000%ACK=S++%Flags=AR%Ops=)
+PU(DF=N%TOS=C0%IPLEN=38%RIPTL=148%RID=E%RIPCK=E%UCK=E%ULEN=134%DAT=E)
+
+# Cisco AS5350, IOS 12.2(2)XB6
+Fingerprint Cisco AS5350 running IOS 12.2(2)XB6
+Class Cisco | IOS | 12.X | router
+TSeq(Class=TR%gcd=<6%IPID=Z%TS=1000HZ)
+T1(DF=Y%W=1020%ACK=S++%Flags=AS%Ops=MEML|MEMWL)
 T2(Resp=Y%DF=N%W=0%ACK=S%Flags=AR%Ops=)
-T3(Resp=Y%DF=N%W=1020%ACK=S++%Flags=AS%Ops=M)
+T3(Resp=Y%DF=Y%W=1020%ACK=S++%Flags=AS%Ops=MML|MMWL)
 T4(DF=N%W=0%ACK=O%Flags=R%Ops=)
 T5(DF=N%W=0%ACK=S++%Flags=AR%Ops=)
 T6(DF=N%W=0%ACK=O%Flags=R%Ops=)
@@ -4144,19 +4221,6 @@ T6(DF=N%W=0%ACK=O%Flags=R%Ops=)
 T7(DF=N%W=0%ACK=S%Flags=AR%Ops=)
 PU(DF=N%TOS=C0%IPLEN=38%RIPTL=148%RID=E%RIPCK=E%UCK=E%ULEN=134%DAT=E)
 
-# Cisco 3660, IOS 12.0(6r)T
-Fingerprint Cisco 3660 running IOS 12.0(6r)T
-Class Cisco | IOS | 12.X | router
-TSeq(Class=TR%gcd=<6%IPID=Z%TS=U)
-T1(DF=N%W=1020%ACK=S++%Flags=AS%Ops=MEM)
-T2(Resp=Y%DF=N%W=0%ACK=S%Flags=AR%Ops=)
-T3(Resp=Y%DF=N%W=1020%ACK=S++%Flags=AS%Ops=M)
-T4(DF=N%W=0%ACK=O%Flags=R%Ops=)
-T5(DF=N%W=0%ACK=S++%Flags=AR%Ops=)
-T6(DF=N%W=0%ACK=O%Flags=R%Ops=)
-T7(DF=N%W=0%ACK=S%Flags=AR%Ops=)
-PU(Resp=N)
-
 # Cisco 1700 running IOS 12.0(7)T
 Fingerprint Cisco IOS 12.0(7)T (on a 1700 router)
 Class Cisco | IOS | 12.X | router
@@ -4266,32 +4330,6 @@ T6(DF=N%W=0%ACK=O%Flags=R%Ops=)
 T7(DF=N%W=0%ACK=S%Flags=AR%Ops=)
 PU(DF=N%TOS=20|C0%IPLEN=38%RIPTL=148%RID=E%RIPCK=E%UCK=E%ULEN=134%DAT=E)
 
-# Cisco AS5350, IOS 12.2(2)XB6
-Fingerprint Cisco AS5350 running IOS 12.2(2)XB6
-Class Cisco | IOS | 12.X | router
-TSeq(Class=TR%gcd=<6%IPID=Z%TS=1000HZ)
-T1(DF=Y%W=1020%ACK=S++%Flags=AS%Ops=MEML|MEMWL)
-T2(Resp=Y%DF=N%W=0%ACK=S%Flags=AR%Ops=)
-T3(Resp=Y%DF=Y%W=1020%ACK=S++%Flags=AS%Ops=MML|MMWL)
-T4(DF=N%W=0%ACK=O%Flags=R%Ops=)
-T5(DF=N%W=0%ACK=S++%Flags=AR%Ops=)
-T6(DF=N%W=0%ACK=O%Flags=R%Ops=)
-T7(DF=N%W=0%ACK=S%Flags=AR%Ops=)
-PU(Resp=N)
-
-# CIsco 2600 router running IOS 12.2(3)
-Fingerprint CIsco 2600 router running IOS 12.2(3)
-Class Cisco | IOS | 12.X | router
-TSeq(Class=TD|RI%gcd=<8%SI=<F302&>249%IPID=Z%TS=U)
-T1(DF=N%W=1020%ACK=S++%Flags=AS%Ops=ME)
-T2(Resp=Y%DF=N%W=0%ACK=S%Flags=AR%Ops=)
-T3(Resp=Y%DF=N%W=1020%ACK=S++%Flags=AS%Ops=M)
-T4(DF=N%W=0%ACK=O%Flags=R%Ops=)
-T5(DF=N%W=0%ACK=S++%Flags=AR%Ops=)
-T6(DF=N%W=0%ACK=O%Flags=R%Ops=)
-T7(DF=N%W=0%ACK=S%Flags=AR%Ops=)
-PU(DF=N%TOS=0%IPLEN=38%RIPTL=148%RID=E%RIPCK=E%UCK=E%ULEN=134%DAT=E)
-
 # Cisco 2621 running IOS 12.2.8T
 # Cisco SOHO 77 running IOS 12.2(8)T
 Fingerprint Cisco router running IOS 12.2(8)T
@@ -4306,18 +4344,18 @@ T6(DF=N%W=0%ACK=O%Flags=R%Ops=)
 T7(DF=N%W=0%ACK=S%Flags=AR%Ops=)
 PU(Resp=N)
 
-# Cisco 3745 Router running IOS version 12.2(15)T13
-Fingerprint Cisco 3745 Router running IOS 12.2(15)T13
+# Cisco IOS Software, C1700 Software (C1700-ADVSECURITYK9-M), Version 12.3(11)T3, RELEASE SOFTWARE (fc4)
+Fingerprint Cisco router running IOS 12.3(11)
 Class Cisco | IOS | 12.X | router
 TSeq(Class=TR%gcd=<6%IPID=Z%TS=U)
-T1(DF=Y%W=1020%ACK=S++%Flags=AS%Ops=ME)
-T2(Resp=Y%DF=N%W=0%ACK=S%Flags=AR%Ops=)
-T3(Resp=Y%DF=Y%W=1020%ACK=S++%Flags=AS%Ops=ME)
+T1(DF=N%W=1020%ACK=S++%Flags=AS%Ops=ME)
+T2(Resp=Y%DF=N%W=0%ACK=S%Flags=AR|BAR%Ops=)
+T3(Resp=N)
 T4(DF=N%W=0%ACK=O%Flags=R%Ops=)
 T5(DF=N%W=0%ACK=S++%Flags=AR%Ops=)
 T6(DF=N%W=0%ACK=O%Flags=R%Ops=)
 T7(DF=N%W=0%ACK=S%Flags=AR%Ops=)
-PU(DF=N%TOS=0%IPLEN=38%RIPTL=148%RID=E%RIPCK=F%UCK=F%ULEN=134%DAT=E)
+PU(DF=N%TOS=C0%IPLEN=38%RIPTL=148%RID=E%RIPCK=E%UCK=F%ULEN=134%DAT=E)
 
 # Cisco Router (1760) - IOS (tm) C1700 Software, Version 12.3(6)
 # IOS (tm) 3700 Software (C3745-IS-M), Version 12.3(6), RELEASE SOFTWARE (fc3) 
@@ -4340,19 +4378,6 @@ T6(DF=N%W=0%ACK=O%Flags=R%Ops=)
 T7(DF=N%W=0%ACK=S%Flags=AR%Ops=)
 PU(DF=N%TOS=0|C0%IPLEN=38%RIPTL=148%RID=E%RIPCK=E%UCK=E%ULEN=134%DAT=E)
 
-# Cisco IOS Software, C1700 Software (C1700-ADVSECURITYK9-M), Version 12.3(11)T3, RELEASE SOFTWARE (fc4)
-Fingerprint Cisco router running IOS 12.3(11)
-Class Cisco | IOS | 12.X | router
-TSeq(Class=TR%gcd=<6%IPID=Z%TS=U)
-T1(DF=N%W=1020%ACK=S++%Flags=AS%Ops=ME)
-T2(Resp=Y%DF=N%W=0%ACK=S%Flags=AR|BAR%Ops=)
-T3(Resp=N)
-T4(DF=N%W=0%ACK=O%Flags=R%Ops=)
-T5(DF=N%W=0%ACK=S++%Flags=AR%Ops=)
-T6(DF=N%W=0%ACK=O%Flags=R%Ops=)
-T7(DF=N%W=0%ACK=S%Flags=AR%Ops=)
-PU(DF=N%TOS=C0%IPLEN=38%RIPTL=148%RID=E%RIPCK=E%UCK=F%ULEN=134%DAT=E)
-
 # IOS (tm) SOHO91 Software (SOHO91-K9OY6-M), Version 12.3(2)XC, EARLY DEPLOYMENT RELEASE SOFTWARE (fc1) (Cisco SOHO 91 Secure router)
 Fingerprint Cisco SOHO 91 secure router running IOS 12.3
 Class Cisco | IOS | 12.X | router
@@ -4366,6 +4391,33 @@ T6(DF=N%W=0%ACK=O%Flags=R%Ops=)
 T7(DF=N%W=0%ACK=S%Flags=AR%Ops=)
 PU(DF=N%TOS=C0%IPLEN=38%RIPTL=148%RID=E%RIPCK=E%UCK=E%ULEN=134%DAT=E)
 
+# Cisco Lightstream 1010 ATM Switch running IOS (tm) LS1010 WA4-5 Software (LS1010-WP-M), Version 12.1(23)E, RELEASE SOFTWARE (fc2)
+# Cisco 6500 switch running IOS 12.1(23)E
+Fingerprint Cisco switch running IOS 12.1(23)E
+Class Cisco | IOS | 12.X | router
+TSeq(Class=TR%gcd=<6%IPID=Z%TS=U)
+T1(DF=N%W=1020%ACK=S++%Flags=AS%Ops=MEL)
+T2(Resp=Y%DF=N%W=0%ACK=S%Flags=AR%Ops=)
+T3(Resp=Y%DF=N%W=1020%ACK=S++%Flags=AS%Ops=ML)
+T4(DF=N%W=0%ACK=O%Flags=R%Ops=)
+T5(DF=N%W=0%ACK=S++%Flags=AR%Ops=)
+T6(DF=N%W=0%ACK=O%Flags=R%Ops=)
+T7(DF=N%W=0%ACK=S%Flags=AR%Ops=)
+PU(DF=N%TOS=C0%IPLEN=38%RIPTL=148%RID=E%RIPCK=E%UCK=E%ULEN=134%DAT=E)
+
+# router Cisco 3640, IOS 12.2(23a)
+Fingerprint router Cisco 3640 running IOS 12.2(23a)
+Class Cisco | IOS | 12.X | router
+TSeq(Class=TR%gcd=<6%IPID=Z%TS=U)
+T1(DF=N%W=400%ACK=S++%Flags=AS%Ops=ME)
+T2(Resp=Y%DF=N%W=0%ACK=S%Flags=AR%Ops=)
+T3(Resp=Y%DF=N%W=400%ACK=S++%Flags=AS%Ops=M)
+T4(DF=N%W=0%ACK=O%Flags=R%Ops=)
+T5(DF=N%W=0%ACK=S++%Flags=AR%Ops=)
+T6(DF=N%W=0%ACK=O%Flags=R%Ops=)
+T7(DF=N%W=0%ACK=S%Flags=AR%Ops=)
+PU(DF=N%TOS=C0%IPLEN=38%RIPTL=148%RID=E%RIPCK=E%UCK=E%ULEN=134%DAT=E)
+
 Fingerprint Cisco catalyst 2924 running IOS 12.0(5)WC5
 Class Cisco | IOS | 12.X | switch
 TSeq(Class=TR%gcd=<6%IPID=Z%TS=U)
@@ -4378,33 +4430,6 @@ T6(DF=N%W=800|1000%ACK=S%Flags=AR%Ops=WNMETL)
 T7(DF=N%W=400|C00|1000%ACK=S++%Flags=AR%Ops=WNMETL)
 PU(Resp=N)
 
-# Cisco Lightstream 1010 ATM Switch running IOS (tm) LS1010 WA4-5 Software (LS1010-WP-M), Version 12.1(23)E, RELEASE SOFTWARE (fc2)
-# Cisco 6500 switch running IOS 12.1(23)E
-Fingerprint Cisco switch running IOS 12.1(23)E
-Class Cisco | IOS | 12.X | router
-TSeq(Class=TR%gcd=<6%IPID=Z%TS=U)
-T1(DF=N%W=1020%ACK=S++%Flags=AS%Ops=MEL)
-T2(Resp=Y%DF=N%W=0%ACK=S%Flags=AR%Ops=)
-T3(Resp=Y%DF=N%W=1020%ACK=S++%Flags=AS%Ops=ML)
-T4(DF=N%W=0%ACK=O%Flags=R%Ops=)
-T5(DF=N%W=0%ACK=S++%Flags=AR%Ops=)
-T6(DF=N%W=0%ACK=O%Flags=R%Ops=)
-T7(DF=N%W=0%ACK=S%Flags=AR%Ops=)
-PU(DF=N%TOS=C0%IPLEN=38%RIPTL=148%RID=E%RIPCK=E%UCK=E%ULEN=134%DAT=E)
-
-# Cisco 7200 running IOS 12.4(1a)
-Fingerprint Cisco 7200 router running IOS 12.4(1a)
-Class Cisco | IOS | 12.X | router
-TSeq(Class=TR%gcd=<6%IPID=Z%TS=U)
-T1(DF=N%W=1020%ACK=S++%Flags=AS%Ops=ME)
-T2(Resp=Y%DF=N%W=0%ACK=S%Flags=AR%Ops=)
-T3(Resp=N)
-T4(DF=N%W=0%ACK=O%Flags=R%Ops=)
-T5(DF=N%W=0%ACK=S++%Flags=AR%Ops=)
-T6(DF=N%W=0%ACK=O%Flags=R%Ops=)
-T7(DF=N%W=0%ACK=S%Flags=AR%Ops=)
-PU(DF=N%TOS=B8%IPLEN=38%RIPTL=148%RID=E%RIPCK=E%UCK=E%ULEN=134%DAT=E)
-
 # Cisco Catalyst 2924XL-EN running IOS 12.0(5)WC8
 Fingerprint Cisco Catalyst 2924XL switch running IOS 12.0(5)
 Class Cisco | IOS | 12.X | switch
@@ -4430,18 +4455,6 @@ T6(DF=N%W=0%ACK=O%Flags=R%Ops=)
 T7(DF=N%W=0%ACK=S%Flags=AR%Ops=)
 PU(Resp=N)
 
-Fingerprint Cisco IOS 12.0(5)WC5a on a catalyst 2900XL switch
-Class Cisco | IOS | 12.X | switch
-TSeq(Class=TR%gcd=<6%IPID=Z%TS=1000HZ)
-T1(DF=N%W=1020%ACK=S++%Flags=AS%Ops=MML)
-T2(Resp=Y%DF=N%W=0%ACK=S%Flags=AR%Ops=)
-T3(Resp=Y%DF=N%W=1020%ACK=S++%Flags=AS%Ops=MML)
-T4(DF=N%W=0%ACK=O%Flags=R%Ops=)
-T5(DF=N%W=0%ACK=S++%Flags=AR%Ops=)
-T6(DF=N%W=0%ACK=O%Flags=R%Ops=)
-T7(DF=N%W=0%ACK=S%Flags=AR%Ops=)
-PU(DF=N%TOS=C0%IPLEN=38%RIPTL=148%RID=E%RIPCK=E%UCK=E%ULEN=134%DAT=E)
-
 # Cisco Catalyst 2950 switch,  IOS 12.1(9)EA1
 Fingerprint Cisco Catalyst 2950 switch running IOS 12.1(9)EA1 or IOS 12.1(22)EA2
 Class Cisco | IOS | 12.X | switch
@@ -4455,18 +4468,17 @@ T6(DF=N%W=0%ACK=O%Flags=R%Ops=)
 T7(DF=N%W=0%ACK=S%Flags=AR%Ops=)
 PU(DF=N%TOS=C0%IPLEN=38%RIPTL=148%RID=E%RIPCK=E%UCK=E%ULEN=134%DAT=E)
 
-# Cisco 6509 Cisco Internetwork Operating System Software IOS Version 12.1(23)E
-Fingerprint Cisco Catalyst 6509 switch running IOS Version 12.1(23)E
-Class Cisco | embedded || switch
-TSeq(Class=TR%gcd=<6%IPID=Z%TS=U)
-T1(DF=N%W=1020%ACK=S++%Flags=AS%Ops=MEL|MENN)
+Fingerprint Cisco IOS 12.0(5)WC5a on a catalyst 2900XL switch
+Class Cisco | IOS | 12.X | switch
+TSeq(Class=TR%gcd=<6%IPID=Z%TS=1000HZ)
+T1(DF=N%W=1020%ACK=S++%Flags=AS%Ops=MML)
 T2(Resp=Y%DF=N%W=0%ACK=S%Flags=AR%Ops=)
-T3(Resp=Y%DF=N%W=1020%ACK=S++%Flags=AS%Ops=MNW|MW|ML)
+T3(Resp=Y%DF=N%W=1020%ACK=S++%Flags=AS%Ops=MML)
 T4(DF=N%W=0%ACK=O%Flags=R%Ops=)
 T5(DF=N%W=0%ACK=S++%Flags=AR%Ops=)
 T6(DF=N%W=0%ACK=O%Flags=R%Ops=)
 T7(DF=N%W=0%ACK=S%Flags=AR%Ops=)
-PU(Resp=N)
+PU(DF=N%TOS=C0%IPLEN=38%RIPTL=148%RID=E%RIPCK=E%UCK=E%ULEN=134%DAT=E)
 
 Fingerprint Cisco 1200 access point (WAP) running IOS 12.2(8)
 Class Cisco | IOS | 12.X | WAP
@@ -4961,19 +4973,6 @@ T6(DF=N%W=0%ACK=O%Flags=R%Ops=)
 T7(DF=N%W=0%ACK=S%Flags=AR%Ops=)
 PU(DF=N%TOS=0%IPLEN=38%RIPTL=148%RID=E%RIPCK=E%UCK=E%ULEN=134%DAT=E)
 
-# HP Tru64 UNIX v5.1B: OSF1 V5.1 2650 alpha
-Fingerprint HP Tru64 UNIX v5.1B
-Class Compaq | Tru64 UNIX | 5.X | general purpose
-TSeq(Class=TR%gcd=<6%IPID=I%TS=U)
-T1(DF=N%W=F000%ACK=S++%Flags=AS%Ops=MNW)
-T2(Resp=N)
-T3(Resp=Y%DF=N%W=F000%ACK=S++%Flags=AS%Ops=MNW)
-T4(DF=Y%W=0%ACK=O%Flags=R%Ops=)
-T5(DF=Y%W=0%ACK=S++%Flags=AR%Ops=)
-T6(DF=Y%W=0%ACK=O%Flags=R%Ops=)
-T7(DF=Y%W=0%ACK=S%Flags=AR%Ops=)
-PU(DF=N%TOS=0%IPLEN=164%RIPTL=148%RID=E%RIPCK=E%UCK=E%ULEN=134%DAT=E)
-
 # Compaq Tru64 UNIX V5.1B (Rev. 2650)
 Fingerprint Compaq Tru64 UNIX V5.1B
 Class Compaq | Tru64 UNIX | 5.X | general purpose
@@ -4987,6 +4986,19 @@ T6(DF=N%W=0%ACK=O%Flags=R%Ops=)
 T7(DF=N%W=0%ACK=S%Flags=AR%Ops=)
 PU(DF=N%TOS=0%IPLEN=164%RIPTL=148%RID=E%RIPCK=E%UCK=E%ULEN=134%DAT=E)
 
+# HP Tru64 UNIX v5.1B: OSF1 V5.1 2650 alpha
+Fingerprint HP Tru64 UNIX v5.1B
+Class Compaq | Tru64 UNIX | 5.X | general purpose
+TSeq(Class=TR%gcd=<6%IPID=I%TS=U)
+T1(DF=N%W=F000%ACK=S++%Flags=AS%Ops=MNW)
+T2(Resp=N)
+T3(Resp=Y%DF=N%W=F000%ACK=S++%Flags=AS%Ops=MNW)
+T4(DF=Y%W=0%ACK=O%Flags=R%Ops=)
+T5(DF=Y%W=0%ACK=S++%Flags=AR%Ops=)
+T6(DF=Y%W=0%ACK=O%Flags=R%Ops=)
+T7(DF=Y%W=0%ACK=S%Flags=AR%Ops=)
+PU(DF=N%TOS=0%IPLEN=164%RIPTL=148%RID=E%RIPCK=E%UCK=E%ULEN=134%DAT=E)
+
 Fingerprint OSF1 5.0 Rev. 910 (AKA Compaq/DIGITAL Tru64 UNIX)
 Class Compaq | Tru64 UNIX | 5.X | general purpose
 TSeq(Class=RI%gcd=<6%SI=<E88&>11)
@@ -5383,18 +5395,6 @@ T6(DF=N%W=0%ACK=S%Flags=AR%Ops=)
 T7(DF=N%W=0%ACK=S++%Flags=AR%Ops=)
 PU(DF=N%TOS=0%IPLEN=38%RIPTL=148%RID=E%RIPCK=E%UCK=E%ULEN=134%DAT=E)
 
-Fingerprint D-Link DI-604 Ethernet router
-Class D-Link | embedded || broadband router
-TSeq(Class=TD%gcd=<2C0%SI=<14%IPID=BI%TS=U)
-T1(DF=N%W=C00%ACK=S++%Flags=AR%Ops=)
-T2(Resp=Y%DF=N%W=C00%ACK=S%Flags=AR%Ops=)
-T3(Resp=Y%DF=N%W=C00%ACK=S++%Flags=AR%Ops=)
-T4(DF=N%W=C00%ACK=S%Flags=AR%Ops=)
-T5(DF=N%W=C00%ACK=S++%Flags=AR%Ops=)
-T6(DF=N%W=C00%ACK=S%Flags=AR%Ops=)
-T7(DF=N%W=C00%ACK=S++%Flags=AR%Ops=)
-PU(DF=N%TOS=0%IPLEN=38%RIPTL=148%RID=E%RIPCK=E%UCK=E%ULEN=134%DAT=E)
-
 # D-Link DI-604 Ethernet Broadband Router with firmware V3.01
 # D-link 4 port Ethernet Broadband Router DI-604 H/W Ver.:D1 F/W Ver.:3.01
 Fingerprint D-Link DI-604 Ethernet Broadband Router
@@ -5409,6 +5409,18 @@ T6(DF=N%W=0%ACK=S%Flags=AR%Ops=)
 T7(DF=N%W=0%ACK=S++%Flags=AR%Ops=)
 PU(DF=N%TOS=0%IPLEN=38%RIPTL=148%RID=E%RIPCK=E%UCK=E%ULEN=134%DAT=E)
 
+Fingerprint D-Link DI-604 Ethernet router
+Class D-Link | embedded || broadband router
+TSeq(Class=TD%gcd=<2C0%SI=<14%IPID=BI%TS=U)
+T1(DF=N%W=C00%ACK=S++%Flags=AR%Ops=)
+T2(Resp=Y%DF=N%W=C00%ACK=S%Flags=AR%Ops=)
+T3(Resp=Y%DF=N%W=C00%ACK=S++%Flags=AR%Ops=)
+T4(DF=N%W=C00%ACK=S%Flags=AR%Ops=)
+T5(DF=N%W=C00%ACK=S++%Flags=AR%Ops=)
+T6(DF=N%W=C00%ACK=S%Flags=AR%Ops=)
+T7(DF=N%W=C00%ACK=S++%Flags=AR%Ops=)
+PU(DF=N%TOS=0%IPLEN=38%RIPTL=148%RID=E%RIPCK=E%UCK=E%ULEN=134%DAT=E)
+
 Fingerprint D-Link DI-701, Version 2.22
 Class D-Link | embedded || broadband router
 TSeq(Class=RI%gcd=<6%SI=<12E1C&>2F1)
@@ -5433,6 +5445,19 @@ T6(DF=N%W=C00%ACK=S%Flags=AR%Ops=)
 T7(DF=N%W=C00%ACK=S++%Flags=AR%Ops=)
 PU(DF=N%TOS=0%IPLEN=38%RIPTL=148%RID=E%RIPCK=E%UCK=E%ULEN=134%DAT=E)
 
+# D-Link DI-704P Cable/DSL Residential Gateway firmware version 2.57 build 3
+Fingerprint D-Link DI-704P Cable/DSL Residential Gateway
+Class D-Link | embedded || broadband router
+TSeq(Class=RI%gcd=<68%SI=<1338&>13%IPID=I%TS=U)
+T1(DF=N%W=1000|800|C00%ACK=S++%Flags=AR%Ops=)
+T2(Resp=Y%DF=N%W=800|1000%ACK=S%Flags=AR%Ops=)
+T3(Resp=Y%DF=N%W=400|800%ACK=S++%Flags=AR%Ops=)
+T4(DF=N%W=800|1000|400%ACK=S%Flags=AR%Ops=)
+T5(DF=N%W=1000|800%ACK=S++%Flags=AR%Ops=)
+T6(DF=N%W=C00%ACK=S%Flags=AR%Ops=)
+T7(DF=N%W=400|C00%ACK=S++%Flags=AR%Ops=)
+PU(DF=N%TOS=0%IPLEN=38%RIPTL=148%RID=E%RIPCK=E%UCK=E%ULEN=134%DAT=E)
+
 # D-Link DI-804 Cable/DSL Residential Gateway (with firmware v2.00B7)
 # DI-804 Broadband Router with Firmware 2.01
 Fingerprint D-Link DI-804 Cable/DSL Residential Gateway
@@ -5447,33 +5472,6 @@ T6(DF=N%W=0%ACK=O%Flags=AR%Ops=)
 T7(DF=N%W=0%ACK=S++%Flags=AR%Ops=)
 PU(DF=N%TOS=C0%IPLEN=38%RIPTL=148%RID=E%RIPCK=E%UCK=E%ULEN=134%DAT=E)
 
-# D-Link Systems DI-713P Wireless Gateway with firmware 2.60 build 6a
-Fingerprint D-Link Systems DI-713P Wireless Gateway
-Class D-Link | embedded || broadband router
-TSeq(Class=RI%gcd=<CC%SI=<9EC&>2%IPID=BI%TS=U)
-T1(DF=N%W=1000%ACK=S++%Flags=AR%Ops=)
-T2(Resp=Y%DF=N%W=400|1000|C00%ACK=S%Flags=AR%Ops=)
-T3(Resp=Y%DF=N%W=1000|C00%ACK=S++%Flags=AR%Ops=)
-T4(DF=N%W=400|1000%ACK=S%Flags=AR%Ops=)
-T5(DF=N%W=400|800%ACK=S++%Flags=AR%Ops=)
-T6(DF=N%W=C00|400|1000%ACK=S%Flags=AR%Ops=)
-T7(DF=N%W=400|C00|800%ACK=S++%Flags=AR%Ops=)
-PU(DF=N%TOS=0%IPLEN=38%RIPTL=148%RID=E%RIPCK=E%UCK=E%ULEN=134%DAT=E)
-
-# D-Link DI-714P+, Firmware V1.33
-# D-Link 4-port Broadband VPN Router DI-804HV
-Fingerprint D-Link VPN Router DI-714P+/DI-804HV
-Class D-Link | embedded || broadband router
-TSeq(Class=TD%gcd=<3EC%SI=<6E%IPID=I%TS=U)
-T1(DF=N%W=16D0%ACK=S++%Flags=AS%Ops=M)
-T2(Resp=Y%DF=N%W=0%ACK=S%Flags=AR%Ops=)
-T3(Resp=Y%DF=N%W=0%ACK=S++%Flags=AR%Ops=)
-T4(DF=N%W=0%ACK=S%Flags=AR%Ops=)
-T5(DF=N%W=0%ACK=S++%Flags=AR%Ops=)
-T6(DF=N%W=0%ACK=S%Flags=AR%Ops=)
-T7(DF=N%W=0%ACK=S++%Flags=AR%Ops=)
-PU(DF=N%TOS=0%IPLEN=38%RIPTL=148%RID=E%RIPCK=E%UCK=E%ULEN=134%DAT=E)
-
 # D-Link DI-804HV 4-Port Broadband VPN Router
 # US-Robotics Wireless Router : Revision Number : Model#8022, Version V4.2, CheckSum# B719
 Fingerprint D-Link DI-804HV VPN Router or US-Robotics 8022 WAP or DI-714P+ Wireless router
@@ -5489,19 +5487,6 @@ T6(DF=N%W=400|800|C00|1000%ACK=S%Flags=AR%Ops=)
 T7(DF=N%W=400|800|C00|1000%ACK=S++%Flags=AR%Ops=)
 PU(DF=N%TOS=0%IPLEN=38%RIPTL=148%RID=E%RIPCK=E%UCK=E%ULEN=134%DAT=E)
 
-# D-Link DI-704P Cable/DSL Residential Gateway firmware version 2.57 build 3
-Fingerprint D-Link DI-704P Cable/DSL Residential Gateway
-Class D-Link | embedded || broadband router
-TSeq(Class=RI%gcd=<68%SI=<1338&>13%IPID=I%TS=U)
-T1(DF=N%W=1000|800|C00%ACK=S++%Flags=AR%Ops=)
-T2(Resp=Y%DF=N%W=800|1000%ACK=S%Flags=AR%Ops=)
-T3(Resp=Y%DF=N%W=400|800%ACK=S++%Flags=AR%Ops=)
-T4(DF=N%W=800|1000|400%ACK=S%Flags=AR%Ops=)
-T5(DF=N%W=1000|800%ACK=S++%Flags=AR%Ops=)
-T6(DF=N%W=C00%ACK=S%Flags=AR%Ops=)
-T7(DF=N%W=400|C00%ACK=S++%Flags=AR%Ops=)
-PU(DF=N%TOS=0%IPLEN=38%RIPTL=148%RID=E%RIPCK=E%UCK=E%ULEN=134%DAT=E)
-
 # D-Link DSL-300G+ version 7.1.0.30 AnnexA  (Oct 18 2002) R2.05.b4t9uk
 Fingerprint D-Link DSL-300G+ DSL modem
 Class D-Link | embedded || broadband router
@@ -5539,6 +5524,33 @@ T6(DF=Y%W=0%ACK=S%Flags=R%Ops=)
 T7(DF=Y%W=0%ACK=S++%Flags=AR%Ops=)
 PU(DF=N%TOS=0%IPLEN=38%RIPTL=148%RID=E%RIPCK=E%UCK=0%ULEN=134%DAT=E)
 
+# D-Link Systems DI-713P Wireless Gateway with firmware 2.60 build 6a
+Fingerprint D-Link Systems DI-713P Wireless Gateway
+Class D-Link | embedded || broadband router
+TSeq(Class=RI%gcd=<CC%SI=<9EC&>2%IPID=BI%TS=U)
+T1(DF=N%W=1000%ACK=S++%Flags=AR%Ops=)
+T2(Resp=Y%DF=N%W=400|1000|C00%ACK=S%Flags=AR%Ops=)
+T3(Resp=Y%DF=N%W=1000|C00%ACK=S++%Flags=AR%Ops=)
+T4(DF=N%W=400|1000%ACK=S%Flags=AR%Ops=)
+T5(DF=N%W=400|800%ACK=S++%Flags=AR%Ops=)
+T6(DF=N%W=C00|400|1000%ACK=S%Flags=AR%Ops=)
+T7(DF=N%W=400|C00|800%ACK=S++%Flags=AR%Ops=)
+PU(DF=N%TOS=0%IPLEN=38%RIPTL=148%RID=E%RIPCK=E%UCK=E%ULEN=134%DAT=E)
+
+# D-Link DI-714P+, Firmware V1.33
+# D-Link 4-port Broadband VPN Router DI-804HV
+Fingerprint D-Link VPN Router DI-714P+/DI-804HV
+Class D-Link | embedded || broadband router
+TSeq(Class=TD%gcd=<3EC%SI=<6E%IPID=I%TS=U)
+T1(DF=N%W=16D0%ACK=S++%Flags=AS%Ops=M)
+T2(Resp=Y%DF=N%W=0%ACK=S%Flags=AR%Ops=)
+T3(Resp=Y%DF=N%W=0%ACK=S++%Flags=AR%Ops=)
+T4(DF=N%W=0%ACK=S%Flags=AR%Ops=)
+T5(DF=N%W=0%ACK=S++%Flags=AR%Ops=)
+T6(DF=N%W=0%ACK=S%Flags=AR%Ops=)
+T7(DF=N%W=0%ACK=S++%Flags=AR%Ops=)
+PU(DF=N%TOS=0%IPLEN=38%RIPTL=148%RID=E%RIPCK=E%UCK=E%ULEN=134%DAT=E)
+
 # DI-701 Residential Gateway ( http://www.dlink.com/products/broadband/di701/ ) or KA9Q NOS - KO4KS-TNOS v. 2.30
 Fingerprint DI-701 Residential Gateway or KA9Q NOS - KO4KS-TNOS v. 2.30
 Class D-Link | embedded || broadband router
@@ -6030,18 +6042,6 @@ T6(DF=N%W=0%ACK=O%Flags=R%Ops=)
 T7(DF=N%W=0%ACK=S%Flags=AR%Ops=)
 PU(DF=N%TOS=0%IPLEN=38%RIPTL=148%RID=F%RIPCK=0%UCK=0%ULEN=134%DAT=E)
 
-Fingerprint DEC OpenVMS 7.1 Alpha running DIGITAL's UCX v4.1ECO2 TCP/IP package
-Class DEC | OpenVMS | 7.X | general purpose
-TSeq(Class=64K)
-T1(DF=N%W=BB8%ACK=S++%Flags=AS%Ops=MWN)
-T2(Resp=N)
-T3(Resp=Y%DF=N%W=BB8%ACK=O%Flags=A%Ops=)
-T4(DF=N%W=BB8%ACK=O%Flags=R%Ops=)
-T5(DF=N%W=0%ACK=S++%Flags=AR%Ops=)
-T6(DF=N%W=0%ACK=O%Flags=R%Ops=)
-T7(DF=N%W=0%ACK=S%Flags=AR%Ops=)
-PU(DF=N%TOS=0%IPLEN=38%RIPTL=148%RID=F%RIPCK=0%UCK=E%ULEN=134%DAT=E)
-
 Fingerprint DEC OpenVMS 7.1 ALPHA
 Class DEC | OpenVMS | 7.X | general purpose
 TSeq(Class=RI%gcd=<6%SI=<8A840&>1009%IPID=I%TS=U)
@@ -6054,6 +6054,18 @@ T6(DF=N%W=0%ACK=O%Flags=R%Ops=)
 T7(DF=N%W=0%ACK=S%Flags=AR%Ops=)
 PU(DF=N%TOS=0%IPLEN=38%RIPTL=148%RID=E%RIPCK=E%UCK=0%ULEN=134%DAT=E)
 
+Fingerprint DEC OpenVMS 7.1 Alpha running DIGITAL's UCX v4.1ECO2 TCP/IP package
+Class DEC | OpenVMS | 7.X | general purpose
+TSeq(Class=64K)
+T1(DF=N%W=BB8%ACK=S++%Flags=AS%Ops=MWN)
+T2(Resp=N)
+T3(Resp=Y%DF=N%W=BB8%ACK=O%Flags=A%Ops=)
+T4(DF=N%W=BB8%ACK=O%Flags=R%Ops=)
+T5(DF=N%W=0%ACK=S++%Flags=AR%Ops=)
+T6(DF=N%W=0%ACK=O%Flags=R%Ops=)
+T7(DF=N%W=0%ACK=S%Flags=AR%Ops=)
+PU(DF=N%TOS=0%IPLEN=38%RIPTL=148%RID=F%RIPCK=0%UCK=E%ULEN=134%DAT=E)
+
 Fingerprint DEC OpenVMS 7.1 using Process Software's TCPWare 5.3 TCP/IP package
 Class DEC | OpenVMS | 7.X | general purpose
 TSeq(Class=RI|TD%gcd=<6%SI=<BBBB)
@@ -6066,19 +6078,6 @@ T6(DF=N%W=6000%ACK=O%Flags=R%Ops=)
 T7(DF=N%W=6000%ACK=S++%Flags=AR%Ops=)
 PU(DF=N%TOS=0%IPLEN=164%RIPTL=148%RID=E%RIPCK=E%UCK=E%ULEN=134%DAT=E)
 
-# Digital OpenVMS Alpha 7.2
-Fingerprint Digital OpenVMS 7.2 Alpha
-Class DEC | OpenVMS | 7.X | general purpose
-TSeq(Class=64K%IPID=I%TS=U)
-T1(DF=N%W=C6C%ACK=S++%Flags=AS%Ops=MNW)
-T2(Resp=N)
-T3(Resp=Y%DF=N%W=C6C%ACK=O%Flags=A%Ops=)
-T4(DF=N%W=BB8%ACK=O%Flags=R%Ops=)
-T5(DF=N%W=0%ACK=S++%Flags=AR%Ops=)
-T6(DF=N%W=0%ACK=O%Flags=R%Ops=)
-T7(DF=N%W=0%ACK=S%Flags=AR%Ops=)
-PU(DF=N%TOS=0%IPLEN=38%RIPTL=148%RID=E%RIPCK=E%UCK=0%ULEN=134%DAT=E)
-
 # DIGITAL TCP/IP Services for OpenVMS Alpha Version V5.0A - ECO 1 on a AlphaServer DS20 500 MHz running OpenVMS V7.2-1
 Fingerprint DEC OpenVMS 7.2
 Class DEC | OpenVMS | 7.X | general purpose
@@ -6104,18 +6103,6 @@ T6(DF=N%W=0%ACK=O%Flags=R%Ops=)
 T7(DF=N%W=0%ACK=S%Flags=AR%Ops=)
 PU(DF=N%TOS=0%IPLEN=38%RIPTL=148%RID=E%RIPCK=E%UCK=E%ULEN=134%DAT=E)
 
-Fingerprint DEC OpenVMS Alpha 7.2-3
-Class DEC | OpenVMS | 7.X | general purpose
-TSeq(Class=TR%gcd=<6%IPID=I%TS=U)
-T1(DF=N%W=C6C%ACK=S++|O%Flags=AS%Ops=MNW)
-T2(Resp=N)
-T3(Resp=Y%DF=N%W=C6C%ACK=O%Flags=A%Ops=)
-T4(DF=N%W=0%ACK=O%Flags=R%Ops=)
-T5(DF=N%W=0%ACK=S++%Flags=AR%Ops=)
-T6(DF=N%W=0%ACK=O%Flags=R%Ops=)
-T7(DF=N%W=0%ACK=S%Flags=AR%Ops=)
-PU(DF=N%TOS=0%IPLEN=164%RIPTL=148%RID=E%RIPCK=E%UCK=E%ULEN=134%DAT=E)
-
 # The OS was running on a GS1280 Alpha server
 Fingerprint DEC OpenVMS 7.3
 Class DEC | OpenVMS | 7.X | general purpose
@@ -6166,6 +6153,18 @@ T6(DF=N%W=0%ACK=O%Flags=R%Ops=)
 T7(DF=N%W=0%ACK=S%Flags=AR%Ops=)
 PU(DF=N%TOS=0%IPLEN=38%RIPTL=148%RID=E%RIPCK=E%UCK=E%ULEN=134%DAT=E)
 
+Fingerprint DEC OpenVMS Alpha 7.2-3
+Class DEC | OpenVMS | 7.X | general purpose
+TSeq(Class=TR%gcd=<6%IPID=I%TS=U)
+T1(DF=N%W=C6C%ACK=S++|O%Flags=AS%Ops=MNW)
+T2(Resp=N)
+T3(Resp=Y%DF=N%W=C6C%ACK=O%Flags=A%Ops=)
+T4(DF=N%W=0%ACK=O%Flags=R%Ops=)
+T5(DF=N%W=0%ACK=S++%Flags=AR%Ops=)
+T6(DF=N%W=0%ACK=O%Flags=R%Ops=)
+T7(DF=N%W=0%ACK=S%Flags=AR%Ops=)
+PU(DF=N%TOS=0%IPLEN=164%RIPTL=148%RID=E%RIPCK=E%UCK=E%ULEN=134%DAT=E)
+
 Fingerprint DEC OpenVMS Alpha V7.1-1H2 running DIGITAL TCP/IP Services (UCX) V4.2
 Class DEC | OpenVMS | 7.X | general purpose
 TSeq(Class=64K)
@@ -6262,6 +6261,19 @@ T6(DF=N%W=0%ACK=O%Flags=R%Ops=)
 T7(DF=N%W=0%ACK=S%Flags=AR%Ops=)
 PU(DF=Y%TOS=0%IPLEN=38%RIPTL=148%RID=F%RIPCK=0%UCK=0%ULEN=134%DAT=E)
 
+# Digital OpenVMS Alpha 7.2
+Fingerprint DEC OpenVMS 7.2 Alpha
+Class DEC | OpenVMS | 7.X | general purpose
+TSeq(Class=64K%IPID=I%TS=U)
+T1(DF=N%W=C6C%ACK=S++%Flags=AS%Ops=MNW)
+T2(Resp=N)
+T3(Resp=Y%DF=N%W=C6C%ACK=O%Flags=A%Ops=)
+T4(DF=N%W=BB8%ACK=O%Flags=R%Ops=)
+T5(DF=N%W=0%ACK=S++%Flags=AR%Ops=)
+T6(DF=N%W=0%ACK=O%Flags=R%Ops=)
+T7(DF=N%W=0%ACK=S%Flags=AR%Ops=)
+PU(DF=N%TOS=0%IPLEN=38%RIPTL=148%RID=E%RIPCK=E%UCK=0%ULEN=134%DAT=E)
+
 Fingerprint DEC TOPS-20 Monitor 7(102540)-1,TD-1
 Class DEC | TOPS-20 || general purpose
 TSeq(Class=TD%gcd=30000|60000|90000%SI=<BB)
@@ -6413,18 +6425,6 @@ T6(DF=N%W=0%ACK=O%Flags=R%Ops=)
 T7(DF=N%W=0%ACK=S%Flags=AR%Ops=)
 PU(DF=N%TOS=0%IPLEN=38%RIPTL=148%RID=E%RIPCK=0%UCK=E%ULEN=134%DAT=E)
 
-Fingerprint Dell Tape Library MSL6030
-Class Dell | embedded || storage-misc
-TSeq(Class=TD%gcd=<2004%SI=<1D6%IPID=I%TS=1000HZ)
-T1(DF=N%W=16D0%ACK=S++%Flags=AS%Ops=MTNN)
-T2(Resp=Y%DF=N%W=0%ACK=S%Flags=AR%Ops=)
-T3(Resp=Y%DF=N%W=16D0%ACK=S++%Flags=AS%Ops=MTNN)
-T4(DF=N%W=0%ACK=O%Flags=R%Ops=)
-T5(DF=N%W=0%ACK=S++%Flags=AR%Ops=)
-T6(DF=N%W=0%ACK=O%Flags=R%Ops=)
-T7(DF=N%W=0%ACK=S++%Flags=AR%Ops=)
-PU(DF=N%TOS=0%IPLEN=70%RIPTL=148%RID=E%RIPCK=E%UCK=E%ULEN=134%DAT=E)
-
 Fingerprint Dell Powervault 132T Automated Tape Library
 Class Dell | embedded || storage-misc
 TSeq(Class=64K%IPID=I%TS=U)
@@ -6450,6 +6450,18 @@ T6(DF=N%W=0%ACK=O%Flags=R%Ops=)
 T7(DF=N%W=0%ACK=S%Flags=AR%Ops=)
 PU(DF=N%TOS=0%IPLEN=38%RIPTL=148%RID=F%RIPCK=0%UCK=0%ULEN=134%DAT=E)
 
+Fingerprint Dell Tape Library MSL6030
+Class Dell | embedded || storage-misc
+TSeq(Class=TD%gcd=<2004%SI=<1D6%IPID=I%TS=1000HZ)
+T1(DF=N%W=16D0%ACK=S++%Flags=AS%Ops=MTNN)
+T2(Resp=Y%DF=N%W=0%ACK=S%Flags=AR%Ops=)
+T3(Resp=Y%DF=N%W=16D0%ACK=S++%Flags=AS%Ops=MTNN)
+T4(DF=N%W=0%ACK=O%Flags=R%Ops=)
+T5(DF=N%W=0%ACK=S++%Flags=AR%Ops=)
+T6(DF=N%W=0%ACK=O%Flags=R%Ops=)
+T7(DF=N%W=0%ACK=S++%Flags=AR%Ops=)
+PU(DF=N%TOS=0%IPLEN=70%RIPTL=148%RID=E%RIPCK=E%UCK=E%ULEN=134%DAT=E)
+
 # Dell PowerConnect 3324 Switch
 # Dell PowerConnect 3348 Switch, Software Version 1.2.0.6 Boot Version 1.0.0.13
 # Dell 3324 PowerConnect Switch with firmware version 1.1.0.42
@@ -6598,9 +6610,9 @@ T5(DF=N%W=0%ACK=S++%Flags=AR%Ops=)
 T6(DF=N%W=0%ACK=O%Flags=R%Ops=)
 T7(DF=N%W=0%ACK=S%Flags=AR%Ops=)
 
-Fingerprint Edimax PS-901 Print Server model 1P/13E-9.5.12
+Fingerprint Edimax PS-1001 Print Server model
 Class Edimax | embedded || print server
-TSeq(Class=RI%gcd=<2004%SI=<12D4&>1C%IPID=I%TS=U)
+TSeq(Class=TD%gcd=<1C004%SI=<244%IPID=I%TS=U)
 T1(DF=N%W=400%ACK=S++%Flags=AS%Ops=M)
 T2(Resp=N)
 T3(Resp=Y%DF=N%W=400%ACK=S++%Flags=AS%Ops=M)
@@ -6610,9 +6622,9 @@ T6(DF=N%W=0%ACK=O%Flags=R%Ops=)
 T7(DF=N%W=0%ACK=O%Flags=R%Ops=)
 PU(Resp=N)
 
-Fingerprint Edimax PS-1001 Print Server model
+Fingerprint Edimax PS-901 Print Server model 1P/13E-9.5.12
 Class Edimax | embedded || print server
-TSeq(Class=TD%gcd=<1C004%SI=<244%IPID=I%TS=U)
+TSeq(Class=RI%gcd=<2004%SI=<12D4&>1C%IPID=I%TS=U)
 T1(DF=N%W=400%ACK=S++%Flags=AS%Ops=M)
 T2(Resp=N)
 T3(Resp=Y%DF=N%W=400%ACK=S++%Flags=AS%Ops=M)
@@ -6659,12 +6671,10 @@ T6(DF=N%W=0%ACK=O%Flags=R%Ops=)
 T7(DF=N%W=0%ACK=O%Flags=R%Ops=)
 PU(DF=N%TOS=0%IPLEN=38%RIPTL=148%RID=E%RIPCK=F%UCK=E%ULEN=134%DAT=E)
 
-# ELSA LANCOM Wireless L-11 3.42.0021 / 24.06.2004
-# Lancom (Elsa) DSL I-10 Office Firmware 3.2
-Fingerprint ELSA LANCOM DSL I-10 Office router or Wireless L-11
+Fingerprint ELSA LANCOM DSL I-10 Office router
 Class Elsa | embedded || broadband router
-TSeq(Class=TR%gcd=<6%IPID=I%TS=U)
-T1(DF=N%W=578%ACK=S++%Flags=BAS%Ops=)
+TSeq(Class=TR%gcd=<6%IPID=I)
+T1(DF=N%W=578%ACK=S++%Flags=BAS%Ops=WNMETL)
 T2(Resp=N)
 T3(Resp=N)
 T4(Resp=N)
@@ -6673,10 +6683,12 @@ T6(DF=N%W=0%ACK=O%Flags=R%Ops=)
 T7(DF=N%W=0%ACK=O%Flags=R%Ops=)
 PU(DF=N%TOS=0%IPLEN=38%RIPTL=148%RID=E%RIPCK=E%UCK=E%ULEN=134%DAT=E)
 
-Fingerprint ELSA LANCOM DSL I-10 Office router
+# ELSA LANCOM Wireless L-11 3.42.0021 / 24.06.2004
+# Lancom (Elsa) DSL I-10 Office Firmware 3.2
+Fingerprint ELSA LANCOM DSL I-10 Office router or Wireless L-11
 Class Elsa | embedded || broadband router
-TSeq(Class=TR%gcd=<6%IPID=I)
-T1(DF=N%W=578%ACK=S++%Flags=BAS%Ops=WNMETL)
+TSeq(Class=TR%gcd=<6%IPID=I%TS=U)
+T1(DF=N%W=578%ACK=S++%Flags=BAS%Ops=)
 T2(Resp=N)
 T3(Resp=N)
 T4(Resp=N)
@@ -7052,7 +7064,7 @@ T7(DF=Y%W=16D0%ACK=O%Flags=AS%Ops=M)
 PU(Resp=N)
 
 # Fortinet Fortigate-60 firewall version 2.80,build430,050609
-Fingerprint Fortinet firewall Fortigate 60 
+Fingerprint Fortinet firewall Fortigate 60
 Class Fortinet | embedded || firewall
 TSeq(Class=TR%gcd=<6%IPID=RPI%TS=100HZ)
 T1(DF=Y%W=16A0%ACK=O|S++%Flags=AS%Ops=MNNTNW)
@@ -7213,6 +7225,20 @@ T6(DF=N%W=0%ACK=O%Flags=R%Ops=)
 T7(DF=N%W=0%ACK=S%Flags=AR%Ops=)
 PU(DF=N%TOS=0%IPLEN=38%RIPTL=148%RID=F%RIPCK=E%UCK=0%ULEN=134%DAT=E)
 
+# DragonFly 1.1-Stable #0: Sun Nov 14 17:22:45 CET 2004
+# DragonFly 1.1-CURRENT (i386) build on 2004/12/03
+Fingerprint DragonFly 1.1-Stable (FreeBSD-4 fork)
+Class FreeBSD | FreeBSD | 4.x | general purpose
+TSeq(Class=TR%gcd=<6%IPID=RD%TS=1000HZ)
+T1(DF=Y%W=E000%ACK=S++%Flags=AS%Ops=MNWNNT)
+T2(Resp=N)
+T3(Resp=N)
+T4(DF=N%W=0%ACK=O%Flags=R%Ops=)
+T5(DF=N%W=0%ACK=S++%Flags=AR%Ops=)
+T6(DF=N%W=0%ACK=O%Flags=R%Ops=)
+T7(Resp=N)
+PU(DF=N%TOS=0%IPLEN=38%RIPTL=148%RID=E%RIPCK=E%UCK=0%ULEN=134%DAT=E)
+
 Fingerprint FreeBSD 4.0-20000208-CURRENT
 Class FreeBSD | FreeBSD | 4.X | general purpose
 TSeq(Class=RI%gcd=<6%SI=<63074&>FC4)
@@ -7237,6 +7263,19 @@ T6(DF=N%W=0%ACK=O%Flags=R%Ops=)
 T7(DF=N%W=0%ACK=S%Flags=AR%Ops=)
 PU(DF=N%TOS=0%IPLEN=38%RIPTL=148%RID=E%RIPCK=E%UCK=0%ULEN=134%DAT=E)
 
+# FreeBSD 4.10-STABLE  i386
+Fingerprint FreeBSD 4.10-STABLE
+Class FreeBSD | FreeBSD | 4.X | general purpose
+TSeq(Class=TR%gcd=<6%IPID=RD%TS=100HZ)
+T1(DF=Y%W=E000%ACK=S++%Flags=AS%Ops=MNWNNT)
+T2(Resp=N)
+T3(Resp=Y%DF=Y%W=E000%ACK=S++%Flags=AS%Ops=MNWNNT)
+T4(DF=N%W=0%ACK=O%Flags=R%Ops=)
+T5(DF=N%W=0%ACK=S++%Flags=AR%Ops=)
+T6(DF=N%W=0%ACK=O%Flags=R%Ops=)
+T7(DF=N%W=0%ACK=S%Flags=AR%Ops=)
+PU(DF=N%TOS=30%IPLEN=38%RIPTL=148%RID=E%RIPCK=E%UCK=0%ULEN=134%DAT=E)
+
 # FreeBSD 4.3-RC
 # FreeBSD 4.2-RELEASE i386
 Fingerprint FreeBSD 4.2 - 4.3-RC (X86)
@@ -7482,20 +7521,6 @@ T6(DF=N%W=0%ACK=O%Flags=R%Ops=)
 T7(DF=N%W=0%ACK=S%Flags=AR%Ops=)
 PU(DF=N%TOS=0%IPLEN=38%RIPTL=148%RID=E%RIPCK=E%UCK=0%ULEN=134%DAT=E)
 
-# DragonFly 1.1-Stable #0: Sun Nov 14 17:22:45 CET 2004
-# DragonFly 1.1-CURRENT (i386) build on 2004/12/03
-Fingerprint DragonFly 1.1-Stable (FreeBSD-4 fork)
-Class FreeBSD | FreeBSD | 4.x | general purpose
-TSeq(Class=TR%gcd=<6%IPID=RD%TS=1000HZ)
-T1(DF=Y%W=E000%ACK=S++%Flags=AS%Ops=MNWNNT)
-T2(Resp=N)
-T3(Resp=N)
-T4(DF=N%W=0%ACK=O%Flags=R%Ops=)
-T5(DF=N%W=0%ACK=S++%Flags=AR%Ops=)
-T6(DF=N%W=0%ACK=O%Flags=R%Ops=)
-T7(Resp=N)
-PU(DF=N%TOS=0%IPLEN=38%RIPTL=148%RID=E%RIPCK=E%UCK=0%ULEN=134%DAT=E)
-
 # FreeBSD 4.9-PRERELEASE alpha
 # FreeBSD 4.8-RELEASE on DEC Alpha
 # FreeBSD 4.9-STABLE (platform unspecified)
@@ -7548,19 +7573,6 @@ T6(DF=N%W=0%ACK=O%Flags=R%Ops=)
 T7(DF=N%W=0%ACK=S%Flags=AR%Ops=)
 PU(DF=N%TOS=0%IPLEN=38%RIPTL=148%RID=E%RIPCK=E%UCK=0%ULEN=134%DAT=E)
 
-# FreeBSD 4.9-RELEASE-p1 #0 i386
-Fingerprint FreeBSD 4.9-RELEASE
-Class FreeBSD | FreeBSD | 4.X | general purpose
-TSeq(Class=TR%gcd=<6%IPID=RD%TS=1000HZ)
-T1(DF=Y%W=2000%ACK=S++%Flags=AS%Ops=MNWNNT)
-T2(Resp=N)
-T3(Resp=Y%DF=Y%W=2000%ACK=S++%Flags=AS%Ops=MNWNNT)
-T4(DF=N%W=0%ACK=O%Flags=R%Ops=)
-T5(DF=N%W=0%ACK=S++%Flags=AR%Ops=)
-T6(DF=N%W=0%ACK=O%Flags=R%Ops=)
-T7(DF=N%W=0%ACK=S%Flags=AR%Ops=)
-PU(DF=N%TOS=0%IPLEN=38%RIPTL=148%RID=E%RIPCK=E%UCK=0%ULEN=134%DAT=E)
-
 # FreeBSD 5.0-RELEASE x86
 # sparc64 running FreeBSD 5.1-RELEASE
 # FreeBSD 4.9-STABLE FreeBSD 4.9-STABLE  i386
@@ -7577,12 +7589,13 @@ T6(DF=N%W=0%ACK=O%Flags=R%Ops=)
 T7(DF=N%W=0%ACK=S%Flags=AR%Ops=)
 PU(DF=Y|N%TOS=0%IPLEN=38%RIPTL=148%RID=E%RIPCK=E%UCK=0%ULEN=134%DAT=E)
 
-Fingerprint FreeBSD 4.9-STABLE
+# FreeBSD 4.9-RELEASE-p1 #0 i386
+Fingerprint FreeBSD 4.9-RELEASE
 Class FreeBSD | FreeBSD | 4.X | general purpose
-TSeq(Class=TR%gcd=<6%IPID=RPI%TS=100HZ)
-T1(DF=Y%W=E000%ACK=S++%Flags=AS%Ops=MNWNNT)
+TSeq(Class=TR%gcd=<6%IPID=RD%TS=1000HZ)
+T1(DF=Y%W=2000%ACK=S++%Flags=AS%Ops=MNWNNT)
 T2(Resp=N)
-T3(Resp=Y%DF=Y%W=E000%ACK=S++%Flags=AS%Ops=MNWNNT)
+T3(Resp=Y%DF=Y%W=2000%ACK=S++%Flags=AS%Ops=MNWNNT)
 T4(DF=N%W=0%ACK=O%Flags=R%Ops=)
 T5(DF=N%W=0%ACK=S++%Flags=AR%Ops=)
 T6(DF=N%W=0%ACK=O%Flags=R%Ops=)
@@ -7602,10 +7615,9 @@ T6(DF=N%W=0%ACK=O%Flags=R%Ops=)
 T7(DF=N%W=0%ACK=S%Flags=AR%Ops=)
 PU(DF=N%TOS=80%IPLEN=38%RIPTL=148%RID=E%RIPCK=E%UCK=0%ULEN=134%DAT=E)
 
-# FreeBSD 4.10-STABLE  i386
-Fingerprint FreeBSD 4.10-STABLE
+Fingerprint FreeBSD 4.9-STABLE
 Class FreeBSD | FreeBSD | 4.X | general purpose
-TSeq(Class=TR%gcd=<6%IPID=RD%TS=100HZ)
+TSeq(Class=TR%gcd=<6%IPID=RPI%TS=100HZ)
 T1(DF=Y%W=E000%ACK=S++%Flags=AS%Ops=MNWNNT)
 T2(Resp=N)
 T3(Resp=Y%DF=Y%W=E000%ACK=S++%Flags=AS%Ops=MNWNNT)
@@ -7613,7 +7625,7 @@ T4(DF=N%W=0%ACK=O%Flags=R%Ops=)
 T5(DF=N%W=0%ACK=S++%Flags=AR%Ops=)
 T6(DF=N%W=0%ACK=O%Flags=R%Ops=)
 T7(DF=N%W=0%ACK=S%Flags=AR%Ops=)
-PU(DF=N%TOS=30%IPLEN=38%RIPTL=148%RID=E%RIPCK=E%UCK=0%ULEN=134%DAT=E)
+PU(DF=N%TOS=0%IPLEN=38%RIPTL=148%RID=E%RIPCK=E%UCK=0%ULEN=134%DAT=E)
 
 #  FreeBSD 5.0-CURRENT Sun Apr 14 12:41:40 EDT 2002
 Fingerprint FreeBSD 5.0-CURRENT (Apr 2002)
@@ -7716,6 +7728,24 @@ T6(DF=Y%W=0%ACK=O%Flags=R%Ops=)
 T7(DF=Y%W=0%ACK=S%Flags=AR%Ops=)
 PU(DF=N%TOS=0%IPLEN=38%RIPTL=148%RID=E%RIPCK=E%UCK=0%ULEN=134%DAT=E)
 
+# FreeBSD 5.3-RELEASE
+# FreeBSD 5.2-CURRENT i386
+# FreeBSD 5.4-RELEASE #4
+# FreeBSD 5.4-Stable
+# FreeBSD 5.4-STABLE #0
+# BummiOS 5.4-CURRENT i386 (based on FreeBSD 5.4-STABLE)
+Fingerprint FreeBSD 5.2 - 5.4
+Class FreeBSD | FreeBSD | 5.X | general purpose
+TSeq(Class=TR%gcd=<6%IPID=RD%TS=100HZ|U)
+T1(DF=Y%W=FFFF%ACK=S++|O%Flags=AS%Ops=MNWNNT)
+T2(Resp=N)
+T3(Resp=N)
+T4(DF=Y%W=0%ACK=O%Flags=R%Ops=)
+T5(DF=Y%W=0%ACK=S++%Flags=AR%Ops=)
+T6(DF=Y%W=0%ACK=O%Flags=R%Ops=)
+T7(DF=Y%W=0%ACK=S%Flags=AR%Ops=)
+PU(DF=N%TOS=0%IPLEN=38%RIPTL=148%RID=E|F%RIPCK=E%UCK=0%ULEN=134%DAT=E)
+
 # FreeBSD 5.2-CURRENT (Jun 25, 2004) on x86 running pf as firewall with "scrub in all"
 # FreeBSD 5.3-Beta2 (x86)
 # FreeBSD 5.3-RELEASE (x86) Generic kernel
@@ -7743,32 +7773,6 @@ T6(DF=Y%W=0%ACK=O%Flags=R%Ops=)
 T7(DF=Y%W=0%ACK=S%Flags=AR%Ops=)
 PU(DF=N%TOS=0%IPLEN=38%RIPTL=148%RID=E%RIPCK=F%UCK=0%ULEN=134%DAT=E)
 
-# FreeBSD 5.3-STABLE #7 Tue Feb 8 17:55:23 WET 2005 i386
-Fingerprint FreeBSD 5.3-STABLE
-Class FreeBSD | FreeBSD | 5.X | general purpose
-TSeq(Class=TR%gcd=<6%IPID=I%TS=U)
-T1(DF=Y%W=FFFF%ACK=S++%Flags=AS%Ops=M)
-T2(Resp=N)
-T3(Resp=Y%DF=Y%W=FFFF%ACK=S++%Flags=AS%Ops=M)
-T4(DF=Y%W=0%ACK=O%Flags=R%Ops=)
-T5(DF=Y%W=0%ACK=S++%Flags=AR%Ops=)
-T6(DF=Y%W=0%ACK=O%Flags=R%Ops=)
-T7(DF=Y%W=0%ACK=S%Flags=AR%Ops=)
-PU(DF=N%TOS=0%IPLEN=38%RIPTL=148%RID=E%RIPCK=E%UCK=0%ULEN=134%DAT=E)
-
-# FreeBSD 5.3-RELEASE i386
-Fingerprint FreeBSD 5.3-RELEASE
-Class FreeBSD | FreeBSD | 5.X | general purpose
-TSeq(Class=TR%gcd=<6%IPID=I%TS=100HZ)
-T1(DF=Y%W=FFFF%ACK=S++|O%Flags=AS%Ops=MNWNNT)
-T2(Resp=N)
-T3(Resp=Y%DF=Y%W=FFFF%ACK=S++|O%Flags=AS%Ops=MNWNNT)
-T4(DF=Y%W=0%ACK=O%Flags=R%Ops=)
-T5(DF=Y|N%W=0%ACK=S++%Flags=AR%Ops=)
-T6(DF=Y%W=0%ACK=O%Flags=R%Ops=)
-T7(DF=Y|N%W=0%ACK=S++%Flags=AR%Ops=)
-PU(DF=N%TOS=0%IPLEN=164%RIPTL=148%RID=E%RIPCK=F%UCK=F%ULEN=134%DAT=E)
-
 # FreeBSD 5.3-STABLE (x86) as of 2004.11.14
 # FreeBSD 5.3-RELEASE
 Fingerprint FreeBSD 5.3
@@ -7783,18 +7787,6 @@ T6(DF=Y%W=0%ACK=O%Flags=R%Ops=)
 T7(DF=Y%W=0%ACK=S%Flags=AR%Ops=)
 PU(DF=N%TOS=0%IPLEN=38%RIPTL=148%RID=E|F%RIPCK=E%UCK=0%ULEN=134%DAT=E)
 
-Fingerprint FreeBSD 5.3-RELEASE
-Class FreeBSD | FreeBSD | 5.X | general purpose
-TSeq(Class=TR%gcd=<6%IPID=RD%TS=U)
-T1(DF=Y%W=FFFF%ACK=S++%Flags=AS%Ops=M)
-T2(Resp=N)
-T3(Resp=N)
-T4(DF=Y%W=0%ACK=O%Flags=R%Ops=)
-T5(DF=Y%W=0%ACK=S++%Flags=AR%Ops=)
-T6(DF=Y%W=0%ACK=O%Flags=R%Ops=)
-T7(Resp=N)
-PU(DF=N%TOS=0%IPLEN=38%RIPTL=148%RID=E%RIPCK=E%UCK=0%ULEN=134%DAT=E)
-
 # FreeBSD 5.3rc3 with pf scrub all
 Fingerprint FreeBSD 5.3
 Class FreeBSD | FreeBSD | 5.X | general purpose
@@ -7808,6 +7800,44 @@ T6(DF=Y%W=0%ACK=S%Flags=AR%Ops=)
 T7(Resp=N)
 PU(DF=N%TOS=0%IPLEN=38%RIPTL=148%RID=F%RIPCK=E%UCK=E%ULEN=134%DAT=E)
 
+# FreeBSD 5.3-RELEASE i386
+Fingerprint FreeBSD 5.3-RELEASE
+Class FreeBSD | FreeBSD | 5.X | general purpose
+TSeq(Class=TR%gcd=<6%IPID=I%TS=100HZ)
+T1(DF=Y%W=FFFF%ACK=S++|O%Flags=AS%Ops=MNWNNT)
+T2(Resp=N)
+T3(Resp=Y%DF=Y%W=FFFF%ACK=S++|O%Flags=AS%Ops=MNWNNT)
+T4(DF=Y%W=0%ACK=O%Flags=R%Ops=)
+T5(DF=Y|N%W=0%ACK=S++%Flags=AR%Ops=)
+T6(DF=Y%W=0%ACK=O%Flags=R%Ops=)
+T7(DF=Y|N%W=0%ACK=S++%Flags=AR%Ops=)
+PU(DF=N%TOS=0%IPLEN=164%RIPTL=148%RID=E%RIPCK=F%UCK=F%ULEN=134%DAT=E)
+
+Fingerprint FreeBSD 5.3-RELEASE
+Class FreeBSD | FreeBSD | 5.X | general purpose
+TSeq(Class=TR%gcd=<6%IPID=RD%TS=U)
+T1(DF=Y%W=FFFF%ACK=S++%Flags=AS%Ops=M)
+T2(Resp=N)
+T3(Resp=N)
+T4(DF=Y%W=0%ACK=O%Flags=R%Ops=)
+T5(DF=Y%W=0%ACK=S++%Flags=AR%Ops=)
+T6(DF=Y%W=0%ACK=O%Flags=R%Ops=)
+T7(Resp=N)
+PU(DF=N%TOS=0%IPLEN=38%RIPTL=148%RID=E%RIPCK=E%UCK=0%ULEN=134%DAT=E)
+
+# FreeBSD 5.3-STABLE #7 Tue Feb 8 17:55:23 WET 2005 i386
+Fingerprint FreeBSD 5.3-STABLE
+Class FreeBSD | FreeBSD | 5.X | general purpose
+TSeq(Class=TR%gcd=<6%IPID=I%TS=U)
+T1(DF=Y%W=FFFF%ACK=S++%Flags=AS%Ops=M)
+T2(Resp=N)
+T3(Resp=Y%DF=Y%W=FFFF%ACK=S++%Flags=AS%Ops=M)
+T4(DF=Y%W=0%ACK=O%Flags=R%Ops=)
+T5(DF=Y%W=0%ACK=S++%Flags=AR%Ops=)
+T6(DF=Y%W=0%ACK=O%Flags=R%Ops=)
+T7(DF=Y%W=0%ACK=S%Flags=AR%Ops=)
+PU(DF=N%TOS=0%IPLEN=38%RIPTL=148%RID=E%RIPCK=E%UCK=0%ULEN=134%DAT=E)
+
 # FreeBSD 5.3-STABLE as of 2004-11-14, pf scrib in all random-id
 Fingerprint FreeBSD 5.3-STABLE
 Class FreeBSD | FreeBSD | 5.X | general purpose
@@ -7835,24 +7865,6 @@ T6(DF=Y%W=0%ACK=O%Flags=R%Ops=)
 T7(DF=Y%W=0%ACK=S%Flags=AR%Ops=)
 PU(DF=N%TOS=0%IPLEN=38%RIPTL=148%RID=E%RIPCK=E%UCK=0%ULEN=134%DAT=E)
 
-# FreeBSD 5.3-RELEASE
-# FreeBSD 5.2-CURRENT i386
-# FreeBSD 5.4-RELEASE #4
-# FreeBSD 5.4-Stable
-# FreeBSD 5.4-STABLE #0
-# BummiOS 5.4-CURRENT i386 (based on FreeBSD 5.4-STABLE)
-Fingerprint FreeBSD 5.2 - 5.4
-Class FreeBSD | FreeBSD | 5.X | general purpose
-TSeq(Class=TR%gcd=<6%IPID=RD%TS=100HZ|U)
-T1(DF=Y%W=FFFF%ACK=S++|O%Flags=AS%Ops=MNWNNT)
-T2(Resp=N)
-T3(Resp=N)
-T4(DF=Y%W=0%ACK=O%Flags=R%Ops=)
-T5(DF=Y%W=0%ACK=S++%Flags=AR%Ops=)
-T6(DF=Y%W=0%ACK=O%Flags=R%Ops=)
-T7(DF=Y%W=0%ACK=S%Flags=AR%Ops=)
-PU(DF=N%TOS=0%IPLEN=38%RIPTL=148%RID=E|F%RIPCK=E%UCK=0%ULEN=134%DAT=E)
-
 # FreeBSD 5.4-RELEASE-p2 i386
 Fingerprint FreeBSD 5.4-RELEASE
 Class FreeBSD | FreeBSD | 5.X | general purpose
@@ -8002,18 +8014,6 @@ T6(DF=N%W=0%ACK=O%Flags=R%Ops=)
 T7(DF=N%W=0%ACK=S%Flags=AR%Ops=)
 PU(DF=N%TOS=C0%IPLEN=164%RIPTL=148%RID=E%RIPCK=E%UCK=E%ULEN=134%DAT=E)
 
-Fingerprint Grandstream HT-286 POTS<->VoIP phone gateway device
-Class Grandstream | embedded || VoIP adapter
-TSeq(Class=C%Val=66559055%IPID=I%TS=U)
-T1(Resp=N)
-T2(Resp=Y%DF=Y%W=1000|800%ACK=S++%Flags=AR%Ops=)
-T3(Resp=Y%DF=Y%W=109%ACK=S++%Flags=AS%Ops=M)
-T4(DF=Y%W=800|400%ACK=S++%Flags=AR%Ops=)
-T5(DF=Y%W=1000|800%ACK=S++%Flags=AR%Ops=)
-T6(DF=Y%W=C00|400%ACK=S++%Flags=AR%Ops=)
-T7(DF=Y%W=400%ACK=S++%Flags=AR%Ops=)
-PU(DF=N%TOS=0%IPLEN=38%RIPTL=148%RID=E%RIPCK=E%UCK=E%ULEN=134%DAT=E)
-
 # GrandStream 486 Voice over IP adapter
 Fingerprint GrandStream 486 VoIP adapter
 Class GrandStream | embedded || VoIP adapter
@@ -8027,6 +8027,91 @@ T6(DF=Y%W=0%ACK=O%Flags=R%Ops=)
 T7(DF=Y%W=0%ACK=S++%Flags=AR%Ops=)
 PU(DF=N%TOS=C0%IPLEN=164%RIPTL=148%RID=E%RIPCK=E%UCK=F%ULEN=134%DAT=E)
 
+Fingerprint Grandstream HT-286 POTS<->VoIP phone gateway device
+Class Grandstream | embedded || VoIP adapter
+TSeq(Class=C%Val=66559055%IPID=I%TS=U)
+T1(Resp=N)
+T2(Resp=Y%DF=Y%W=1000|800%ACK=S++%Flags=AR%Ops=)
+T3(Resp=Y%DF=Y%W=109%ACK=S++%Flags=AS%Ops=M)
+T4(DF=Y%W=800|400%ACK=S++%Flags=AR%Ops=)
+T5(DF=Y%W=1000|800%ACK=S++%Flags=AR%Ops=)
+T6(DF=Y%W=C00|400%ACK=S++%Flags=AR%Ops=)
+T7(DF=Y%W=400%ACK=S++%Flags=AR%Ops=)
+PU(DF=N%TOS=0%IPLEN=38%RIPTL=148%RID=E%RIPCK=E%UCK=E%ULEN=134%DAT=E)
+
+Fingerprint Grandstream BT-100 IP Phone
+Class GrandStream | embedded || VoIP phone
+TSeq(Class=C%Val=FBD5528A%IPID=I%TS=U)
+T1(DF=Y%W=109%ACK=S++%Flags=AS%Ops=M)
+T2(Resp=Y%DF=Y%W=400|1000|800%ACK=S++%Flags=AR%Ops=)
+T3(Resp=Y%DF=Y%W=109%ACK=S++%Flags=AS%Ops=M)
+T4(DF=Y%W=400|1000|800%ACK=S++%Flags=AR%Ops=)
+T5(DF=Y%W=C00|800%ACK=S++%Flags=AR%Ops=)
+T6(DF=Y%W=400%ACK=S++%Flags=AR%Ops=)
+T7(DF=Y%W=1000|400|C00%ACK=S++%Flags=AR%Ops=)
+PU(DF=N%TOS=0%IPLEN=38%RIPTL=148%RID=E%RIPCK=E%UCK=E%ULEN=134%DAT=E)
+
+Fingerprint GrandStream BT-100 IP Phone
+Class GrandStream | embedded || VoIP phone
+T1(DF=Y%W=109%ACK=S++%Flags=AS%Ops=M)
+T2(Resp=Y%DF=Y%W=400|800%ACK=S++%Flags=AR%Ops=)
+T3(Resp=Y%DF=Y%W=109%ACK=S++%Flags=AS%Ops=M)
+T4(DF=Y%W=1000|C00%ACK=S++%Flags=AR%Ops=)
+T5(DF=Y%W=1000|400%ACK=S++%Flags=AR%Ops=)
+T6(DF=Y%W=C00|1000%ACK=S++%Flags=AR%Ops=)
+T7(DF=Y%W=800|C00|400%ACK=S++%Flags=AR%Ops=)
+PU(Resp=N)
+
+# Grandstream BudgeTone101 VOIP phone, firmware 1.0.4.50
+Fingerprint Grandstream BT-101 IP phone
+Class GrandStream | embedded || VoIP phone
+TSeq(Class=C%Val=75DFD55D%IPID=I%TS=U)
+T1(Resp=N)
+T2(Resp=Y%DF=Y%W=400|C00%ACK=S++%Flags=AR%Ops=)
+T3(Resp=Y%DF=Y%W=109%ACK=S++%Flags=AS%Ops=M)
+T4(DF=Y%W=C00|400|1000%ACK=S++%Flags=AR%Ops=)
+T5(DF=Y%W=C00|800|400%ACK=S++%Flags=AR%Ops=)
+T6(DF=Y%W=1000|C00|800%ACK=S++%Flags=AR%Ops=)
+T7(DF=Y%W=800|400|C00%ACK=S++%Flags=AR%Ops=)
+PU(DF=N%TOS=0%IPLEN=38%RIPTL=148%RID=E%RIPCK=E%UCK=E%ULEN=134%DAT=E)
+
+# GrandStream BT-101 with firmware 1.0.5.22
+Fingerprint GrandStream BT-101 IP phone
+Class GrandStream | embedded || VoIP phone
+TSeq(Class=C%Val=5CE04AC5%IPID=I%TS=U)
+T1(DF=Y%W=109%ACK=S++%Flags=AS%Ops=M)
+T2(Resp=Y%DF=Y%W=C00|800%ACK=S++%Flags=AR%Ops=)
+T3(Resp=Y%DF=Y%W=109%ACK=S++%Flags=AS%Ops=M)
+T4(DF=Y%W=1000|800|400%ACK=S++%Flags=AR%Ops=)
+T5(DF=Y%W=800|C00%ACK=S++%Flags=AR%Ops=)
+T6(DF=Y%W=800|400%ACK=S++%Flags=AR%Ops=)
+T7(DF=Y%W=800|400%ACK=S++%Flags=AR%Ops=)
+PU(DF=N%TOS=0%IPLEN=38%RIPTL=148%RID=E%RIPCK=E%UCK=E%ULEN=134%DAT=E)
+
+Fingerprint Grandstream BudgeTone 101 IP Phone
+Class GrandStream | embedded || VoIP phone
+TSeq(Class=C%IPID=I%TS=U)
+T1(Resp=N)
+T2(Resp=Y%DF=Y%W=800|1000|C00%ACK=S++%Flags=AR%Ops=)
+T3(Resp=Y%DF=Y%W=109%ACK=S++%Flags=AS%Ops=M)
+T4(DF=Y%W=800|400%ACK=S++%Flags=AR%Ops=)
+T5(DF=Y%W=400|C00|800%ACK=S++%Flags=AR%Ops=)
+T6(DF=Y%W=1000%ACK=S++%Flags=AR%Ops=)
+T7(DF=Y%W=C00|800|1000%ACK=S++%Flags=AR%Ops=)
+PU(DF=N%TOS=0%IPLEN=38%RIPTL=148%RID=E%RIPCK=E%UCK=E%ULEN=134%DAT=E)
+
+Fingerprint Grandstream IP Phone
+Class GrandStream | embedded || VoIP phone
+TSeq(Class=C%IPID=I%TS=U)
+T1(Resp=N)
+T2(Resp=Y%DF=Y%W=1000%ACK=S++%Flags=AR%Ops=)
+T3(Resp=Y%DF=Y%W=109%ACK=S++%Flags=AS%Ops=M)
+T4(DF=Y%W=1000|400%ACK=S++%Flags=AR%Ops=)
+T5(DF=Y%W=1000|400|C00%ACK=S++%Flags=AR%Ops=)
+T6(DF=Y%W=C00|1000|800%ACK=S++%Flags=AR%Ops=)
+T7(DF=Y%W=C00%ACK=S++%Flags=AR%Ops=)
+PU(DF=N%TOS=0%IPLEN=38%RIPTL=148%RID=E%RIPCK=E%UCK=E%ULEN=134%DAT=E)
+
 # GrandStream BudgeTone-100 VoIP phone
 # GrandStream BudgeTone-100 1.0.5.16
 Fingerprint GrandStream VoIP Phone (BudgeTone-100)
@@ -8054,79 +8139,6 @@ T6(DF=Y%W=400|C00%ACK=S++%Flags=AR%Ops=)
 T7(DF=Y%W=C00|400|1000%ACK=S++%Flags=AR%Ops=)
 PU(DF=N%TOS=0%IPLEN=38%RIPTL=148%RID=E%RIPCK=E%UCK=E%ULEN=134%DAT=E)
 
-Fingerprint Grandstream IP Phone
-Class GrandStream | embedded || VoIP phone
-TSeq(Class=C%IPID=I%TS=U)
-T1(Resp=N)
-T2(Resp=Y%DF=Y%W=1000%ACK=S++%Flags=AR%Ops=)
-T3(Resp=Y%DF=Y%W=109%ACK=S++%Flags=AS%Ops=M)
-T4(DF=Y%W=1000|400%ACK=S++%Flags=AR%Ops=)
-T5(DF=Y%W=1000|400|C00%ACK=S++%Flags=AR%Ops=)
-T6(DF=Y%W=C00|1000|800%ACK=S++%Flags=AR%Ops=)
-T7(DF=Y%W=C00%ACK=S++%Flags=AR%Ops=)
-PU(DF=N%TOS=0%IPLEN=38%RIPTL=148%RID=E%RIPCK=E%UCK=E%ULEN=134%DAT=E)
-
-Fingerprint Grandstream BT-100 IP Phone
-Class GrandStream | embedded || VoIP phone
-TSeq(Class=C%Val=FBD5528A%IPID=I%TS=U)
-T1(DF=Y%W=109%ACK=S++%Flags=AS%Ops=M)
-T2(Resp=Y%DF=Y%W=400|1000|800%ACK=S++%Flags=AR%Ops=)
-T3(Resp=Y%DF=Y%W=109%ACK=S++%Flags=AS%Ops=M)
-T4(DF=Y%W=400|1000|800%ACK=S++%Flags=AR%Ops=)
-T5(DF=Y%W=C00|800%ACK=S++%Flags=AR%Ops=)
-T6(DF=Y%W=400%ACK=S++%Flags=AR%Ops=)
-T7(DF=Y%W=1000|400|C00%ACK=S++%Flags=AR%Ops=)
-PU(DF=N%TOS=0%IPLEN=38%RIPTL=148%RID=E%RIPCK=E%UCK=E%ULEN=134%DAT=E)
-
-Fingerprint GrandStream BT-100 IP Phone
-Class GrandStream | embedded || VoIP phone
-T1(DF=Y%W=109%ACK=S++%Flags=AS%Ops=M)
-T2(Resp=Y%DF=Y%W=400|800%ACK=S++%Flags=AR%Ops=)
-T3(Resp=Y%DF=Y%W=109%ACK=S++%Flags=AS%Ops=M)
-T4(DF=Y%W=1000|C00%ACK=S++%Flags=AR%Ops=)
-T5(DF=Y%W=1000|400%ACK=S++%Flags=AR%Ops=)
-T6(DF=Y%W=C00|1000%ACK=S++%Flags=AR%Ops=)
-T7(DF=Y%W=800|C00|400%ACK=S++%Flags=AR%Ops=)
-PU(Resp=N)
-
-Fingerprint Grandstream BudgeTone 101 IP Phone
-Class GrandStream | embedded || VoIP phone
-TSeq(Class=C%IPID=I%TS=U)
-T1(Resp=N)
-T2(Resp=Y%DF=Y%W=800|1000|C00%ACK=S++%Flags=AR%Ops=)
-T3(Resp=Y%DF=Y%W=109%ACK=S++%Flags=AS%Ops=M)
-T4(DF=Y%W=800|400%ACK=S++%Flags=AR%Ops=)
-T5(DF=Y%W=400|C00|800%ACK=S++%Flags=AR%Ops=)
-T6(DF=Y%W=1000%ACK=S++%Flags=AR%Ops=)
-T7(DF=Y%W=C00|800|1000%ACK=S++%Flags=AR%Ops=)
-PU(DF=N%TOS=0%IPLEN=38%RIPTL=148%RID=E%RIPCK=E%UCK=E%ULEN=134%DAT=E)
-
-# Grandstream BudgeTone101 VOIP phone, firmware 1.0.4.50
-Fingerprint Grandstream BT-101 IP phone
-Class GrandStream | embedded || VoIP phone
-TSeq(Class=C%Val=75DFD55D%IPID=I%TS=U)
-T1(Resp=N)
-T2(Resp=Y%DF=Y%W=400|C00%ACK=S++%Flags=AR%Ops=)
-T3(Resp=Y%DF=Y%W=109%ACK=S++%Flags=AS%Ops=M)
-T4(DF=Y%W=C00|400|1000%ACK=S++%Flags=AR%Ops=)
-T5(DF=Y%W=C00|800|400%ACK=S++%Flags=AR%Ops=)
-T6(DF=Y%W=1000|C00|800%ACK=S++%Flags=AR%Ops=)
-T7(DF=Y%W=800|400|C00%ACK=S++%Flags=AR%Ops=)
-PU(DF=N%TOS=0%IPLEN=38%RIPTL=148%RID=E%RIPCK=E%UCK=E%ULEN=134%DAT=E)
-
-# GrandStream BT-101 with firmware 1.0.5.22
-Fingerprint GrandStream BT-101 IP phone
-Class GrandStream | embedded || VoIP phone
-TSeq(Class=C%Val=5CE04AC5%IPID=I%TS=U)
-T1(DF=Y%W=109%ACK=S++%Flags=AS%Ops=M)
-T2(Resp=Y%DF=Y%W=C00|800%ACK=S++%Flags=AR%Ops=)
-T3(Resp=Y%DF=Y%W=109%ACK=S++%Flags=AS%Ops=M)
-T4(DF=Y%W=1000|800|400%ACK=S++%Flags=AR%Ops=)
-T5(DF=Y%W=800|C00%ACK=S++%Flags=AR%Ops=)
-T6(DF=Y%W=800|400%ACK=S++%Flags=AR%Ops=)
-T7(DF=Y%W=800|400%ACK=S++%Flags=AR%Ops=)
-PU(DF=N%TOS=0%IPLEN=38%RIPTL=148%RID=E%RIPCK=E%UCK=E%ULEN=134%DAT=E)
-
 Fingerprint PalmOS 5.2.1 on Handspring Treo
 Class Handspring | PalmOS | 5.X | PDA
 TSeq(Class=TR%gcd=<6%IPID=RD%TS=2HZ)
@@ -8196,6 +8208,18 @@ T6(Resp=Y%DF=N%W=0%ACK=O%Flags=R%Ops=)
 T7(Resp=Y%DF=N%W=0%ACK=S%Flags=AR%Ops=)
 PU(Resp=Y%DF=N%TOS=0%IPLEN=38%RIPTL=15C%RID=E%RIPCK=0%UCK=0%ULEN=134%DAT=E)
 
+Fingerprint HP Procurve Routing Switch 9304M
+Class HP | embedded || load balancer
+TSeq(Class=C)
+T1(DF=Y%W=800%ACK=S++%Flags=AS%Ops=M)
+T2(Resp=Y%DF=Y%W=1%ACK=S%Flags=AR%Ops=)
+T3(Resp=Y%DF=Y%W=1%ACK=S++%Flags=AR%Ops=)
+T4(DF=Y%W=1%ACK=O%Flags=R%Ops=)
+T5(Resp=N)
+T6(DF=Y%W=1%ACK=O%Flags=R%Ops=)
+T7(DF=Y%W=1%ACK=S%Flags=AR%Ops=)
+PU(Resp=Y%DF=N%TOS=0%IPLEN=38%RIPTL=148%RID=E%RIPCK=E%UCK=E%ULEN=134%DAT=E)
+
 # HP J4899A ProCurve Switch 2650, H.08.53, ROM H.08.02 - 24 port HP Switch with 2 Uplinks
 # HP ProCurve Switch 2626 - Firmware revision  : H.08.67
 # HP Procurve Switch 5304XL - Image stamp: /sw/code/build/alpmo(dex_v09_2)
@@ -8211,18 +8235,6 @@ T6(DF=N%W=0%ACK=O%Flags=R%Ops=)
 T7(DF=N%W=0%ACK=S%Flags=AR%Ops=)
 PU(DF=N%TOS=0%IPLEN=38%RIPTL=148%RID=E%RIPCK=0%UCK=0%ULEN=134%DAT=E)
 
-Fingerprint HP Procurve Routing Switch 9304M
-Class HP | embedded || load balancer
-TSeq(Class=C)
-T1(DF=Y%W=800%ACK=S++%Flags=AS%Ops=M)
-T2(Resp=Y%DF=Y%W=1%ACK=S%Flags=AR%Ops=)
-T3(Resp=Y%DF=Y%W=1%ACK=S++%Flags=AR%Ops=)
-T4(DF=Y%W=1%ACK=O%Flags=R%Ops=)
-T5(Resp=N)
-T6(DF=Y%W=1%ACK=O%Flags=R%Ops=)
-T7(DF=Y%W=1%ACK=S%Flags=AR%Ops=)
-PU(Resp=Y%DF=N%TOS=0%IPLEN=38%RIPTL=148%RID=E%RIPCK=E%UCK=E%ULEN=134%DAT=E)
-
 # HP LaserJet 1300N with JetDirect 200m LIO card
 Fingerprint HP printer w/JetDirect card
 Class HP | embedded || print server
@@ -8266,6 +8278,24 @@ T6(DF=N%W=0%ACK=O%Flags=R%Ops=)
 T7(DF=N%W=0%ACK=S%Flags=AR%Ops=)
 PU(DF=N|Y%TOS=0%IPLEN=38%RIPTL=148%RID=F%RIPCK=0|F%UCK=0%ULEN=134%DAT=E)
 
+# HP Laserjet 4250, HP JetDirect J7949E
+# hp LaserJet 2420
+# hp LaserJet 4250 w/ embedded HP JetDirect J7949E; firmware V.28.43.FF w/ datecode 20040902 08.007.0
+# HP LaserJet 2420dn printer, JetDirect J7949E, firmware V.28.43
+# hp LaserJet 4250 with embedded HP JetDirect J7949E
+# HP LaserJet 2420 printer
+Fingerprint HP LaserJet 2420 or 4250 printer
+Class HP | embedded || printer
+TSeq(Class=64K%IPID=I%TS=2HZ)
+T1(DF=N%W=5B4|16D0%ACK=S++%Flags=AS%Ops=MNWNNT)
+T2(Resp=N)
+T3(Resp=Y%DF=N%W=5B4|16D0%ACK=O%Flags=A%Ops=NNT)
+T4(DF=N%W=5B4|16D0%ACK=O%Flags=R%Ops=)
+T5(DF=N%W=0%ACK=S++%Flags=AR%Ops=)
+T6(DF=N%W=0%ACK=O%Flags=R%Ops=)
+T7(DF=N%W=0%ACK=S%Flags=AR%Ops=)
+PU(DF=N%TOS=0%IPLEN=38%RIPTL=148%RID=E|F%RIPCK=0%UCK=0%ULEN=134%DAT=E)
+
 Fingerprint HP LaserJet 4000N Printer
 Class HP | embedded || printer
 TSeq(Class=TD%gcd=<6%SI=<1E)
@@ -8400,24 +8430,6 @@ T6(DF=N%W=0%ACK=O%Flags=R%Ops=)
 T7(DF=N%W=0%ACK=S%Flags=AR%Ops=)
 PU(DF=N|Y%TOS=0%IPLEN=38%RIPTL=148%RID=E|F%RIPCK=0%UCK=0%ULEN=134%DAT=E)
 
-# HP Laserjet 4250, HP JetDirect J7949E
-# hp LaserJet 2420
-# hp LaserJet 4250 w/ embedded HP JetDirect J7949E; firmware V.28.43.FF w/ datecode 20040902 08.007.0
-# HP LaserJet 2420dn printer, JetDirect J7949E, firmware V.28.43
-# hp LaserJet 4250 with embedded HP JetDirect J7949E
-# HP LaserJet 2420 printer
-Fingerprint HP LaserJet 2420 or 4250 printer
-Class HP | embedded || printer
-TSeq(Class=64K%IPID=I%TS=2HZ)
-T1(DF=N%W=5B4|16D0%ACK=S++%Flags=AS%Ops=MNWNNT)
-T2(Resp=N)
-T3(Resp=Y%DF=N%W=5B4|16D0%ACK=O%Flags=A%Ops=NNT)
-T4(DF=N%W=5B4|16D0%ACK=O%Flags=R%Ops=)
-T5(DF=N%W=0%ACK=S++%Flags=AR%Ops=)
-T6(DF=N%W=0%ACK=O%Flags=R%Ops=)
-T7(DF=N%W=0%ACK=S%Flags=AR%Ops=)
-PU(DF=N%TOS=0%IPLEN=38%RIPTL=148%RID=E|F%RIPCK=0%UCK=0%ULEN=134%DAT=E)
-
 # HP JetDirect J6057A Firmware Version R.22.09 in 4100mpf printer
 Fingerprint HP printer w/JetDirect card
 Class HP | embedded || printer
@@ -8483,6 +8495,19 @@ T6(DF=N%W=400%ACK=O%Flags=R%Ops=)
 T7(DF=N%W=400%ACK=O%Flags=R%Ops=)
 PU(DF=N%TOS=0%IPLEN=38%RIPTL=148%RIPCK=E%UCK=E%ULEN=134%DAT=E)
 
+# HP Entria II with Kernel B.09.11 and Boot Block B.08.02
+Fingerprint HP Entria II X station
+Class HP | embedded || X terminal
+TSeq(Class=64K%IPID=I%TS=U)
+T1(DF=N%W=2017%ACK=S++%Flags=AS%Ops=M)
+T2(Resp=N)
+T3(Resp=Y%DF=N%W=2017%ACK=S++%Flags=AS%Ops=M)
+T4(DF=N%W=2000%ACK=O%Flags=R%Ops=)
+T5(DF=N%W=0%ACK=S++%Flags=AR%Ops=)
+T6(DF=N%W=0%ACK=O%Flags=R%Ops=)
+T7(DF=N%W=0%ACK=S%Flags=AR%Ops=)
+PU(DF=N%TOS=0%IPLEN=38%RIPTL=15C%RID=F%RIPCK=0%UCK=0%ULEN=134%DAT=E)
+
 Fingerprint HP-UX 10.20 # 9000/777 or A 712/60 with tcp_random_seq = 1 or 2
 Class HP | HP-UX | 10.X | general purpose
 TSeq(Class=RI%gcd=<6%SI=<18000)
@@ -8782,19 +8807,6 @@ T6(DF=N%W=0%ACK=O%Flags=R%Ops=)
 T7(DF=N%W=0%ACK=S%Flags=AR%Ops=)
 PU(DF=N|Y%TOS=0%IPLEN=38%RIPTL=15C%RID=F%RIPCK=0%UCK=0%ULEN=134%DAT=E)
 
-# HP Entria II with Kernel B.09.11 and Boot Block B.08.02
-Fingerprint HP Entria II X station
-Class HP | embedded || X terminal
-TSeq(Class=64K%IPID=I%TS=U)
-T1(DF=N%W=2017%ACK=S++%Flags=AS%Ops=M)
-T2(Resp=N)
-T3(Resp=Y%DF=N%W=2017%ACK=S++%Flags=AS%Ops=M)
-T4(DF=N%W=2000%ACK=O%Flags=R%Ops=)
-T5(DF=N%W=0%ACK=S++%Flags=AR%Ops=)
-T6(DF=N%W=0%ACK=O%Flags=R%Ops=)
-T7(DF=N%W=0%ACK=S%Flags=AR%Ops=)
-PU(DF=N%TOS=0%IPLEN=38%RIPTL=15C%RID=F%RIPCK=0%UCK=0%ULEN=134%DAT=E)
-
 #  HPJ2600A Ethernet hub or HP ProCurve Switch 4000M
 # Bay Networks MicroAnnex XL running firmware 10.0B
 Fingerprint VxWorks 5.3.x bases system (usually an Ethernet hub or switch such as HP ProCurve) or Bay Networks MicroAnnex XL terminal server
@@ -8810,18 +8822,6 @@ T6(DF=N%W=0%ACK=O%Flags=R%Ops=)
 T7(DF=N%W=0%ACK=S%Flags=AR%Ops=)
 PU(DF=N%TOS=0%IPLEN=38%RIPTL=148%RID=F%RIPCK=0%UCK=0%ULEN=134%DAT=E)
 
-Fingerprint BBIagent v1.8.1 software router
-Class BBIagent | Linux | 2.4.X | software router
-TSeq(Class=RI%gcd=<6%SI=<18C54&>3B8%IPID=I)
-T1(DF=Y%W=402E%ACK=S++%Flags=AS%Ops=MNWNNT)
-T2(Resp=Y%DF=Y%W=0%ACK=S%Flags=AR%Ops=)
-T3(Resp=Y%DF=Y%W=402E%ACK=S++%Flags=AS%Ops=MNWNNT)
-T4(DF=N%W=0%ACK=O%Flags=R%Ops=)
-T5(DF=Y%W=0%ACK=S++%Flags=AR%Ops=)
-T6(DF=Y%W=0%ACK=O%Flags=R%Ops=)
-T7(DF=Y%W=0%ACK=S++%Flags=AR%Ops=)
-PU(DF=N%TOS=C0%IPLEN=164%RIPTL=148%RID=E%RIPCK=E%UCK=E%ULEN=134%DAT=E)
-
 Fingerprint Huawei Quidway R2621 router running VRP 1.5.6(1)
 Class Huawei | VRP || router
 TSeq(Class=TD%gcd=<1E804%SI=<1E%IPID=I%TS=2HZ)
@@ -9104,6 +9104,18 @@ T6(DF=N%W=0%ACK=O%Flags=R%Ops=)
 T7(Resp=N)
 PU(DF=N%TOS=0%IPLEN=38%RIPTL=15C%RID=E%RIPCK=E%UCK=0%ULEN=134%DAT=E)
 
+Fingerprint IBM AIX 5.3 ML01
+Class IBM | AIX | 5.X | general purpose
+TSeq(Class=TR%gcd=<6%IPID=RPI%TS=U)
+T1(DF=Y%W=5B4%ACK=S++%Flags=AS%Ops=M)
+T2(Resp=N)
+T3(Resp=Y%DF=Y%W=5B4%ACK=S++%Flags=AS%Ops=M)
+T4(DF=N%W=0%ACK=O%Flags=R%Ops=)
+T5(DF=N%W=0%ACK=S++%Flags=AR%Ops=)
+T6(DF=N%W=0%ACK=O%Flags=R%Ops=)
+T7(DF=N%W=0%ACK=S%Flags=AR%Ops=)
+PU(DF=N%TOS=0%IPLEN=38%RIPTL=15C%RID=E%RIPCK=F%UCK=0%ULEN=134%DAT=E)
+
 Fingerprint IBM AIX 5.1
 Class IBM | AIX | 5.X | general purpose
 TSeq(Class=TR%gcd=<6%IPID=I%TS=U)
@@ -9129,6 +9141,18 @@ T6(DF=N%W=0%ACK=O%Flags=R%Ops=)
 T7(DF=N%W=0%ACK=S%Flags=AR%Ops=)
 PU(DF=N%TOS=0%IPLEN=38%RIPTL=15C%RID=E%RIPCK=F%UCK=0%ULEN=134%DAT=E)
 
+Fingerprint IBM AIX 5.1
+Class IBM | AIX | 5.X | general purpose
+TSeq(Class=TR%gcd=<6%IPID=I%TS=U)
+T1(DF=Y%W=805C%ACK=S++%Flags=AS%Ops=M)
+T2(Resp=N)
+T3(Resp=Y%DF=Y%W=805C%ACK=S++%Flags=AS%Ops=M)
+T4(DF=N%W=8000%ACK=O%Flags=R%Ops=)
+T5(DF=N%W=0%ACK=S++%Flags=AR%Ops=)
+T6(DF=N%W=0%ACK=O%Flags=R%Ops=)
+T7(DF=N%W=0%ACK=S%Flags=AR%Ops=)
+PU(DF=Y%TOS=0%IPLEN=38%RIPTL=15C%RID=E%RIPCK=F%UCK=0%ULEN=134%DAT=E)
+
 # IBM AIX 5L 5.1
 # IBM AIX 5.1 ML00
 # AIX 5.1.4
@@ -9145,18 +9169,6 @@ T6(DF=N%W=0%ACK=O%Flags=R%Ops=)
 T7(Resp=N)
 PU(DF=N|Y%TOS=0%IPLEN=38%RIPTL=15C%RID=E%RIPCK=F%UCK=0%ULEN=134%DAT=E)
 
-Fingerprint IBM AIX 5.1
-Class IBM | AIX | 5.X | general purpose
-TSeq(Class=TR%gcd=<6%IPID=I%TS=U)
-T1(DF=Y%W=805C%ACK=S++%Flags=AS%Ops=M)
-T2(Resp=N)
-T3(Resp=Y%DF=Y%W=805C%ACK=S++%Flags=AS%Ops=M)
-T4(DF=N%W=8000%ACK=O%Flags=R%Ops=)
-T5(DF=N%W=0%ACK=S++%Flags=AR%Ops=)
-T6(DF=N%W=0%ACK=O%Flags=R%Ops=)
-T7(DF=N%W=0%ACK=S%Flags=AR%Ops=)
-PU(DF=Y%TOS=0%IPLEN=38%RIPTL=15C%RID=E%RIPCK=F%UCK=0%ULEN=134%DAT=E)
-
 Fingerprint IBM AIX 5.1 - 5.2
 Class IBM | AIX | 5.X | general purpose
 TSeq(Class=TR%gcd=<6%IPID=I%TS=U)
@@ -9183,19 +9195,6 @@ T6(DF=N%W=0%ACK=O%Flags=R%Ops=)
 T7(DF=N%W=0%ACK=S%Flags=AR%Ops=)
 PU(DF=N%TOS=0%IPLEN=38%RIPTL=15C%RID=E%RIPCK=F%UCK=0%ULEN=134%DAT=E)
 
-# IBM AIX 5.103 on
-Fingerprint IBM AIX 5.103
-Class IBM | AIX | 5.X | general purpose
-TSeq(Class=TR%gcd=<6%IPID=I%TS=2HZ)
-T1(DF=Y%W=FFF7%ACK=S++%Flags=AS%Ops=MNWNNT)
-T2(Resp=N)
-T3(Resp=Y%DF=Y%W=FFF7%ACK=S++%Flags=AS%Ops=MNWNNT)
-T4(DF=N%W=0%ACK=O%Flags=R%Ops=)
-T5(DF=N%W=0%ACK=S++%Flags=AR%Ops=)
-T6(DF=N%W=0%ACK=O%Flags=R%Ops=)
-T7(DF=N%W=0%ACK=S%Flags=AR%Ops=)
-PU(DF=N%TOS=0%IPLEN=38%RIPTL=15C%RID=E%RIPCK=F%UCK=0%ULEN=134%DAT=E)
-
 # aix 5.1 Maintenance Level 6
 Fingerprint IBM AIX 5.1 on a p610-6C1
 Class IBM | AIX | 5.X | general purpose
@@ -9221,6 +9220,19 @@ T6(DF=N%W=0%ACK=O%Flags=R%Ops=)
 T7(DF=N%W=0%ACK=S%Flags=AR%Ops=)
 PU(DF=N|Y%TOS=0%IPLEN=38%RIPTL=15C%RID=E%RIPCK=F%UCK=0%ULEN=134%DAT=E)
 
+# IBM AIX 5.103 on
+Fingerprint IBM AIX 5.103
+Class IBM | AIX | 5.X | general purpose
+TSeq(Class=TR%gcd=<6%IPID=I%TS=2HZ)
+T1(DF=Y%W=FFF7%ACK=S++%Flags=AS%Ops=MNWNNT)
+T2(Resp=N)
+T3(Resp=Y%DF=Y%W=FFF7%ACK=S++%Flags=AS%Ops=MNWNNT)
+T4(DF=N%W=0%ACK=O%Flags=R%Ops=)
+T5(DF=N%W=0%ACK=S++%Flags=AR%Ops=)
+T6(DF=N%W=0%ACK=O%Flags=R%Ops=)
+T7(DF=N%W=0%ACK=S%Flags=AR%Ops=)
+PU(DF=N%TOS=0%IPLEN=38%RIPTL=15C%RID=E%RIPCK=F%UCK=0%ULEN=134%DAT=E)
+
 # IBM AIX 5.2 on pSeries (Power4)
 Fingerprint IBM AIX 5.2
 Class IBM | AIX | 5.X | general purpose
@@ -9274,18 +9286,6 @@ T6(DF=N%W=0%ACK=O%Flags=R%Ops=)
 T7(DF=N%W=0%ACK=S%Flags=AR%Ops=)
 PU(DF=N%TOS=0%IPLEN=38%RIPTL=15C%RID=E%RIPCK=F%UCK=0%ULEN=134%DAT=E)
 
-Fingerprint AIX 5.3 ML01
-Class IBM | AIX | 5.X | general purpose
-TSeq(Class=TR%gcd=<6%IPID=RPI%TS=U)
-T1(DF=Y%W=5B4%ACK=S++%Flags=AS%Ops=M)
-T2(Resp=N)
-T3(Resp=Y%DF=Y%W=5B4%ACK=S++%Flags=AS%Ops=M)
-T4(DF=N%W=0%ACK=O%Flags=R%Ops=)
-T5(DF=N%W=0%ACK=S++%Flags=AR%Ops=)
-T6(DF=N%W=0%ACK=O%Flags=R%Ops=)
-T7(DF=N%W=0%ACK=S%Flags=AR%Ops=)
-PU(DF=N%TOS=0%IPLEN=38%RIPTL=15C%RID=E%RIPCK=F%UCK=0%ULEN=134%DAT=E)
-
 Fingerprint IBM 8222 hub
 Class IBM | embedded || hub
 TSeq(Class=TD%gcd=<6%SI=<1A4%IPID=I%TS=U)
@@ -10118,18 +10118,6 @@ T6(DF=N%W=0%ACK=O%Flags=R%Ops=)
 T7(DF=N%W=0%ACK=S%Flags=AR%Ops=)
 PU(DF=Y%TOS=0%IPLEN=38%RIPTL=148%RID=E%RIPCK=E%UCK=E%ULEN=134%DAT=E)
 
-Fingerprint Juniper Router running JUNOS
-Class Juniper | JUNOS || router
-TSeq(Class=RI%gcd=<5%SI=>FFF)
-T1(DF=Y%W=403D%ACK=S++%Flags=AS%Ops=MNWNNT)
-T2(Resp=N)
-T3(Resp=Y%DF=Y%W=403D%ACK=S++%Flags=AS%Ops=MNWNNT)
-T4(DF=N%W=4000%ACK=O%Flags=R%Ops=)
-T5(DF=N%W=0%ACK=S++%Flags=AR%Ops=)
-T6(DF=N%W=0%ACK=O%Flags=R%Ops=)
-T7(DF=N%W=0%ACK=S%Flags=AR%Ops=)
-PU(DF=Y%TOS=0%IPLEN=38%RIPTL=148%RID=E%RIPCK=E%UCK=E%ULEN=134%DAT=E)
-
 # Juniper router M10i JUNOS ROUTER 7.2R1.7 #0 i386
 Fingerprint Juniper Networks router M10i running JUNOS 7.2R1.7
 Class Juniper | JUNOS || router
@@ -10143,6 +10131,18 @@ T6(DF=N%W=800|400%ACK=S%Flags=AR%Ops=WNMETL)
 T7(DF=N%W=800|C00%ACK=S++%Flags=AR%Ops=WNMETL)
 PU(DF=Y%TOS=0%IPLEN=38%RIPTL=148%RID=E%RIPCK=E%UCK=F%ULEN=134%DAT=E)
 
+Fingerprint Juniper Router running JUNOS
+Class Juniper | JUNOS || router
+TSeq(Class=RI%gcd=<5%SI=>FFF)
+T1(DF=Y%W=403D%ACK=S++%Flags=AS%Ops=MNWNNT)
+T2(Resp=N)
+T3(Resp=Y%DF=Y%W=403D%ACK=S++%Flags=AS%Ops=MNWNNT)
+T4(DF=N%W=4000%ACK=O%Flags=R%Ops=)
+T5(DF=N%W=0%ACK=S++%Flags=AR%Ops=)
+T6(DF=N%W=0%ACK=O%Flags=R%Ops=)
+T7(DF=N%W=0%ACK=S%Flags=AR%Ops=)
+PU(DF=Y%TOS=0%IPLEN=38%RIPTL=148%RID=E%RIPCK=E%UCK=E%ULEN=134%DAT=E)
+
 # KA9Q is a networking OS used mostly by amateur radio operators for radio to
 # internet gateways.
 Fingerprint KA9Q amateur radio OS
@@ -10173,19 +10173,6 @@ T6(DF=N%W=0%ACK=O%Flags=R%Ops=)
 T7(DF=N%W=0%ACK=S++%Flags=AR%Ops=)
 PU(DF=N%TOS=0%IPLEN=38%RIPTL=148%RID=E%RIPCK=E%UCK=E%ULEN=134%DAT=E)
 
-# UTStarcom F1000 wifi voip phone Phone OS: VxWorks (for Hornet VoWifi, ARM946ES (LE) Factory Firmware) version 5.5.1.: Kernel: WIND version 2.6. : Made on Apr  5 2005, 14:49:39.
-Fingerprint UTStarcom F1000 wifi voip phone
-Class UTStarcom | embedded || VoIP phone
-TSeq(Class=TR%gcd=<6%IPID=I)
-T1(DF=Y%W=4000%ACK=S++%Flags=AS%Ops=MNWNNT)
-T2(Resp=N)
-T3(Resp=Y%DF=Y%W=4000%ACK=S++%Flags=AS%Ops=MNWNNT)
-T4(DF=N%W=0%ACK=O%Flags=R%Ops=)
-T5(DF=N%W=0%ACK=S++%Flags=AR%Ops=)
-T6(DF=N%W=0%ACK=O%Flags=R%Ops=)
-T7(DF=N%W=0%ACK=S%Flags=AR%Ops=)
-PU(DF=N%TOS=0%IPLEN=70%RIPTL=148%RID=E%RIPCK=E%UCK=0%ULEN=134%DAT=E)
-
 Fingerprint KIRK Wireless Server 600
 Class KIRK | embedded || VoIP Gateway
 TSeq(Class=TD%gcd=<714%SI=<14%IPID=I%TS=U)
@@ -10442,6 +10429,31 @@ T6(Resp=N)
 T7(Resp=N)
 PU(Resp=N)
 
+Fingerprint Fingerprint LevelOne WBR-3406TX wireless broadband router
+Class Level One | embedded || broadband router
+TSeq(Class=TD%gcd=<68%SI=<1E%IPID=BI%TS=U)
+T1(DF=N%W=1540|1638%ACK=S++%Flags=AS%Ops=M)
+T2(Resp=N)
+T3(Resp=N)
+T4(Resp=N)
+T5(DF=N%W=0%ACK=S++%Flags=AR%Ops=)
+T6(DF=N%W=0%ACK=S%Flags=AR%Ops=)
+T7(DF=N%W=0%ACK=S++%Flags=AR%Ops=)
+PU(Resp=N)
+
+# LevelOne wireless router WBR-3403TX
+Fingerprint LevelOne WBR-3403TX wireless broadband router
+Class Level One | embedded || broadband router
+TSeq(Class=RI%gcd=<6%SI=<102C870&>295B1%IPID=Z%TS=1000HZ)
+T1(DF=Y%W=16A0%ACK=S++%Flags=AS%Ops=MNNTNW)
+T2(Resp=N)
+T3(Resp=N)
+T4(DF=Y%W=0%ACK=O%Flags=R%Ops=)
+T5(DF=N%W=C00|800%ACK=S++%Flags=AR%Ops=)
+T6(DF=N%W=800|C00|1000%ACK=S%Flags=AR%Ops=)
+T7(Resp=N)
+PU(Resp=N)
+
 Fingerprint Lexmark M412n network printer
 Class Lexmark | embedded || printer
 TSeq(Class=RI%gcd=<6%SI=<4ADB2&>9B2%IPID=I%TS=2HZ)
@@ -10466,6 +10478,19 @@ T6(DF=N%W=0%ACK=O%Flags=R%Ops=)
 T7(Resp=N)
 PU(DF=N%TOS=0%IPLEN=38%RIPTL=148%RID=E%RIPCK=E%UCK=E%ULEN=134%DAT=E)
 
+# Lexmark Optra N Laser Printer
+Fingerprint Lexmark Optra N Laser Printer
+Class Lexmark | embedded || printer
+TSeq(Class=TD%gcd=<272A%SI=<1E%IPID=I%TS=U)
+T1(DF=N%W=400%ACK=S++%Flags=AS%Ops=ME)
+T2(Resp=Y%DF=N%W=0%ACK=S%Flags=AR%Ops=)
+T3(Resp=Y%DF=N%W=400%ACK=S++%Flags=AS%Ops=ME)
+T4(DF=N%W=0%ACK=S%Flags=R%Ops=)
+T5(DF=N%W=0%ACK=S++%Flags=AR%Ops=)
+T6(DF=N%W=0%ACK=S%Flags=R%Ops=)
+T7(DF=N%W=0%ACK=S++%Flags=AR%Ops=)
+PU(DF=N%TOS=0%IPLEN=1C%RIPTL=0%RID=0%RIPCK=0%UCK=F%ULEN=134%DAT=E)
+
 # Lexmark Optra R+ (4049-RA0) w. MarkNet XL card (firmware rev. 79.133.1
 # Lexmark Optra Lx+ Network Printer, firmware
 Fingerprint Lexmark Optra network printer
@@ -10480,19 +10505,6 @@ T6(Resp=Y%DF=N%W=0%ACK=S%Flags=R%Ops=)
 T7(Resp=Y%DF=N%W=0%ACK=S++%Flags=AR%Ops=)
 PU(Resp=N)
 
-# Lexmark Optra N Laser Printer
-Fingerprint Lexmark Optra N Laser Printer
-Class Lexmark | embedded || printer
-TSeq(Class=TD%gcd=<272A%SI=<1E%IPID=I%TS=U)
-T1(DF=N%W=400%ACK=S++%Flags=AS%Ops=ME)
-T2(Resp=Y%DF=N%W=0%ACK=S%Flags=AR%Ops=)
-T3(Resp=Y%DF=N%W=400%ACK=S++%Flags=AS%Ops=ME)
-T4(DF=N%W=0%ACK=S%Flags=R%Ops=)
-T5(DF=N%W=0%ACK=S++%Flags=AR%Ops=)
-T6(DF=N%W=0%ACK=S%Flags=R%Ops=)
-T7(DF=N%W=0%ACK=S++%Flags=AR%Ops=)
-PU(DF=N%TOS=0%IPLEN=1C%RIPTL=0%RID=0%RIPCK=0%UCK=F%ULEN=134%DAT=E)
-
 # Lexmark Optra T612 (printer) running firmware 3.11.17
 # Lexmark Optra S 2420
 Fingerprint Lexmark Optra printer
@@ -10572,31 +10584,6 @@ T6(DF=Y%W=0%ACK=O%Flags=R%Ops=)
 T7(DF=Y%W=0%ACK=S++%Flags=AR%Ops=)
 PU(DF=Y%TOS=C0%IPLEN=164%RIPTL=148%RID=E%RIPCK=E%UCK=E%ULEN=134%DAT=E)
 
-# LevelOne wireless router WBR-3403TX
-Fingerprint LevelOne WBR-3403TX wireless broadband router
-Class Level One | embedded || broadband router
-TSeq(Class=RI%gcd=<6%SI=<102C870&>295B1%IPID=Z%TS=1000HZ)
-T1(DF=Y%W=16A0%ACK=S++%Flags=AS%Ops=MNNTNW)
-T2(Resp=N)
-T3(Resp=N)
-T4(DF=Y%W=0%ACK=O%Flags=R%Ops=)
-T5(DF=N%W=C00|800%ACK=S++%Flags=AR%Ops=)
-T6(DF=N%W=800|C00|1000%ACK=S%Flags=AR%Ops=)
-T7(Resp=N)
-PU(Resp=N)
-
-Fingerprint Fingerprint LevelOne WBR-3406TX wireless broadband router
-Class Level One | embedded || broadband router
-TSeq(Class=TD%gcd=<68%SI=<1E%IPID=BI%TS=U)
-T1(DF=N%W=1540|1638%ACK=S++%Flags=AS%Ops=M)
-T2(Resp=N)
-T3(Resp=N)
-T4(Resp=N)
-T5(DF=N%W=0%ACK=S++%Flags=AR%Ops=)
-T6(DF=N%W=0%ACK=S%Flags=AR%Ops=)
-T7(DF=N%W=0%ACK=S++%Flags=AR%Ops=)
-PU(Resp=N)
-
 Fingerprint LG Goldstream LR3001f router, software version 4.0
 Class LG GoldStream | embedded || router
 TSeq(Class=TD%gcd=<8004%SI=<1E%IPID=I%TS=U)
@@ -10724,18 +10711,60 @@ T6(DF=N%W=400|800|C00|1000%ACK=S%Flags=AR%Ops=)
 T7(DF=N%W=400|800|C00|1000%ACK=S++%Flags=AR%Ops=)
 PU(DF=N%TOS=0%IPLEN=38%RIPTL=148%RID=E%RIPCK=E%UCK=E%ULEN=134%DAT=E)
 
-# Linux kernel 2.4.20 (mips) on Linksys WRT54G Wireless Broadband Router with firmware Sveasoft +Alchemy-pre7a beta build version v3.37.6.8sv
-Fingerprint Linksys WRT54G Wireless Broadband Router (Linux kernel 2.4.20)
+# Linksys BEFW11S4 DSL/Cable Router with Firmware 1.45z
+Fingerprint Linksys BEFW11S4 wireless DSL/Cable Router
 Class Linksys | embedded || broadband router
-TSeq(Class=RI%gcd=<6%SI=<17B7D1A&>3BAFF%IPID=Z%TS=100HZ)
-T1(DF=Y%W=16A0%ACK=S++%Flags=AS%Ops=MNNTNW)
-T2(Resp=Y%DF=N%W=800|400%ACK=S%Flags=AR%Ops=WNMETL)
-T3(Resp=Y%DF=N%W=800|1000|400%ACK=S%Flags=AR%Ops=WNMETL)
-T4(DF=N%W=1000|800%ACK=S%Flags=AR%Ops=WNMETL)
-T5(DF=Y%W=0%ACK=S++%Flags=AR%Ops=)
-T6(DF=N%W=400|1000%ACK=S%Flags=AR%Ops=WNMETL)
-T7(DF=N%W=1000|800%ACK=S%Flags=AR%Ops=WNMETL)
-PU(DF=N%TOS=C0%IPLEN=164%RIPTL=148%RID=E%RIPCK=E%UCK=E%ULEN=134%DAT=E)
+TSeq(Class=TR%gcd=<6%IPID=I)
+T1(DF=Y%W=4009%ACK=S++%Flags=AS%Ops=MNWNNT)
+T2(Resp=Y%DF=N%W=800%ACK=S++%Flags=AR%Ops=)
+T3(Resp=N)
+T4(DF=N%W=400|800|C00%ACK=S++%Flags=AR%Ops=)
+T5(DF=N%W=C00|800%ACK=S++%Flags=AR%Ops=)
+T6(DF=N%W=800|C00%ACK=S++%Flags=AR%Ops=)
+T7(DF=N%W=400|800%ACK=S++%Flags=AR%Ops=)
+PU(Resp=N)
+
+# Linksys BEFW11S4 firmware revision 1.45.10
+Fingerprint Linksys BEFW11S4 wireless DSL/Cable Router
+Class Linksys | embedded || broadband router
+TSeq(Class=TR%gcd=<6%IPID=I)
+T1(DF=Y%W=FFFF%ACK=S++%Flags=AS%Ops=MNWNNT)
+T2(Resp=N)
+T3(Resp=Y%DF=Y%W=FFFF%ACK=S++%Flags=AS%Ops=MNWNNT)
+T4(DF=N%W=0%ACK=O%Flags=R%Ops=)
+T5(DF=N%W=1000|C00%ACK=S++%Flags=AR%Ops=)
+T6(DF=N%W=800|1000%ACK=S%Flags=AR%Ops=)
+T7(DF=N%W=C00|1000|400%ACK=S++%Flags=AR%Ops=)
+PU(Resp=N)
+
+# LinkSys WRT-54G running the SVEASOFT code
+# Linksys BEFW11S4 802.11B WAP
+# Linksys BEFSR41 firmware ver. 1.40.2
+# Linksys Router: BEFW11S4 v2/v3
+Fingerprint Linksys BEFW11S4/WRT-54G wireless broadband router or BEFSR41 Cable/DSL router
+Class Linksys | embedded || broadband router
+TSeq(Class=TD|RI%gcd=<400%SI=<62C%IPID=Z|RD%TS=U)
+T1(DF=N%W=400|800|C00|1000%ACK=S++%Flags=AR%Ops=)
+T2(Resp=Y%DF=N%W=400|800|C00|1000%ACK=S%Flags=AR%Ops=)
+T3(Resp=Y%DF=N%W=400|800|C00|1000%ACK=S++%Flags=AR%Ops=)
+T4(DF=N%W=400|800|C00|1000%ACK=S%Flags=AR%Ops=)
+T5(DF=N%W=400|800|C00|1000%ACK=S++%Flags=AR%Ops=)
+T6(DF=N%W=400|800|C00|1000%ACK=S%Flags=AR%Ops=)
+T7(DF=N%W=400|800|C00|1000%ACK=S++%Flags=AR%Ops=)
+PU(DF=N%TOS=0%IPLEN=38%RIPTL=148%RID=E%RIPCK=E%UCK=E%ULEN=134%DAT=E)
+
+# Linksys WAG54G Wireless Broadband Router
+Fingerprint Linksys WAG54G Wireless Broadband Router
+Class Linksys | embedded || broadband router
+TSeq(Class=TD%gcd=<E0%SI=<1E%IPID=Z%TS=U)
+T1(DF=N%W=16D0%ACK=S++%Flags=AS%Ops=M)
+T2(Resp=Y%DF=N%W=400%ACK=S%Flags=AR%Ops=)
+T3(Resp=Y%DF=N%W=800|1000|400%ACK=S++%Flags=AR%Ops=)
+T4(DF=N%W=C00|400%ACK=S%Flags=AR%Ops=)
+T5(DF=N%W=800|400|C00%ACK=S++%Flags=AR%Ops=)
+T6(DF=N%W=C00|800|1000%ACK=S%Flags=AR%Ops=)
+T7(DF=N%W=1000|C00%ACK=S++%Flags=AR%Ops=)
+PU(DF=N%TOS=0%IPLEN=38%RIPTL=148%RID=E|F%RIPCK=E%UCK=E%ULEN=134%DAT=E)
 
 Fingerprint Linksys WAG54G Wireless Gateway
 Class Linksys | embedded || broadband router
@@ -10749,6 +10778,19 @@ T6(DF=N%W=1000|C00|800%ACK=S%Flags=AR%Ops=)
 T7(DF=N%W=400|C00%ACK=S++%Flags=AR%Ops=)
 PU(Resp=N)
 
+# Linux kernel 2.4.20 (mips) on Linksys WRT54G Wireless Broadband Router with firmware Sveasoft +Alchemy-pre7a beta build version v3.37.6.8sv
+Fingerprint Linksys WRT54G Wireless Broadband Router (Linux kernel 2.4.20)
+Class Linksys | embedded || broadband router
+TSeq(Class=RI%gcd=<6%SI=<17B7D1A&>3BAFF%IPID=Z%TS=100HZ)
+T1(DF=Y%W=16A0%ACK=S++%Flags=AS%Ops=MNNTNW)
+T2(Resp=Y%DF=N%W=800|400%ACK=S%Flags=AR%Ops=WNMETL)
+T3(Resp=Y%DF=N%W=800|1000|400%ACK=S%Flags=AR%Ops=WNMETL)
+T4(DF=N%W=1000|800%ACK=S%Flags=AR%Ops=WNMETL)
+T5(DF=Y%W=0%ACK=S++%Flags=AR%Ops=)
+T6(DF=N%W=400|1000%ACK=S%Flags=AR%Ops=WNMETL)
+T7(DF=N%W=1000|800%ACK=S%Flags=AR%Ops=WNMETL)
+PU(DF=N%TOS=C0%IPLEN=164%RIPTL=148%RID=E%RIPCK=E%UCK=E%ULEN=134%DAT=E)
+
 Fingerprint Linksys EtherFast print server
 Class Linksys | embedded || print server
 T1(DF=N%W=0|C80%ACK=S++%Flags=AR|APS%Ops=|M)
@@ -10816,61 +10858,6 @@ T6(DF=N%W=400|800|C00|1000%ACK=S%Flags=AR%Ops=)
 T7(DF=N%W=400|800|C00|1000%ACK=S++%Flags=AR%Ops=)
 PU(DF=N%TOS=0%IPLEN=38%RIPTL=148%RID=E%RIPCK=E%UCK=E%ULEN=134%DAT=E)
 
-# Linksys WAG54G Wireless Broadband Router
-Fingerprint Linksys WAG54G Wireless Broadband Router
-Class Linksys | embedded || broadband router
-TSeq(Class=TD%gcd=<E0%SI=<1E%IPID=Z%TS=U)
-T1(DF=N%W=16D0%ACK=S++%Flags=AS%Ops=M)
-T2(Resp=Y%DF=N%W=400%ACK=S%Flags=AR%Ops=)
-T3(Resp=Y%DF=N%W=800|1000|400%ACK=S++%Flags=AR%Ops=)
-T4(DF=N%W=C00|400%ACK=S%Flags=AR%Ops=)
-T5(DF=N%W=800|400|C00%ACK=S++%Flags=AR%Ops=)
-T6(DF=N%W=C00|800|1000%ACK=S%Flags=AR%Ops=)
-T7(DF=N%W=1000|C00%ACK=S++%Flags=AR%Ops=)
-PU(DF=N%TOS=0%IPLEN=38%RIPTL=148%RID=E|F%RIPCK=E%UCK=E%ULEN=134%DAT=E)
-
-# LinkSys WRT-54G running the SVEASOFT code
-# Linksys BEFW11S4 802.11B WAP
-# Linksys BEFSR41 firmware ver. 1.40.2
-# Linksys Router: BEFW11S4 v2/v3
-Fingerprint Linksys BEFW11S4/WRT-54G wireless broadband router or BEFSR41 Cable/DSL router
-Class Linksys | embedded || broadband router
-TSeq(Class=TD|RI%gcd=<400%SI=<62C%IPID=Z|RD%TS=U)
-T1(DF=N%W=400|800|C00|1000%ACK=S++%Flags=AR%Ops=)
-T2(Resp=Y%DF=N%W=400|800|C00|1000%ACK=S%Flags=AR%Ops=)
-T3(Resp=Y%DF=N%W=400|800|C00|1000%ACK=S++%Flags=AR%Ops=)
-T4(DF=N%W=400|800|C00|1000%ACK=S%Flags=AR%Ops=)
-T5(DF=N%W=400|800|C00|1000%ACK=S++%Flags=AR%Ops=)
-T6(DF=N%W=400|800|C00|1000%ACK=S%Flags=AR%Ops=)
-T7(DF=N%W=400|800|C00|1000%ACK=S++%Flags=AR%Ops=)
-PU(DF=N%TOS=0%IPLEN=38%RIPTL=148%RID=E%RIPCK=E%UCK=E%ULEN=134%DAT=E)
-
-# Linksys BEFW11S4 DSL/Cable Router with Firmware 1.45z
-Fingerprint Linksys BEFW11S4 wireless DSL/Cable Router
-Class Linksys | embedded || broadband router
-TSeq(Class=TR%gcd=<6%IPID=I)
-T1(DF=Y%W=4009%ACK=S++%Flags=AS%Ops=MNWNNT)
-T2(Resp=Y%DF=N%W=800%ACK=S++%Flags=AR%Ops=)
-T3(Resp=N)
-T4(DF=N%W=400|800|C00%ACK=S++%Flags=AR%Ops=)
-T5(DF=N%W=C00|800%ACK=S++%Flags=AR%Ops=)
-T6(DF=N%W=800|C00%ACK=S++%Flags=AR%Ops=)
-T7(DF=N%W=400|800%ACK=S++%Flags=AR%Ops=)
-PU(Resp=N)
-
-# Linksys BEFW11S4 firmware revision 1.45.10
-Fingerprint Linksys BEFW11S4 wireless DSL/Cable Router
-Class Linksys | embedded || broadband router
-TSeq(Class=TR%gcd=<6%IPID=I)
-T1(DF=Y%W=FFFF%ACK=S++%Flags=AS%Ops=MNWNNT)
-T2(Resp=N)
-T3(Resp=Y%DF=Y%W=FFFF%ACK=S++%Flags=AS%Ops=MNWNNT)
-T4(DF=N%W=0%ACK=O%Flags=R%Ops=)
-T5(DF=N%W=1000|C00%ACK=S++%Flags=AR%Ops=)
-T6(DF=N%W=800|1000%ACK=S%Flags=AR%Ops=)
-T7(DF=N%W=C00|1000|400%ACK=S++%Flags=AR%Ops=)
-PU(Resp=N)
-
 # Linksys WAP11 v2.6 firmware 1.06
 Fingerprint Linksys WAP11 Wireless AP
 Class Linksys | embedded || WAP
@@ -11254,6 +11241,19 @@ T6(DF=N%W=0%ACK=O%Flags=R%Ops=)
 T7(DF=N%W=0%ACK=S%Flags=AR%Ops=)
 PU(DF=N%TOS=C0%IPLEN=164%RIPTL=148%RID=E%RIPCK=E%UCK=F|E%ULEN=134%DAT=E)
 
+# Linux kernel 2.4.4-4GB (X86) from Red hat
+Fingerprint Linux 2.4.4
+Class Linux | Linux | 2.2.X | general purpose
+TSeq(Class=RI%gcd=<6%SI=<FC5E4&>19E%IPID=Z%TS=U)
+T1(DF=N%W=860%ACK=S++%Flags=AS%Ops=M)
+T2(Resp=N)
+T3(Resp=Y%DF=N%W=860%ACK=S++%Flags=AS%Ops=M)
+T4(DF=N%W=0%ACK=O%Flags=R%Ops=)
+T5(DF=N%W=0%ACK=S++%Flags=AR%Ops=)
+T6(DF=N%W=0%ACK=O%Flags=R%Ops=)
+T7(DF=N%W=0%ACK=S|O%Flags=AR%Ops=)
+PU(Resp=N)
+
 Fingerprint Linux 2.3.12
 Class Linux | Linux | 2.3.X | general purpose
 TSeq(Class=RI%gcd=<20%SI=>DDDD)
@@ -11380,32 +11380,6 @@ T6(DF=Y%W=0%ACK=O%Flags=R%Ops=)
 T7(DF=Y%W=0%ACK=S++%Flags=AR%Ops=)
 PU(DF=Y%TOS=C0%IPLEN=178%RIPTL=148%RID=E%RIPCK=E%UCK=E%ULEN=134%DAT=F|E)
 
-# Linux 2.4.4-4GB #1 Wed May 16 00:37:55 GMT 2001 i586 unknown
-Fingerprint Linux 2.4.4
-Class Linux | Linux | 2.4.X | general purpose
-TSeq(Class=RI%gcd=<8%SI=<10F070C&>15ACF%IPID=Z%TS=100HZ)
-T1(DF=Y%W=1678%ACK=S++%Flags=AS%Ops=MNNTNW)
-T2(Resp=N)
-T3(Resp=Y%DF=Y%W=1678%ACK=S++%Flags=AS%Ops=MNNTNW)
-T4(DF=Y%W=0%ACK=O%Flags=R%Ops=)
-T5(DF=Y%W=0%ACK=S++%Flags=AR%Ops=)
-T6(DF=Y%W=0%ACK=O%Flags=R%Ops=)
-T7(DF=Y%W=0%ACK=S++%Flags=AR%Ops=)
-PU(DF=Y%TOS=0%IPLEN=164%RIPTL=148%RID=E%RIPCK=E%UCK=E%ULEN=134%DAT=E)
-
-# Linux kernel 2.4.4-4GB (X86) from Red hat
-Fingerprint Linux 2.4.4
-Class Linux | Linux | 2.2.X | general purpose
-TSeq(Class=RI%gcd=<6%SI=<FC5E4&>19E%IPID=Z%TS=U)
-T1(DF=N%W=860%ACK=S++%Flags=AS%Ops=M)
-T2(Resp=N)
-T3(Resp=Y%DF=N%W=860%ACK=S++%Flags=AS%Ops=M)
-T4(DF=N%W=0%ACK=O%Flags=R%Ops=)
-T5(DF=N%W=0%ACK=S++%Flags=AR%Ops=)
-T6(DF=N%W=0%ACK=O%Flags=R%Ops=)
-T7(DF=N%W=0%ACK=S|O%Flags=AR%Ops=)
-PU(Resp=N)
-
 # Linux 2.4.18
 # SuSE Linux 7.3 linux-2.4.10-4GB, running on amd k6-2
 Fingerprint Linux 2.4.10 - 2.4.18
@@ -11457,6 +11431,19 @@ T6(DF=Y%W=0%ACK=O%Flags=R%Ops=)
 T7(DF=Y%W=0%ACK=S++%Flags=AR%Ops=)
 PU(DF=N%TOS=C0%IPLEN=164%RIPTL=148%RID=E%RIPCK=E%UCK=E%ULEN=134%DAT=E)
 
+# Debian/Gnu Linux 3.0 (Woody) Kernel 2.4.18-bf2.4
+Fingerprint Linux 2.4.18
+Class Linux | Linux | 2.4.X | general purpose
+TSeq(Class=RI%gcd=<6%SI=<293EE44&>69651%IPID=Z%TS=100HZ)
+T1(DF=Y%W=1680%ACK=S++%Flags=AS%Ops=MNNTNW)
+T2(Resp=N)
+T3(Resp=N)
+T4(DF=Y%W=0%ACK=O%Flags=R%Ops=)
+T5(DF=Y%W=0%ACK=S++%Flags=AR%Ops=)
+T6(DF=Y%W=0%ACK=O%Flags=R%Ops=)
+T7(Resp=N)
+PU(DF=N%TOS=C0%IPLEN=164%RIPTL=148%RID=E%RIPCK=E%UCK=F%ULEN=134%DAT=E)
+
 Fingerprint Linux 2.4.18 (PPC)
 Class Linux | Linux | 2.4.X | general purpose
 TSeq(Class=RI%gcd=<6%SI=<36CB986&>488A7%IPID=Z%TS=100HZ)
@@ -11519,6 +11506,20 @@ T6(DF=Y%W=0%ACK=O%Flags=R%Ops=)
 T7(DF=Y%W=0%ACK=S++%Flags=AR%Ops=)
 PU(DF=N%TOS=30|60|D0%IPLEN=164%RIPTL=148%RID=E%RIPCK=E%UCK=E%ULEN=134%DAT=E)
 
+# Linux 2.4.20 (Gentoo 1.2; x86)
+# Linux 2.4.18-14
+Fingerprint Linux 2.4.18 - 2.4.20 (x86)
+Class Linux | Linux | 2.4.X | general purpose
+TSeq(Class=RI%gcd=<6%SI=<2B9C772&>6FA19%IPID=Z%TS=100HZ)
+T1(DF=Y%W=3000%ACK=S++%Flags=AS%Ops=MNNTNW)
+T2(Resp=N)
+T3(Resp=Y%DF=Y%W=3000%ACK=S++%Flags=AS%Ops=MNNTNW)
+T4(DF=Y%W=0%ACK=O%Flags=R%Ops=)
+T5(DF=Y%W=0%ACK=S++%Flags=AR%Ops=)
+T6(DF=Y%W=0%ACK=O%Flags=R%Ops=)
+T7(DF=Y%W=0%ACK=S++%Flags=AR%Ops=)
+PU(DF=N%TOS=C0%IPLEN=164%RIPTL=148%RID=E%RIPCK=E%UCK=E%ULEN=134%DAT=E)
+
 # linux 2.4.20 (i586) Preemptible
 # Linux 2.4.18
 # 2.4.21-20.ELsmp SMP RedHat AS3, REL3
@@ -11534,45 +11535,34 @@ T6(DF=Y%W=0%ACK=O%Flags=R%Ops=)
 T7(DF=Y%W=0%ACK=S++%Flags=AR%Ops=)
 PU(DF=N%TOS=0|C0%IPLEN=164%RIPTL=148%RID=E%RIPCK=E%UCK=E%ULEN=134%DAT=E)
 
-# Linux 2.4.20 (Gentoo 1.2; x86)
-# Linux 2.4.18-14
-Fingerprint Linux 2.4.18 - 2.4.20 (x86)
+# Linux kernel 2.4.21-4.0.1.ELsmp x86 Dual Xeon RedHat EL3 AS3 (Red Hat Linux 3.2.3-20)
+# Linux Kernel 2.4.21-4.0.1 Red Hat Enterprise Linux ES release 3 (Taroon)
+# Linux sun 2.4.27 #3 SMP Mon Nov 1 21:24:45 GMT 2004 sparc unknown unknown GNU/Linux
+# Linux AthenA-server 2.4.18-bf2.4 #1 Son Apr 14 09:53:28 CEST 2002 i586 unknown
+Fingerprint Linux 2.4.18 - 2.4.27
 Class Linux | Linux | 2.4.X | general purpose
-TSeq(Class=RI%gcd=<6%SI=<2B9C772&>6FA19%IPID=Z%TS=100HZ)
-T1(DF=Y%W=3000%ACK=S++%Flags=AS%Ops=MNNTNW)
-T2(Resp=N)
-T3(Resp=Y%DF=Y%W=3000%ACK=S++%Flags=AS%Ops=MNNTNW)
-T4(DF=Y%W=0%ACK=O%Flags=R%Ops=)
-T5(DF=Y%W=0%ACK=S++%Flags=AR%Ops=)
-T6(DF=Y%W=0%ACK=O%Flags=R%Ops=)
-T7(DF=Y%W=0%ACK=S++%Flags=AR%Ops=)
-PU(DF=N%TOS=C0%IPLEN=164%RIPTL=148%RID=E%RIPCK=E%UCK=E%ULEN=134%DAT=E)
-
-# Debian/Gnu Linux 3.0 (Woody) Kernel 2.4.18-bf2.4
-Fingerprint Linux 2.4.18
-Class Linux | Linux | 2.4.X | general purpose
-TSeq(Class=RI%gcd=<6%SI=<293EE44&>69651%IPID=Z%TS=100HZ)
-T1(DF=Y%W=1680%ACK=S++%Flags=AS%Ops=MNNTNW)
+TSeq(Class=TR|RI%gcd=<6%SI=<2CA3968&>49B3D%IPID=Z%TS=100HZ)
+T1(DF=Y%W=16A0%ACK=S++%Flags=AS%Ops=MNNTNW)
 T2(Resp=N)
 T3(Resp=N)
 T4(DF=Y%W=0%ACK=O%Flags=R%Ops=)
 T5(DF=Y%W=0%ACK=S++%Flags=AR%Ops=)
 T6(DF=Y%W=0%ACK=O%Flags=R%Ops=)
 T7(Resp=N)
-PU(DF=N%TOS=C0%IPLEN=164%RIPTL=148%RID=E%RIPCK=E%UCK=F%ULEN=134%DAT=E)
+PU(DF=N%TOS=0%IPLEN=164%RIPTL=148%RID=E|F%RIPCK=E%UCK=E%ULEN=134%DAT=E)
 
-# Linux RedHat 2.4.18-5 #1 Mon Jun 10 15:31:48 EDT 2002 i686 unknown
-Fingerprint Linux 2.4.9 - 2.4.18
+# Linux live cd knoppix 2.4.27 (knoppix 2.6)
+Fingerprint Linux 2.4.18 - 2.4.27
 Class Linux | Linux | 2.4.X | general purpose
-TSeq(Class=RI%gcd=<6%SI=<1C3AE82&>46383%IPID=Z%TS=100HZ)
-T1(DF=Y%W=16A0%ACK=S++%Flags=AS%Ops=MNNTNW)
-T2(Resp=Y%DF=N%W=1000|400%ACK=S%Flags=AR%Ops=WNMETL)
-T3(Resp=Y%DF=N%W=1000|400%ACK=S++%Flags=AR%Ops=WNMETL)
-T4(DF=N%W=C00|800%ACK=S%Flags=AR%Ops=WNMETL)
-T5(DF=Y%W=0%ACK=S++%Flags=AR%Ops=)
-T6(DF=N%W=1000|800|400%ACK=S%Flags=AR%Ops=WNMETL)
-T7(DF=N%W=800|400|1000%ACK=S++%Flags=AR%Ops=WNMETL)
-PU(DF=N%TOS=C0%IPLEN=164%RIPTL=148%RID=E%RIPCK=E%UCK=E|F%ULEN=134%DAT=E)
+TSeq(Class=RI%gcd=<8%SI=<3859E24&>47DBA%IPID=Z%TS=100HZ)
+T1(DF=N%W=16A0%ACK=S++%Flags=AS%Ops=MNNTNW)
+T2(Resp=N)
+T3(Resp=Y%DF=N%W=16A0%ACK=S++%Flags=AS%Ops=MNNTNW)
+T4(DF=N%W=0%ACK=O%Flags=R%Ops=)
+T5(DF=N%W=0%ACK=S++%Flags=AR%Ops=)
+T6(DF=N%W=0%ACK=O%Flags=R%Ops=)
+T7(DF=N%W=0%ACK=S++%Flags=AR%Ops=)
+PU(DF=N%TOS=0%IPLEN=164%RIPTL=148%RID=E%RIPCK=E%UCK=E|F%ULEN=134%DAT=E)
 
 # Linux 2.4.18 on Alpha EV4
 # Linux 2.5.70 (x86)
@@ -11606,6 +11596,19 @@ T6(DF=N%W=0%ACK=O%Flags=RF%Ops=)
 T7(Resp=N)
 PU(DF=N%TOS=0%IPLEN=38%RIPTL=148%RID=E%RIPCK=E%UCK=F%ULEN=134%DAT=E)
 
+# Linux kernel 2.4.19C13_V (X86) Sun Cobalt RaQ550
+Fingerprint Linux 2.4.19
+Class Linux | Linux | 2.4.X | general purpose
+TSeq(Class=RI%gcd=<6%SI=<20DD6C4&>54211%IPID=Z%TS=100HZ)
+T1(DF=Y%W=16A0%ACK=O|S++%Flags=AS%Ops=MNNTNW)
+T2(Resp=Y%DF=N%W=1000|C00|400%ACK=S%Flags=AR%Ops=WNMETL)
+T3(Resp=Y%DF=N%W=800|1000%ACK=S++%Flags=AR%Ops=WNMETL)
+T4(DF=N%W=800|400%ACK=S%Flags=AR%Ops=WNMETL)
+T5(DF=Y%W=0%ACK=S++%Flags=AR%Ops=)
+T6(DF=N%W=1000|400%ACK=S%Flags=AR%Ops=WNMETL)
+T7(DF=N%W=1000|400%ACK=S++%Flags=AR%Ops=WNMETL)
+PU(DF=N%TOS=0%IPLEN=164%RIPTL=148%RID=E%RIPCK=E%UCK=E%ULEN=134%DAT=E)
+
 # Mandrake 9.1 SMP 2.4.19-16mdksmp #1 SMP Fri Sep 20 16:08:37 CEST 2002 i686 unknown unknown GNU/Linux
 Fingerprint Linux 2.4.19 (Mandrake, X86)
 Class Linux | Linux | 2.4.X | general purpose
@@ -11658,19 +11661,6 @@ T6(DF=Y%W=0%ACK=O%Flags=R%Ops=)
 T7(DF=Y%W=0%ACK=S++%Flags=AR%Ops=)
 PU(DF=N%TOS=C0%IPLEN=164%RIPTL=148%RID=E%RIPCK=E%UCK=E%ULEN=134%DAT=E)
 
-# Linux kernel 2.4.19C13_V (X86) Sun Cobalt RaQ550
-Fingerprint Linux 2.4.19
-Class Linux | Linux | 2.4.X | general purpose
-TSeq(Class=RI%gcd=<6%SI=<20DD6C4&>54211%IPID=Z%TS=100HZ)
-T1(DF=Y%W=16A0%ACK=O|S++%Flags=AS%Ops=MNNTNW)
-T2(Resp=Y%DF=N%W=1000|C00|400%ACK=S%Flags=AR%Ops=WNMETL)
-T3(Resp=Y%DF=N%W=800|1000%ACK=S++%Flags=AR%Ops=WNMETL)
-T4(DF=N%W=800|400%ACK=S%Flags=AR%Ops=WNMETL)
-T5(DF=Y%W=0%ACK=S++%Flags=AR%Ops=)
-T6(DF=N%W=1000|400%ACK=S%Flags=AR%Ops=WNMETL)
-T7(DF=N%W=1000|400%ACK=S++%Flags=AR%Ops=WNMETL)
-PU(DF=N%TOS=0%IPLEN=164%RIPTL=148%RID=E%RIPCK=E%UCK=E%ULEN=134%DAT=E)
-
 # Linux kernel 2.4.20-4GB (X86)
 Fingerprint Linux 2.4.20
 Class Linux | Linux | 2.4.X | general purpose
@@ -11684,22 +11674,6 @@ T6(DF=Y%W=0%ACK=O%Flags=R%Ops=)
 T7(DF=Y%W=0%ACK=S++%Flags=AR%Ops=)
 PU(DF=N%TOS=C0%IPLEN=164%RIPTL=148%RID=E%RIPCK=E%UCK=E%ULEN=134%DAT=E)
 
-# Linux kernel 2.4.20-wolk4.17s (X86)
-# Linux demeter 2.4.20-wolk4.17s #1 i686 unknown
-# "Devil Linux 1.2.2" 2.4.27-grsec #1 SMP i686 AuthenticAMD unknown+GNU/Linux
-# Gentoo 2.4.28-hardened-r5 (Up to date with Gentoo Hardened Patches) on a Proliant 1600R
-Fingerprint Linux 2.4.20 - 2.4.28
-Class Linux | Linux | 2.4.X | general purpose
-TSeq(Class=TR%gcd=<6%IPID=RD%TS=100HZ)
-T1(DF=Y%W=1690|16A0%ACK=S++%Flags=AS%Ops=MNNTNW)
-T2(Resp=N)
-T3(Resp=N)
-T4(DF=Y%W=0%ACK=O%Flags=R%Ops=)
-T5(DF=Y%W=0%ACK=S++%Flags=AR%Ops=)
-T6(DF=Y%W=0%ACK=O%Flags=R%Ops=)
-T7(Resp=N)
-PU(DF=N%TOS=C0%IPLEN=164%RIPTL=148%RID=E%RIPCK=E%UCK=E%ULEN=134%DAT=E)
-
 # Linux 2.4.20-wolk4.16s
 Fingerprint Linux 2.4.20
 Class Linux | Linux | 2.4.X | general purpose
@@ -11751,33 +11725,6 @@ T6(DF=N%W=0%ACK=S++%Flags=AR%Ops=)
 T7(DF=N%W=0%ACK=S++%Flags=AR%Ops=)
 PU(DF=N%TOS=C0%IPLEN=164%RIPTL=148%RID=E%RIPCK=E%UCK=E%ULEN=134%DAT=E)
 
-# Red Hat Enterprise Linux AS release 3.90 (Nahant), Kernel 2.6.8-1.528.2.10smp on an i686
-Fingerprint Linux 2.4.20 or 2.6.8
-Class Linux | Linux | 2.4.X | general purpose
-Class Linux | Linux | 2.6.X | general purpose
-TSeq(Class=RI%gcd=<6%SI=<28E2CAC&>68A83%IPID=Z%TS=1000HZ)
-T1(DF=Y%W=16A0%ACK=S++%Flags=AS%Ops=MNNTNW)
-T2(Resp=N)
-T3(Resp=Y%DF=Y%W=16A0%ACK=S++%Flags=AS%Ops=MNNTNW)
-T4(DF=Y%W=0%ACK=O%Flags=R%Ops=)
-T5(DF=Y%W=0%ACK=S++%Flags=AR%Ops=)
-T6(DF=Y%W=0%ACK=O%Flags=R%Ops=)
-T7(DF=Y%W=0%ACK=S++%Flags=AR%Ops=)
-PU(DF=N%TOS=0%IPLEN=164%RIPTL=148%RID=E%RIPCK=E%UCK=E%ULEN=134%DAT=E)
-
-# Red Hat Linux release 9 (Shrike) Kernel 2.4.20-8 on an i686
-Fingerprint Linux 2.4.20 (Red Hat)
-Class Linux | Linux | 2.4.X | general purpose
-TSeq(Class=RI%gcd=<6%SI=<1B9DCC2&>469F7%IPID=Z%TS=100HZ)
-T1(DF=Y%W=5B4%ACK=S++%Flags=AS%Ops=MNNTNW)
-T2(Resp=N)
-T3(Resp=N)
-T4(DF=Y%W=0%ACK=O%Flags=R%Ops=)
-T5(DF=Y%W=0%ACK=S++%Flags=AR%Ops=)
-T6(DF=Y%W=0%ACK=O%Flags=R%Ops=)
-T7(DF=Y%W=0%ACK=S++%Flags=AR%Ops=)
-PU(DF=N%TOS=C0%IPLEN=164%RIPTL=148%RID=E%RIPCK=E%UCK=E%ULEN=134%DAT=E)
-
 # Linux kernel 2.4.20 from ALT Linux Master 2.2 (uname -r = 2.4.20-alt16-smp)
 Fingerprint Linux 2.4.20
 Class Linux | Linux | 2.4.X | general purpose
@@ -11804,6 +11751,19 @@ T6(DF=N%W=1000|400%ACK=S%Flags=AR%Ops=WNMETL)
 T7(DF=N%W=1000|800%ACK=S++%Flags=AR%Ops=WNMETL)
 PU(DF=N%TOS=C0%IPLEN=164%RIPTL=148%RID=E%RIPCK=E%UCK=F%ULEN=134%DAT=E)
 
+# Red Hat Linux release 9 (Shrike) Kernel 2.4.20-8 on an i686
+Fingerprint Linux 2.4.20 (Red Hat)
+Class Linux | Linux | 2.4.X | general purpose
+TSeq(Class=RI%gcd=<6%SI=<1B9DCC2&>469F7%IPID=Z%TS=100HZ)
+T1(DF=Y%W=5B4%ACK=S++%Flags=AS%Ops=MNNTNW)
+T2(Resp=N)
+T3(Resp=N)
+T4(DF=Y%W=0%ACK=O%Flags=R%Ops=)
+T5(DF=Y%W=0%ACK=S++%Flags=AR%Ops=)
+T6(DF=Y%W=0%ACK=O%Flags=R%Ops=)
+T7(DF=Y%W=0%ACK=S++%Flags=AR%Ops=)
+PU(DF=N%TOS=C0%IPLEN=164%RIPTL=148%RID=E%RIPCK=E%UCK=E%ULEN=134%DAT=E)
+
 # Linux localhost 2.4.20-30.9 #1 Wed Feb 4 20:44:26 EST 2004 i686 i686 i386 GNU/Linux
 Fingerprint Linux 2.4.20 (X86, Redhat 7.3)
 Class Linux | Linux | 2.4.X | general purpose
@@ -11817,6 +11777,23 @@ T6(DF=Y%W=0%ACK=O%Flags=R%Ops=)
 T7(DF=Y%W=0%ACK=S++%Flags=AR%Ops=)
 PU(DF=N%TOS=C0%IPLEN=164%RIPTL=148%RID=E%RIPCK=E%UCK=E%ULEN=134%DAT=E)
 
+# Red Hat Linux release 9 (Shrike), Kernel Version 2.4.20-31.9.progeny.5
+# Linux 2.4.21-27.0.2.EL i686 i386 (Red Hat Enterprise Linux ES release 3 (Taroon Update 4)) + APF 0.9.3
+# Linux 2.4.21-15.0.4.ELsmp #1 SMP i686 i686 i386 GNU/Linux
+# Linux 2.4.22-1.2115.nptlsmp
+# Linux 2.4.22-1.2199.nptlsmp #1 SMP i686 i686 +i386 GNU/Linux
+Fingerprint Linux 2.4.20 - 2.4.22
+Class Linux | Linux | 2.4.X | general purpose
+TSeq(Class=RI%gcd=<6%SI=<3089154&>7C37E%IPID=Z%TS=U)
+T1(DF=Y%W=16D0%ACK=S++%Flags=AS%Ops=M)
+T2(Resp=N)
+T3(Resp=N)
+T4(DF=Y%W=0%ACK=O%Flags=R%Ops=)
+T5(DF=Y%W=0%ACK=S++%Flags=AR%Ops=)
+T6(DF=Y%W=0%ACK=O%Flags=R%Ops=)
+T7(Resp=N)
+PU(Resp=N)
+
 # Linux 2.4.20-gentoo-r5 w/grsecurity
 Fingerprint Linux 2.4.20 - 2.4.22 w/grsecurity.org patch
 Class Linux | Linux | 2.4.X | general purpose
@@ -11830,6 +11807,49 @@ T6(DF=Y%W=0%ACK=O%Flags=R%Ops=)
 T7(DF=Y%W=0%ACK=S++%Flags=AR%Ops=)
 PU(DF=N%TOS=0|C0%IPLEN=164%RIPTL=148%RID=E%RIPCK=E%UCK=E|F%ULEN=134%DAT=E)
 
+# Linux kernel 2.4.20-wolk4.17s (X86)
+# Linux demeter 2.4.20-wolk4.17s #1 i686 unknown
+# "Devil Linux 1.2.2" 2.4.27-grsec #1 SMP i686 AuthenticAMD unknown+GNU/Linux
+# Gentoo 2.4.28-hardened-r5 (Up to date with Gentoo Hardened Patches) on a Proliant 1600R
+Fingerprint Linux 2.4.20 - 2.4.28
+Class Linux | Linux | 2.4.X | general purpose
+TSeq(Class=TR%gcd=<6%IPID=RD%TS=100HZ)
+T1(DF=Y%W=1690|16A0%ACK=S++%Flags=AS%Ops=MNNTNW)
+T2(Resp=N)
+T3(Resp=N)
+T4(DF=Y%W=0%ACK=O%Flags=R%Ops=)
+T5(DF=Y%W=0%ACK=S++%Flags=AR%Ops=)
+T6(DF=Y%W=0%ACK=O%Flags=R%Ops=)
+T7(Resp=N)
+PU(DF=N%TOS=C0%IPLEN=164%RIPTL=148%RID=E%RIPCK=E%UCK=E%ULEN=134%DAT=E)
+
+Fingerprint Linux 2.4.20 or 2.6.0-test5-love3 (x86)
+Class Linux | Linux | 2.4.X | general purpose
+Class Linux | Linux | 2.6.X | general purpose
+TSeq(Class=RI%gcd=<6%SI=<DDDFF6&>23458%IPID=Z%TS=U)
+T1(DF=Y%W=16D0%ACK=S++%Flags=AS%Ops=M)
+T2(Resp=N)
+T3(Resp=Y%DF=Y%W=16D0%ACK=S++%Flags=AS%Ops=M)
+T4(DF=Y%W=0%ACK=O%Flags=R%Ops=)
+T5(DF=Y%W=0%ACK=S++%Flags=AR%Ops=)
+T6(DF=Y%W=0%ACK=O%Flags=R%Ops=)
+T7(DF=Y%W=0%ACK=S++%Flags=AR%Ops=)
+PU(DF=N%TOS=C0%IPLEN=164%RIPTL=148%RID=E%RIPCK=E%UCK=F%ULEN=134%DAT=E)
+
+# Red Hat Enterprise Linux AS release 3.90 (Nahant), Kernel 2.6.8-1.528.2.10smp on an i686
+Fingerprint Linux 2.4.20 or 2.6.8
+Class Linux | Linux | 2.4.X | general purpose
+Class Linux | Linux | 2.6.X | general purpose
+TSeq(Class=RI%gcd=<6%SI=<28E2CAC&>68A83%IPID=Z%TS=1000HZ)
+T1(DF=Y%W=16A0%ACK=S++%Flags=AS%Ops=MNNTNW)
+T2(Resp=N)
+T3(Resp=Y%DF=Y%W=16A0%ACK=S++%Flags=AS%Ops=MNNTNW)
+T4(DF=Y%W=0%ACK=O%Flags=R%Ops=)
+T5(DF=Y%W=0%ACK=S++%Flags=AR%Ops=)
+T6(DF=Y%W=0%ACK=O%Flags=R%Ops=)
+T7(DF=Y%W=0%ACK=S++%Flags=AR%Ops=)
+PU(DF=N%TOS=0%IPLEN=164%RIPTL=148%RID=E%RIPCK=E%UCK=E%ULEN=134%DAT=E)
+
 Fingerprint Linux 2.4.20 x86
 Class Linux | Linux | 2.4.X | general purpose
 TSeq(Class=RI%gcd=<8%SI=<1DB22CE&>1862A%IPID=Z%TS=100HZ)
@@ -11855,95 +11875,19 @@ T6(DF=N%W=800|C00|1000%ACK=S%Flags=AR%Ops=)
 T7(DF=N%W=C00|1000%ACK=S++%Flags=AR%Ops=)
 PU(DF=N%TOS=0%IPLEN=164%RIPTL=148%RID=E%RIPCK=E%UCK=E%ULEN=134%DAT=E)
 
-# SuSE Linux 8.1 (i386) 2.4.21 #4 SMP
-Fingerprint Linux 2.4.21 (Suse, X86)
+# Linux 2.4.21-32.0.1.ELsmp #1 i686 i686 i386 GNU/Linux
+Fingerprint Linux 2.4.21
 Class Linux | Linux | 2.4.X | general purpose
-TSeq(Class=RI%gcd=<6%SI=<2634758&>55644%IPID=Z%TS=100HZ)
-T1(DF=Y%W=16A0%ACK=S++%Flags=AS%Ops=MNNTNW)
-T2(Resp=N)
-T3(Resp=N)
-T4(DF=Y%W=0%ACK=O%Flags=R%Ops=)
-T5(DF=Y%W=0%ACK=S++%Flags=AR%Ops=)
-T6(DF=Y%W=0%ACK=O%Flags=R%Ops=)
-T7(Resp=N)
-PU(DF=N%TOS=C0%IPLEN=164%RIPTL=148%RID=E%RIPCK=E%UCK=F%ULEN=134%DAT=E)
-
-# base on msg 1058, 1776
-# Linux kernel 2.4.21-243(athlon) from SuSE 9.0
-# SuSE 9.0 with updates, kernel 2.4.21-280-default
-Fingerprint Linux 2.4.21 (Suse)
-Class Linux | Linux | 2.4.X | general purpose               
-TSeq(Class=RI%gcd=<8%SI=<243DCC4&>17466%IPID=I%TS=U)
-T1(DF=Y%W=16D0|7FFF%ACK=S++%Flags=AS%Ops=M)
-T2(Resp=N)
-T3(Resp=N)
-T4(DF=Y%W=0%ACK=O%Flags=R%Ops=)
-T5(DF=Y%W=0%ACK=S++%Flags=AR%Ops=)
-T6(DF=Y%W=0%ACK=O%Flags=R%Ops=)
-T7(DF=Y%W=0%ACK=S++%Flags=AR%Ops=)
-PU(DF=N%TOS=0|C0%IPLEN=164%RIPTL=148%RID=E%RIPCK=E%UCK=E%ULEN=134%DAT=E)
-
-# Linux kernel 2.4.21-4.0.1.ELsmp x86 Dual Xeon RedHat EL3 AS3 (Red Hat Linux 3.2.3-20)
-# Linux Kernel 2.4.21-4.0.1 Red Hat Enterprise Linux ES release 3 (Taroon)
-# Linux sun 2.4.27 #3 SMP Mon Nov 1 21:24:45 GMT 2004 sparc unknown unknown GNU/Linux
-# Linux AthenA-server 2.4.18-bf2.4 #1 Son Apr 14 09:53:28 CEST 2002 i586 unknown
-Fingerprint Linux 2.4.18 - 2.4.27
-Class Linux | Linux | 2.4.X | general purpose
-TSeq(Class=TR|RI%gcd=<6%SI=<2CA3968&>49B3D%IPID=Z%TS=100HZ)
-T1(DF=Y%W=16A0%ACK=S++%Flags=AS%Ops=MNNTNW)
-T2(Resp=N)
-T3(Resp=N)
-T4(DF=Y%W=0%ACK=O%Flags=R%Ops=)
-T5(DF=Y%W=0%ACK=S++%Flags=AR%Ops=)
-T6(DF=Y%W=0%ACK=O%Flags=R%Ops=)
-T7(Resp=N)
-PU(DF=N%TOS=0%IPLEN=164%RIPTL=148%RID=E|F%RIPCK=E%UCK=E%ULEN=134%DAT=E)
-
-# Linux 2.4.21-0.25mdk x86
-Fingerprint Linux 2.4.21 (x86)
-Class Linux | Linux | 2.4.X | general purpose
-TSeq(Class=RI%gcd=<6%SI=<2A2786A&>6BE77%IPID=I%TS=100HZ)
-T1(DF=N%W=7FFF%ACK=S++%Flags=AS%Ops=MNNTNW)
-T2(Resp=N)
-T3(Resp=Y%DF=N%W=7FFF%ACK=S++%Flags=AS%Ops=MNNTNW)
+TSeq(Class=RI%gcd=<6%SI=<31EB9A2&>7FCA1%IPID=Z%TS=U)
+T1(DF=Y%W=16D0%ACK=S++%Flags=AS%Ops=MNW)
+T2(Resp=Y%DF=Y%W=0%ACK=S%Flags=AR%Ops=)
+T3(Resp=Y%DF=Y%W=16D0%ACK=S++%Flags=AS%Ops=MNW)
 T4(DF=Y%W=0%ACK=O%Flags=R%Ops=)
 T5(DF=Y%W=0%ACK=S++%Flags=AR%Ops=)
 T6(DF=Y%W=0%ACK=O%Flags=R%Ops=)
 T7(DF=Y%W=0%ACK=S++%Flags=AR%Ops=)
 PU(DF=N%TOS=C0%IPLEN=164%RIPTL=148%RID=E%RIPCK=E%UCK=E%ULEN=134%DAT=E)
 
-# Red Hat Linux release 9 (Shrike), Kernel Version 2.4.20-31.9.progeny.5
-# Linux 2.4.21-27.0.2.EL i686 i386 (Red Hat Enterprise Linux ES release 3 (Taroon Update 4)) + APF 0.9.3
-# Linux 2.4.21-15.0.4.ELsmp #1 SMP i686 i686 i386 GNU/Linux
-# Linux 2.4.22-1.2115.nptlsmp
-# Linux 2.4.22-1.2199.nptlsmp #1 SMP i686 i686 +i386 GNU/Linux
-Fingerprint Linux 2.4.20 - 2.4.22
-Class Linux | Linux | 2.4.X | general purpose
-TSeq(Class=RI%gcd=<6%SI=<3089154&>7C37E%IPID=Z%TS=U)
-T1(DF=Y%W=16D0%ACK=S++%Flags=AS%Ops=M)
-T2(Resp=N)
-T3(Resp=N)
-T4(DF=Y%W=0%ACK=O%Flags=R%Ops=)
-T5(DF=Y%W=0%ACK=S++%Flags=AR%Ops=)
-T6(DF=Y%W=0%ACK=O%Flags=R%Ops=)
-T7(Resp=N)
-PU(Resp=N)
-
-# SuSE Linux 9.0 2.4.21-215-athlon
-# Linux 2.4.21-121-athlon; SuSE, x86
-# Linux 2.4.21-231-athlon from SuSE 9.0
-Fingerprint Linux 2.4.21 (x86 SuSE)
-Class Linux | Linux | 2.4.X | general purpose
-TSeq(Class=RI%gcd=<6%SI=<1C5FBC4&>48A1C%IPID=I%TS=1000HZ)
-T1(DF=Y%W=16A0%ACK=S++%Flags=AS%Ops=MNNTNW)
-T2(DF=Y%W=0%ACK=S%Flags=AR%Ops=)
-T3(Resp=N)
-T4(DF=Y%W=0%ACK=O%Flags=R%Ops=)
-T5(DF=Y%W=0%ACK=S++%Flags=AR%Ops=)
-T6(DF=Y%W=0%ACK=O%Flags=R%Ops=)
-T7(DF=Y%W=0%ACK=S++%Flags=AR%Ops=)
-PU(DF=N%TOS=0|C0%IPLEN=164%RIPTL=148%RID=E%RIPCK=E%UCK=E|F%ULEN=134%DAT=E)
-
 # RedHat Linux Enterprise 3 2.4.21-27.0.2.EL #1
 Fingerprint Linux 2.4.21 (RedHat)
 Class Linux | Linux | 2.4.X | general purpose
@@ -11970,6 +11914,62 @@ T6(DF=N%W=800|C00%ACK=S%Flags=AR%Ops=WNMETL)
 T7(DF=N%W=800|400%ACK=S++%Flags=AR%Ops=WNMETL)
 PU(Resp=N)
 
+# base on msg 1058, 1776
+# Linux kernel 2.4.21-243(athlon) from SuSE 9.0
+# SuSE 9.0 with updates, kernel 2.4.21-280-default
+Fingerprint Linux 2.4.21 (Suse)
+Class Linux | Linux | 2.4.X | general purpose
+TSeq(Class=RI%gcd=<8%SI=<243DCC4&>17466%IPID=I%TS=U)
+T1(DF=Y%W=16D0|7FFF%ACK=S++%Flags=AS%Ops=M)
+T2(Resp=N)
+T3(Resp=N)
+T4(DF=Y%W=0%ACK=O%Flags=R%Ops=)
+T5(DF=Y%W=0%ACK=S++%Flags=AR%Ops=)
+T6(DF=Y%W=0%ACK=O%Flags=R%Ops=)
+T7(DF=Y%W=0%ACK=S++%Flags=AR%Ops=)
+PU(DF=N%TOS=0|C0%IPLEN=164%RIPTL=148%RID=E%RIPCK=E%UCK=E%ULEN=134%DAT=E)
+
+# SuSE Linux 8.1 (i386) 2.4.21 #4 SMP
+Fingerprint Linux 2.4.21 (Suse, X86)
+Class Linux | Linux | 2.4.X | general purpose
+TSeq(Class=RI%gcd=<6%SI=<2634758&>55644%IPID=Z%TS=100HZ)
+T1(DF=Y%W=16A0%ACK=S++%Flags=AS%Ops=MNNTNW)
+T2(Resp=N)
+T3(Resp=N)
+T4(DF=Y%W=0%ACK=O%Flags=R%Ops=)
+T5(DF=Y%W=0%ACK=S++%Flags=AR%Ops=)
+T6(DF=Y%W=0%ACK=O%Flags=R%Ops=)
+T7(Resp=N)
+PU(DF=N%TOS=C0%IPLEN=164%RIPTL=148%RID=E%RIPCK=E%UCK=F%ULEN=134%DAT=E)
+
+# SuSE Linux 9.0 2.4.21-215-athlon
+# Linux 2.4.21-121-athlon; SuSE, x86
+# Linux 2.4.21-231-athlon from SuSE 9.0
+Fingerprint Linux 2.4.21 (x86 SuSE)
+Class Linux | Linux | 2.4.X | general purpose
+TSeq(Class=RI%gcd=<6%SI=<1C5FBC4&>48A1C%IPID=I%TS=1000HZ)
+T1(DF=Y%W=16A0%ACK=S++%Flags=AS%Ops=MNNTNW)
+T2(DF=Y%W=0%ACK=S%Flags=AR%Ops=)
+T3(Resp=N)
+T4(DF=Y%W=0%ACK=O%Flags=R%Ops=)
+T5(DF=Y%W=0%ACK=S++%Flags=AR%Ops=)
+T6(DF=Y%W=0%ACK=O%Flags=R%Ops=)
+T7(DF=Y%W=0%ACK=S++%Flags=AR%Ops=)
+PU(DF=N%TOS=0|C0%IPLEN=164%RIPTL=148%RID=E%RIPCK=E%UCK=E|F%ULEN=134%DAT=E)
+
+# Linux 2.4.21-0.25mdk x86
+Fingerprint Linux 2.4.21 (x86)
+Class Linux | Linux | 2.4.X | general purpose
+TSeq(Class=RI%gcd=<6%SI=<2A2786A&>6BE77%IPID=I%TS=100HZ)
+T1(DF=N%W=7FFF%ACK=S++%Flags=AS%Ops=MNNTNW)
+T2(Resp=N)
+T3(Resp=Y%DF=N%W=7FFF%ACK=S++%Flags=AS%Ops=MNNTNW)
+T4(DF=Y%W=0%ACK=O%Flags=R%Ops=)
+T5(DF=Y%W=0%ACK=S++%Flags=AR%Ops=)
+T6(DF=Y%W=0%ACK=O%Flags=R%Ops=)
+T7(DF=Y%W=0%ACK=S++%Flags=AR%Ops=)
+PU(DF=N%TOS=C0%IPLEN=164%RIPTL=148%RID=E%RIPCK=E%UCK=E%ULEN=134%DAT=E)
+
 # Linux mail2 2.4.21-4.ELsmp #1 SMP Fri Oct 3 17:52:56 EDT 2003 i686 i686 i386 GNU/Linux (Redhat Enterprise Linux AS 3)
 Fingerprint Linux 2.4.21 (x86, RedHat)
 Class Linux | Linux | 2.4.X | general purpose
@@ -11998,32 +11998,18 @@ T6(DF=Y%W=0%ACK=O%Flags=R%Ops=)
 T7(DF=Y%W=0%ACK=S++%Flags=AR%Ops=)
 PU(DF=N%TOS=C0%IPLEN=164%RIPTL=148%RID=E%RIPCK=E%UCK=E%ULEN=134%DAT=E)
 
-# Linux 2.4.21-32.0.1.ELsmp #1 i686 i686 i386 GNU/Linux
-Fingerprint Linux 2.4.21
+# Debian Linux feeshus 2.4.22-1-ipvs-686 #1
+Fingerprint Linux 2.4.22
 Class Linux | Linux | 2.4.X | general purpose
-TSeq(Class=RI%gcd=<6%SI=<31EB9A2&>7FCA1%IPID=Z%TS=U)
-T1(DF=Y%W=16D0%ACK=S++%Flags=AS%Ops=MNW)
-T2(Resp=Y%DF=Y%W=0%ACK=S%Flags=AR%Ops=)
-T3(Resp=Y%DF=Y%W=16D0%ACK=S++%Flags=AS%Ops=MNW)
-T4(DF=Y%W=0%ACK=O%Flags=R%Ops=)
-T5(DF=Y%W=0%ACK=S++%Flags=AR%Ops=)
-T6(DF=Y%W=0%ACK=O%Flags=R%Ops=)
-T7(DF=Y%W=0%ACK=S++%Flags=AR%Ops=)
-PU(DF=N%TOS=C0%IPLEN=164%RIPTL=148%RID=E%RIPCK=E%UCK=E%ULEN=134%DAT=E)
-
-# Linux Kernel 2.6.10-ck (x86) Gentoo system
-Fingerprint Linux 2.4.22 or 2.6.10
-Class Linux | Linux | 2.4.X | general purpose
-Class Linux | Linux | 2.6.X | general purpose
-TSeq(Class=RI%gcd=<6%SI=<29CB48E&>6AF95%IPID=Z%TS=U)
-T1(DF=Y%W=3000%ACK=S++%Flags=AS%Ops=M)
+TSeq(Class=RI%gcd=<6%SI=<180F182&>3D924%IPID=Z%TS=100HZ)
+T1(DF=Y%W=16A0%ACK=S++%Flags=AS%Ops=MNNTNW)
 T2(Resp=N)
-T3(Resp=Y%DF=Y%W=3000%ACK=S++%Flags=AS%Ops=M)
+T3(Resp=N)
 T4(DF=Y%W=0%ACK=O%Flags=R%Ops=)
 T5(DF=Y%W=0%ACK=S++%Flags=AR%Ops=)
 T6(DF=Y%W=0%ACK=O%Flags=R%Ops=)
-T7(DF=Y%W=0%ACK=S++%Flags=AR%Ops=)
-PU(DF=N%TOS=C0%IPLEN=164%RIPTL=148%RID=E%RIPCK=E%UCK=E%ULEN=134%DAT=E)
+T7(Resp=N)
+PU(DF=N%TOS=C8%IPLEN=164%RIPTL=148%RID=E%RIPCK=E%UCK=E%ULEN=134%DAT=E)
 
 Fingerprint Linux 2.4.22 (SPARC)
 Class Linux | Linux | 2.4.X | general purpose
@@ -12050,6 +12036,36 @@ T6(DF=Y%W=0%ACK=O%Flags=R%Ops=)
 T7(DF=Y%W=0%ACK=S++%Flags=AR%Ops=)
 PU(DF=N%TOS=C0%IPLEN=164%RIPTL=148%RID=E%RIPCK=E%UCK=E%ULEN=134%DAT=E)
 
+# Linux 2.4.22 (x86, Gentoo)
+# Linux server 2.6.7-ck5 (x86)
+# Linux lamaquina 2.6.8.1-10mdk #1 Wed Sep 8 17:00:52 CEST 2004 i686 AMD Athlon(tm) 64 Processor 3200+
+Fingerprint Linux 2.4.22 - 2.6.8
+Class Linux | Linux | 2.4.X | general purpose
+Class Linux | Linux | 2.6.X | general purpose
+TSeq(Class=RI%gcd=<8%SI=<132F658&>188E0%IPID=Z%TS=1000HZ)
+T1(DF=Y%W=1680%ACK=S++%Flags=AS%Ops=MNNTNW)
+T2(Resp=N)
+T3(Resp=Y%DF=Y%W=1680%ACK=S++%Flags=AS%Ops=MNNTNW)
+T4(DF=Y%W=0%ACK=O%Flags=R%Ops=)
+T5(DF=Y%W=0%ACK=S++%Flags=AR%Ops=)
+T6(DF=Y%W=0%ACK=O%Flags=R%Ops=)
+T7(DF=Y%W=0%ACK=S++%Flags=AR%Ops=)
+PU(DF=N%TOS=0%IPLEN=164%RIPTL=148%RID=E%RIPCK=E%UCK=E%ULEN=134%DAT=E)
+
+# Linux Kernel 2.6.10-ck (x86) Gentoo system
+Fingerprint Linux 2.4.22 or 2.6.10
+Class Linux | Linux | 2.4.X | general purpose
+Class Linux | Linux | 2.6.X | general purpose
+TSeq(Class=RI%gcd=<6%SI=<29CB48E&>6AF95%IPID=Z%TS=U)
+T1(DF=Y%W=3000%ACK=S++%Flags=AS%Ops=M)
+T2(Resp=N)
+T3(Resp=Y%DF=Y%W=3000%ACK=S++%Flags=AS%Ops=M)
+T4(DF=Y%W=0%ACK=O%Flags=R%Ops=)
+T5(DF=Y%W=0%ACK=S++%Flags=AR%Ops=)
+T6(DF=Y%W=0%ACK=O%Flags=R%Ops=)
+T7(DF=Y%W=0%ACK=S++%Flags=AR%Ops=)
+PU(DF=N%TOS=C0%IPLEN=164%RIPTL=148%RID=E%RIPCK=E%UCK=E%ULEN=134%DAT=E)
+
 # Linux 2.4.22 (x86, Gentoo)
 # Linux 2.6.7-hardened-r16 #1 x86_64 AMD Athlon(tm) 64 Processor 3000+ AuthenticAMD GNU/Linux
 # Slackware 10 kernel 2.6.7
@@ -12070,35 +12086,6 @@ T6(DF=Y%W=0%ACK=O%Flags=R%Ops=)
 T7(Resp=N)
 PU(DF=N%TOS=C0%IPLEN=164%RIPTL=148%RID=E%RIPCK=E%UCK=E%ULEN=134%DAT=E)
 
-# Linux 2.4.22 (x86, Gentoo)
-# Linux server 2.6.7-ck5 (x86)
-# Linux lamaquina 2.6.8.1-10mdk #1 Wed Sep 8 17:00:52 CEST 2004 i686 AMD Athlon(tm) 64 Processor 3200+
-Fingerprint Linux 2.4.22 - 2.6.8
-Class Linux | Linux | 2.4.X | general purpose
-Class Linux | Linux | 2.6.X | general purpose
-TSeq(Class=RI%gcd=<8%SI=<132F658&>188E0%IPID=Z%TS=1000HZ)
-T1(DF=Y%W=1680%ACK=S++%Flags=AS%Ops=MNNTNW)
-T2(Resp=N)
-T3(Resp=Y%DF=Y%W=1680%ACK=S++%Flags=AS%Ops=MNNTNW)
-T4(DF=Y%W=0%ACK=O%Flags=R%Ops=)
-T5(DF=Y%W=0%ACK=S++%Flags=AR%Ops=)
-T6(DF=Y%W=0%ACK=O%Flags=R%Ops=)
-T7(DF=Y%W=0%ACK=S++%Flags=AR%Ops=)
-PU(DF=N%TOS=0%IPLEN=164%RIPTL=148%RID=E%RIPCK=E%UCK=E%ULEN=134%DAT=E)
-
-# Debian Linux feeshus 2.4.22-1-ipvs-686 #1
-Fingerprint Linux 2.4.22
-Class Linux | Linux | 2.4.X | general purpose
-TSeq(Class=RI%gcd=<6%SI=<180F182&>3D924%IPID=Z%TS=100HZ)
-T1(DF=Y%W=16A0%ACK=S++%Flags=AS%Ops=MNNTNW)
-T2(Resp=N)
-T3(Resp=N)
-T4(DF=Y%W=0%ACK=O%Flags=R%Ops=)
-T5(DF=Y%W=0%ACK=S++%Flags=AR%Ops=)
-T6(DF=Y%W=0%ACK=O%Flags=R%Ops=)
-T7(Resp=N)
-PU(DF=N%TOS=C8%IPLEN=164%RIPTL=148%RID=E%RIPCK=E%UCK=E%ULEN=134%DAT=E)
-
 # Linux 2.4.22-gentoo-r7 (x86)
 # Linux 2.6.4-gentoo-grsec (x86) - manual patch on gentoo's kernel (gentoo-dev-sources) with grsecurity-2.0-test2-2.6.4.patch
 # Linux 2.6.10 with grsecurity 2.6.10 i686
@@ -12201,20 +12188,8 @@ T6(DF=Y%W=0%ACK=O%Flags=R%Ops=)
 T7(DF=Y%W=0%ACK=S++%Flags=AR%Ops=)
 PU(DF=N%TOS=C0%IPLEN=164%RIPTL=148%RID=E%RIPCK=E%UCK=E%ULEN=134%DAT=E)
 
-Fingerprint Linux 2.4.26-gentoo-r6 w/grsec
-Class Linux | Linux | 2.4.X | general purpose
-TSeq(Class=TR%gcd=<6%IPID=RD%TS=100HZ)
-T1(DF=Y%W=16A0%ACK=S++%Flags=AS%Ops=MNNT)
-T2(Resp=N)
-T3(Resp=Y%DF=Y%W=16A0%ACK=S++%Flags=AS%Ops=MNNT)
-T4(DF=Y%W=0%ACK=O%Flags=R%Ops=)
-T5(DF=Y%W=0%ACK=S++%Flags=AR%Ops=)
-T6(DF=Y%W=0%ACK=O%Flags=R%Ops=)
-T7(DF=Y%W=0%ACK=S++%Flags=AR%Ops=)
-PU(DF=N%TOS=C0%IPLEN=164%RIPTL=148%RID=E%RIPCK=E%UCK=E%ULEN=134%DAT=E)
-
 # Linux 2.4.26-gentoo-r6 #1 i686 Pentium III (Coppermine) GenuineIntel GNU/Linux
-Fingerprint Linux 2.4.26 
+Fingerprint Linux 2.4.26
 Class Linux | Linux | 2.4.X | general purpose
 TSeq(Class=RI%gcd=<6%SI=<298F858&>6A637%IPID=I%TS=U)
 T1(DF=N%W=7FFF%ACK=S++%Flags=AS%Ops=M)
@@ -12226,35 +12201,6 @@ T6(DF=Y%W=0%ACK=O%Flags=R%Ops=)
 T7(DF=Y%W=0%ACK=S++%Flags=AR%Ops=)
 PU(DF=N%TOS=C0%IPLEN=164%RIPTL=148%RID=E%RIPCK=E%UCK=E%ULEN=134%DAT=E)
 
-# Linux kernel 2.4.26-1.ll.rh90.ccrma from RedHat 9.0
-# Linux kernel 2.6.5-63255U10_3cl (i686(X86)) from Conectiva Linux 10
-Fingerprint Linux 2.4.26 or 2.6.5
-Class Linux | Linux | 2.4.X | general purpose
-Class Linux | Linux | 2.6.X | general purpose
-TSeq(Class=RI%gcd=<6%SI=<247BECA&>5659F%IPID=Z%TS=1000HZ)
-T1(DF=Y%W=16A0%ACK=S++%Flags=AS%Ops=MNNTNW)
-T2(Resp=N)
-T3(Resp=Y%DF=Y%W=16A0%ACK=S++%Flags=AS%Ops=MNNTNW)
-T4(DF=Y%W=0%ACK=O%Flags=R%Ops=)
-T5(DF=Y%W=0%ACK=S++%Flags=AR%Ops=)
-T6(DF=Y%W=0%ACK=O%Flags=R%Ops=)
-T7(DF=Y%W=0%ACK=S++%Flags=AR%Ops=)
-PU(DF=N%TOS=C0%IPLEN=164%RIPTL=148%RID=E%RIPCK=F%UCK=F%ULEN=134%DAT=E)
-
-# Linux 2.4.26-gentoo-r12 #5 i686 Pentium II
-# Linux 2.4.26-gentoo-r9 #14 i686 Celeron (Mendocino) GenuineIntel GNU/Linux
-Fingerprint Linux 2.4.26 (gentoo)
-Class Linux | Linux | 2.4.X | general purpose
-TSeq(Class=RI%gcd=<8%SI=<2E22EC4&>27AD8%IPID=I|RD%TS=100HZ)
-T1(DF=N|Y%W=16A0%ACK=S++%Flags=AS%Ops=MNNTNW)
-T2(Resp=N)
-T3(Resp=Y%DF=N%W=16A0%ACK=S++%Flags=AS%Ops=MNNTNW)
-T4(DF=Y%W=0%ACK=O%Flags=R%Ops=)
-T5(DF=Y%W=0%ACK=S++%Flags=AR%Ops=)
-T6(DF=Y%W=0%ACK=O%Flags=R%Ops=)
-T7(DF=Y%W=0%ACK=S++%Flags=AR%Ops=)
-PU(DF=N%TOS=C0%IPLEN=164%RIPTL=148%RID=E%RIPCK=E%UCK=E%ULEN=134%DAT=E)
-
 # Linux 2.4.26  from slackware linux 10
 Fingerprint Linux 2.4.26
 Class Linux | Linux | 2.4.X | general purpose
@@ -12294,18 +12240,46 @@ T6(DF=Y%W=0%ACK=O%Flags=R%Ops=)
 T7(DF=Y%W=0%ACK=S++%Flags=AR%Ops=)
 PU(DF=N%TOS=C0%IPLEN=164%RIPTL=148%RID=E%RIPCK=E%UCK=E%ULEN=134%DAT=E)
 
-# Linux live cd knoppix 2.4.27 (knoppix 2.6)
-Fingerprint Linux 2.4.18 - 2.4.27
+# Linux 2.4.26-gentoo-r12 #5 i686 Pentium II
+# Linux 2.4.26-gentoo-r9 #14 i686 Celeron (Mendocino) GenuineIntel GNU/Linux
+Fingerprint Linux 2.4.26 (gentoo)
 Class Linux | Linux | 2.4.X | general purpose
-TSeq(Class=RI%gcd=<8%SI=<3859E24&>47DBA%IPID=Z%TS=100HZ)
-T1(DF=N%W=16A0%ACK=S++%Flags=AS%Ops=MNNTNW)
+TSeq(Class=RI%gcd=<8%SI=<2E22EC4&>27AD8%IPID=I|RD%TS=100HZ)
+T1(DF=N|Y%W=16A0%ACK=S++%Flags=AS%Ops=MNNTNW)
 T2(Resp=N)
 T3(Resp=Y%DF=N%W=16A0%ACK=S++%Flags=AS%Ops=MNNTNW)
-T4(DF=N%W=0%ACK=O%Flags=R%Ops=)
-T5(DF=N%W=0%ACK=S++%Flags=AR%Ops=)
-T6(DF=N%W=0%ACK=O%Flags=R%Ops=)
-T7(DF=N%W=0%ACK=S++%Flags=AR%Ops=)
-PU(DF=N%TOS=0%IPLEN=164%RIPTL=148%RID=E%RIPCK=E%UCK=E|F%ULEN=134%DAT=E)
+T4(DF=Y%W=0%ACK=O%Flags=R%Ops=)
+T5(DF=Y%W=0%ACK=S++%Flags=AR%Ops=)
+T6(DF=Y%W=0%ACK=O%Flags=R%Ops=)
+T7(DF=Y%W=0%ACK=S++%Flags=AR%Ops=)
+PU(DF=N%TOS=C0%IPLEN=164%RIPTL=148%RID=E%RIPCK=E%UCK=E%ULEN=134%DAT=E)
+
+# Linux kernel 2.4.26-1.ll.rh90.ccrma from RedHat 9.0
+# Linux kernel 2.6.5-63255U10_3cl (i686(X86)) from Conectiva Linux 10
+Fingerprint Linux 2.4.26 or 2.6.5
+Class Linux | Linux | 2.4.X | general purpose
+Class Linux | Linux | 2.6.X | general purpose
+TSeq(Class=RI%gcd=<6%SI=<247BECA&>5659F%IPID=Z%TS=1000HZ)
+T1(DF=Y%W=16A0%ACK=S++%Flags=AS%Ops=MNNTNW)
+T2(Resp=N)
+T3(Resp=Y%DF=Y%W=16A0%ACK=S++%Flags=AS%Ops=MNNTNW)
+T4(DF=Y%W=0%ACK=O%Flags=R%Ops=)
+T5(DF=Y%W=0%ACK=S++%Flags=AR%Ops=)
+T6(DF=Y%W=0%ACK=O%Flags=R%Ops=)
+T7(DF=Y%W=0%ACK=S++%Flags=AR%Ops=)
+PU(DF=N%TOS=C0%IPLEN=164%RIPTL=148%RID=E%RIPCK=F%UCK=F%ULEN=134%DAT=E)
+
+Fingerprint Linux 2.4.26-gentoo-r6 w/grsec
+Class Linux | Linux | 2.4.X | general purpose
+TSeq(Class=TR%gcd=<6%IPID=RD%TS=100HZ)
+T1(DF=Y%W=16A0%ACK=S++%Flags=AS%Ops=MNNT)
+T2(Resp=N)
+T3(Resp=Y%DF=Y%W=16A0%ACK=S++%Flags=AS%Ops=MNNT)
+T4(DF=Y%W=0%ACK=O%Flags=R%Ops=)
+T5(DF=Y%W=0%ACK=S++%Flags=AR%Ops=)
+T6(DF=Y%W=0%ACK=O%Flags=R%Ops=)
+T7(DF=Y%W=0%ACK=S++%Flags=AR%Ops=)
+PU(DF=N%TOS=C0%IPLEN=164%RIPTL=148%RID=E%RIPCK=E%UCK=E%ULEN=134%DAT=E)
 
 # Linux 2.4.27-1-586tsc #1 Wed Dec 1 19:25:25 JST 2004 i586 GNU/Linux (Debian Sid)
 Fingerprint Linux 2.4.27 or D-Link DSL-500T (running linux 2.4)
@@ -12386,6 +12360,19 @@ T6(DF=Y%W=0%ACK=O%Flags=R%Ops=)
 T7(DF=Y%W=0%ACK=S++%Flags=AR%Ops=)
 PU(DF=N%TOS=C0%IPLEN=164%RIPTL=148%RID=E%RIPCK=E%UCK=E%ULEN=134%DAT=E)
 
+# Linux 2.4.4-4GB #1 Wed May 16 00:37:55 GMT 2001 i586 unknown
+Fingerprint Linux 2.4.4
+Class Linux | Linux | 2.4.X | general purpose
+TSeq(Class=RI%gcd=<8%SI=<10F070C&>15ACF%IPID=Z%TS=100HZ)
+T1(DF=Y%W=1678%ACK=S++%Flags=AS%Ops=MNNTNW)
+T2(Resp=N)
+T3(Resp=Y%DF=Y%W=1678%ACK=S++%Flags=AS%Ops=MNNTNW)
+T4(DF=Y%W=0%ACK=O%Flags=R%Ops=)
+T5(DF=Y%W=0%ACK=S++%Flags=AR%Ops=)
+T6(DF=Y%W=0%ACK=O%Flags=R%Ops=)
+T7(DF=Y%W=0%ACK=S++%Flags=AR%Ops=)
+PU(DF=Y%TOS=0%IPLEN=164%RIPTL=148%RID=E%RIPCK=E%UCK=E%ULEN=134%DAT=E)
+
 # Linux 2.4.26 #6 i686 unknown unknown GNU/Linux
 # Linux kernel 2.6.9-1.681_FC3 from Fedora Core 3
 Fingerprint Linux 2.4.6 - 2.4.26 or 2.6.9
@@ -12440,6 +12427,19 @@ T6(DF=Y%W=0%ACK=O%Flags=R%Ops=)
 T7(DF=Y%W=0%ACK=S++%Flags=AR%Ops=)
 PU(DF=N%TOS=0%IPLEN=164%RIPTL=148%RID=E%RIPCK=F%UCK=F%ULEN=134%DAT=E)
 
+# Linux RedHat 2.4.18-5 #1 Mon Jun 10 15:31:48 EDT 2002 i686 unknown
+Fingerprint Linux 2.4.9 - 2.4.18
+Class Linux | Linux | 2.4.X | general purpose
+TSeq(Class=RI%gcd=<6%SI=<1C3AE82&>46383%IPID=Z%TS=100HZ)
+T1(DF=Y%W=16A0%ACK=S++%Flags=AS%Ops=MNNTNW)
+T2(Resp=Y%DF=N%W=1000|400%ACK=S%Flags=AR%Ops=WNMETL)
+T3(Resp=Y%DF=N%W=1000|400%ACK=S++%Flags=AR%Ops=WNMETL)
+T4(DF=N%W=C00|800%ACK=S%Flags=AR%Ops=WNMETL)
+T5(DF=Y%W=0%ACK=S++%Flags=AR%Ops=)
+T6(DF=N%W=1000|800|400%ACK=S%Flags=AR%Ops=WNMETL)
+T7(DF=N%W=800|400|1000%ACK=S++%Flags=AR%Ops=WNMETL)
+PU(DF=N%TOS=C0%IPLEN=164%RIPTL=148%RID=E%RIPCK=E%UCK=E|F%ULEN=134%DAT=E)
+
 # Mandrake Communiry 10.1  (2.6.8.1-10mdk-i586-up-1GB)
 # Linux matrix 2.6.3-gentoo-r2 x86
 Fingerprint Linux 2.5.25 - 2.6.8 or Gentoo 1.2 Linux 2.4.19 rc1-rc7
@@ -12542,19 +12542,6 @@ T6(DF=Y%W=0%ACK=O%Flags=R%Ops=)
 T7(DF=Y%W=0%ACK=S++%Flags=AR%Ops=)
 PU(DF=N%TOS=C0%IPLEN=164%RIPTL=148%RID=E%RIPCK=E%UCK=E%ULEN=134%DAT=E)
 
-Fingerprint Linux 2.4.20 or 2.6.0-test5-love3 (x86)
-Class Linux | Linux | 2.4.X | general purpose
-Class Linux | Linux | 2.6.X | general purpose
-TSeq(Class=RI%gcd=<6%SI=<DDDFF6&>23458%IPID=Z%TS=U)
-T1(DF=Y%W=16D0%ACK=S++%Flags=AS%Ops=M)
-T2(Resp=N)
-T3(Resp=Y%DF=Y%W=16D0%ACK=S++%Flags=AS%Ops=M)
-T4(DF=Y%W=0%ACK=O%Flags=R%Ops=)
-T5(DF=Y%W=0%ACK=S++%Flags=AR%Ops=)
-T6(DF=Y%W=0%ACK=O%Flags=R%Ops=)
-T7(DF=Y%W=0%ACK=S++%Flags=AR%Ops=)
-PU(DF=N%TOS=C0%IPLEN=164%RIPTL=148%RID=E%RIPCK=E%UCK=F%ULEN=134%DAT=E)
-
 Fingerprint Linux 2.6.0-test7 (x86)
 Class Linux | Linux | 2.6.X | general purpose
 TSeq(Class=RI%gcd=<6%SI=<1488090&>34896%IPID=Z%TS=1000HZ)
@@ -12579,439 +12566,6 @@ T6(DF=Y%W=0%ACK=O%Flags=R%Ops=)
 T7(DF=Y%W=0%ACK=S++%Flags=AR%Ops=)
 PU(DF=N%TOS=C0%IPLEN=164%RIPTL=148%RID=E%RIPCK=E%UCK=E%ULEN=134%DAT=E)
 
-# Linux 2.6.3-gentoo-r1 #5 Wed Apr 7 13:48:31 EDT 2004 i686 Pentium III (Coppermine) GenuineIntel GNU/Linux
-# Gentoo 1.4.16; Kernel 2.6.7
-# Linux sarge 2.6.8-2-386 #1 Thu May 19 17:40:50 JST 2005 i686 GNU/Linux
-Fingerprint Linux 2.6.3 - 2.6.8
-TSeq(Class=RI%gcd=<6%SI=<16883CC&>1CD61%IPID=Z%TS=1000HZ)
-T1(DF=Y%W=16A0%ACK=S++%Flags=AS%Ops=MNNTNW)
-T2(Resp=N)
-T3(Resp=Y%DF=Y%W=16A0%ACK=S++%Flags=AS%Ops=MNNTNW)
-T4(DF=Y%W=0%ACK=O%Flags=R%Ops=)
-T5(DF=Y%W=0%ACK=S++%Flags=AR%Ops=)
-T6(DF=Y%W=0%ACK=O%Flags=R%Ops=)
-T7(DF=Y%W=0%ACK=S++%Flags=AR%Ops=)
-PU(DF=N%TOS=C0%IPLEN=164%RIPTL=148%RID=E%RIPCK=E%UCK=F%ULEN=134%DAT=E)
-
-# Linux 2.6.10-1.741_FC3 i686 athlon i386 GNU/Linux
-Fingerprint Linux 2.6.3 - 2.6.10
-Class Linux | Linux | 2.6.X | general purpose
-TSeq(Class=RI%gcd=<6%SI=<3552DC&>8860%IPID=Z%TS=1000HZ)
-T1(DF=Y%W=7FFF%ACK=S++%Flags=AS%Ops=MNNTNW)
-T2(Resp=N)
-T3(Resp=Y%DF=Y%W=7FFF%ACK=S++%Flags=AS%Ops=MNNTNW)
-T4(DF=Y%W=0%ACK=O%Flags=R%Ops=)
-T5(DF=Y%W=0%ACK=S++%Flags=AR%Ops=)
-T6(DF=Y%W=0%ACK=O%Flags=R%Ops=)
-T7(DF=Y%W=0%ACK=S++%Flags=AR%Ops=)
-PU(DF=N%TOS=C0%IPLEN=164%RIPTL=148%RID=E%RIPCK=E%UCK=E%ULEN=134%DAT=E)
-
-# Linux 2.6.3-6mdksecure #1 SMP x86_64 from Mandrake 10
-# Linux 2.6.8-p4 #1 SMP i686 GNU/Linux
-Fingerprint Linux 2.6.3 or 2.6.8
-Class Linux | Linux | 2.6.X | general purpose
-TSeq(Class=RI%gcd=<8%SI=<24F1576&>1E7BD%IPID=Z%TS=1000HZ)
-T1(DF=Y%W=16A0%ACK=S++%Flags=AS%Ops=MNNTNW)
-T2(Resp=Y%DF=N%W=0%ACK=S%Flags=AR%Ops=)
-T3(Resp=Y%DF=N%W=0%ACK=S++%Flags=AR%Ops=)
-T4(DF=N%W=0%ACK=S%Flags=R%Ops=)
-T5(DF=Y%W=0%ACK=S++%Flags=AR%Ops=)
-T6(DF=N%W=0%ACK=S%Flags=R%Ops=)
-T7(DF=N%W=0%ACK=S++%Flags=AR%Ops=)
-PU(DF=N%TOS=C0%IPLEN=164%RIPTL=148%RID=E%RIPCK=E%UCK=E%ULEN=134%DAT=E)
-
-# LINUX Suse 9.1 Professional Kernel 2.6.4 i686
-Fingerprint Linux 2.6.4 (Suse)
-Class Linux | Linux | 2.6.X | general purpose
-TSeq(Class=RI%gcd=<6%SI=<1B18996&>45556%IPID=Z%TS=1000HZ)
-T1(DF=Y%W=1680%ACK=S++%Flags=AS%Ops=MNNTNW)
-T2(Resp=N)
-T3(Resp=Y%DF=Y%W=1680%ACK=S++%Flags=AS%Ops=MNNTNW)
-T4(DF=Y%W=0%ACK=O%Flags=R%Ops=)
-T5(DF=Y%W=0%ACK=S++%Flags=AR%Ops=)
-T6(DF=Y%W=0%ACK=O%Flags=R%Ops=)
-T7(DF=Y%W=0%ACK=S++%Flags=AR%Ops=)
-PU(DF=N%TOS=C0%IPLEN=164%RIPTL=148%RID=E%RIPCK=E%UCK=F%ULEN=134%DAT=E)
-
-# Linux 2.6.5-1.358 #1 Sat May 8 09:04:50 EDT 2004 i686 i686 i386 GNU/Linux
-Fingerprint Linux 2.6.5
-Class Linux | Linux | 2.6.X | general purpose
-TSeq(Class=RI%gcd=<6%SI=<265B754&>6225F%IPID=Z%TS=1000HZ)
-T1(DF=Y%W=1680%ACK=S++%Flags=AS%Ops=MNNTNW)
-T2(Resp=N)
-T3(Resp=Y%DF=Y%W=1680%ACK=S++%Flags=AS%Ops=MNNTNW)
-T4(DF=Y%W=0%ACK=O%Flags=R%Ops=)
-T5(DF=N%W=0%ACK=S++%Flags=AR%Ops=)
-T6(DF=N%W=0%ACK=O%Flags=R%Ops=)
-T7(DF=N%W=0%ACK=S++%Flags=AR%Ops=)
-PU(Resp=N)
-
-# Linux 2.6.6-rc2-bk3
-Fingerprint Linux 2.6.6
-Class Linux | Linux | 2.6.X | general purpose
-TSeq(Class=RI%gcd=<6%SI=<2E04BFE&>4ADED%IPID=Z%TS=1000HZ)
-T1(DF=Y%W=1164%ACK=S++%Flags=AS%Ops=MNNTNW)
-T2(Resp=N)
-T3(Resp=Y%DF=Y%W=1164%ACK=S++%Flags=AS%Ops=MNNTNW)
-T4(DF=Y%W=0%ACK=O%Flags=R%Ops=)
-T5(DF=Y%W=0%ACK=S++%Flags=AR%Ops=)
-T6(DF=Y%W=0%ACK=O%Flags=R%Ops=)
-T7(DF=Y%W=0%ACK=S++%Flags=AR%Ops=)
-PU(DF=N%TOS=C0%IPLEN=164%RIPTL=148%RID=E%RIPCK=E%UCK=E%ULEN=134%DAT=E)
-
-# Linux kernel 2.6.6-1-k7 (X86) from Debian Testing
-Fingerprint Linux 2.6.6-1-k7 (X86)
-Class Linux | Linux | 2.6.X | general purpose
-TSeq(Class=RI%gcd=<6%SI=<235C288&>5A817%IPID=Z%TS=1000HZ)
-T1(DF=N%W=16A0%ACK=S++%Flags=AS%Ops=MNNTNW)
-T2(Resp=N)
-T3(Resp=Y%DF=N%W=16A0%ACK=S++%Flags=AS%Ops=MNNTNW)
-T4(DF=N%W=0%ACK=O%Flags=R%Ops=)
-T5(DF=N%W=0%ACK=S++%Flags=AR%Ops=)
-T6(DF=N%W=0%ACK=O%Flags=R%Ops=)
-T7(DF=N%W=0%ACK=S++%Flags=AR%Ops=)
-PU(DF=N%TOS=0%IPLEN=164%RIPTL=148%RID=E%RIPCK=E%UCK=E%ULEN=134%DAT=E)
-
-# Linux 2.6.7-gentoo-r11 #2 Wed Jul 28 23:25:03 PDT 2004 i686 Pentium II (Deschutes)
-# Linux  2.6.8-rc3 #1 Sat Aug 7 07:19:34 EDT 2004 i686 GNU/Linux
-# Debian Sarge GNU/Linux kernel 2.6.8-1 (i386)
-# Linux 2.6.7-hardened-r17 Gentoo
-# Linux 2.6.9-1.681_FC3smp #1 SMP i586 i586 i386 GNU/Linux (Fedora Core 3+kernel as supplied)
-# Linux 2.6.8-1-686 from Debian sid
-# SuSE Linux Prefessional 9.1, with kernel 2.6.10
-# Linux 2.6.8, PLD distribution, SMP
-# Linux 2.6.11.4-20a-default #1 i686 i686 i386 GNU/Linux from+Suse 9.3
-# Linux 2.6.8-24.11-default #1 Fri Jan 14 13:01:26 UTC 2005 i686 i686 i386 GNU/Linux
-# Linux 2.6.5-7.155.29-default #1 Thu Jun 2 12:07:05 UTC 2005 i686 i686 i386 GNU/Linux (SuSE+9.2 )
-# Linux Debian Sarge 2.6.11.7
-# Linux kernel 2.6.10-4GB (X86) with Debian GNU/Linux 3.1
-# Linux Kernel 2.6.7-1-686-smp from backports.org Debian Woody
-Fingerprint Linux 2.6.5 - 2.6.11
-Class Linux | Linux | 2.6.X | general purpose
-TSeq(Class=RI%gcd=<6%SI=<2BF6254&>70895%IPID=Z%TS=1000HZ)
-T1(DF=Y%W=15E0|16A0%ACK=S++%Flags=AS%Ops=MNNTNW)
-T2(Resp=N)
-T3(Resp=N)
-T4(DF=Y%W=0%ACK=O%Flags=R%Ops=)
-T5(DF=Y%W=0%ACK=S++%Flags=AR%Ops=)
-T6(DF=Y%W=0%ACK=O%Flags=R%Ops=)
-T7(Resp=N)
-PU(DF=N%TOS=0|C0%IPLEN=164%RIPTL=148%RID=E%RIPCK=E%UCK=E|F%ULEN=134%DAT=E)
-
-# Linux 2.6.7-tp #5 i686 GNU/Linux
-Fingerprint Linux 2.6.7
-Class Linux | Linux | 2.6.X | general purpose
-TSeq(Class=RI%gcd=<8%SI=<13C059A&>1B365%IPID=Z%TS=100HZ)
-T1(DF=Y%W=16A0%ACK=S++%Flags=AS%Ops=MNNTNW)
-T2(Resp=N)
-T3(Resp=N)
-T4(DF=Y%W=0%ACK=O%Flags=R%Ops=)
-T5(DF=Y%W=0%ACK=S++%Flags=AR%Ops=)
-T6(DF=Y%W=0%ACK=O%Flags=R%Ops=)
-T7(Resp=N)
-PU(DF=N%TOS=14%IPLEN=164%RIPTL=148%RID=E%RIPCK=E%UCK=E%ULEN=134%DAT=E)
-
-# Linux kernel 2.6.7 (X86) from Mepis
-Fingerprint Linux 2.6.7 (X86)
-Class Linux | Linux | 2.6.X | general purpose
-TSeq(Class=RI%gcd=<6%SI=<14E7284&>35813%IPID=Z%TS=U)
-T1(DF=Y%W=1800%ACK=S++%Flags=AS%Ops=MNW)
-T2(Resp=N)
-T3(Resp=Y%DF=Y%W=1800%ACK=S++%Flags=AS%Ops=MNW)
-T4(DF=Y%W=0%ACK=O%Flags=R%Ops=)
-T5(DF=Y%W=0%ACK=S++%Flags=AR%Ops=)
-T6(DF=Y%W=0%ACK=O%Flags=R%Ops=)
-T7(DF=Y%W=0%ACK=S++%Flags=AR%Ops=)
-PU(DF=N%TOS=C0%IPLEN=164%RIPTL=148%RID=E%RIPCK=E%UCK=E%ULEN=134%DAT=E)
-
-Fingerprint Linux 2.6.7 w/grsecurity.org patch
-Class Linux | Linux | 2.6.X | general purpose
-TSeq(Class=TR%gcd=<6%IPID=RD%TS=1000HZ)
-T1(DF=Y%W=16A0%ACK=S++%Flags=AS%Ops=MNNTNW)
-T2(Resp=N)
-T3(Resp=Y%DF=Y%W=16A0%ACK=S++%Flags=AS%Ops=MNNTNW)
-T4(DF=Y%W=0%ACK=O%Flags=R%Ops=)
-T5(DF=Y%W=0%ACK=S++%Flags=AR%Ops=)
-T6(DF=Y%W=0%ACK=O%Flags=R%Ops=)
-T7(DF=Y%W=0%ACK=S++%Flags=AR%Ops=)
-PU(DF=N%TOS=0%IPLEN=164%RIPTL=148%RID=E%RIPCK=E%UCK=E%ULEN=134%DAT=E)
-
-# Linux kernel 2.6.7 with grsecurity patches
-Fingerprint Linux 2.6.7
-Class Linux | Linux | 2.6.X | general purpose
-TSeq(Class=TR%gcd=<6%IPID=RD%TS=1000HZ)
-T1(DF=Y%W=16A0%ACK=S++%Flags=AS%Ops=MNNTNW)
-T2(Resp=Y%DF=Y%W=0%ACK=S%Flags=AR%Ops=)
-T3(Resp=N)
-T4(DF=Y%W=0%ACK=O%Flags=R%Ops=)
-T5(DF=Y%W=0%ACK=S++%Flags=AR%Ops=)
-T6(DF=Y%W=0%ACK=O%Flags=R%Ops=)
-T7(DF=Y%W=0%ACK=S++%Flags=AR%Ops=)
-PU(DF=N%TOS=C0%IPLEN=164%RIPTL=148%RID=E%RIPCK=E%UCK=E%ULEN=134%DAT=E)
-
-# Linux Kernel 2.6.3 (X86)
-# Linux 2.6.7 #3 Sat Jul 17 13:25:29 EEST 2004 i486
-Fingerprint Linux 2.6.3 - 2.6.7 (X86)
-Class Linux | Linux | 2.6.X | general purpose
-TSeq(Class=RI%gcd=<6%SI=<205C682&>528B7%IPID=Z%TS=1000HZ)
-T1(DF=Y%W=4000%ACK=S++%Flags=AS%Ops=MNNTNW)
-T2(Resp=N)
-T3(Resp=Y%DF=Y%W=4000%ACK=S++%Flags=AS%Ops=MNNTNW)
-T4(DF=Y%W=0%ACK=O%Flags=R%Ops=)
-T5(DF=Y%W=0%ACK=S++%Flags=AR%Ops=)
-T6(DF=Y%W=0%ACK=O%Flags=R%Ops=)
-T7(DF=Y%W=0%ACK=S++%Flags=AR%Ops=)
-PU(DF=N%TOS=C0%IPLEN=164%RIPTL=148%RID=E%RIPCK=E%UCK=E%ULEN=134%DAT=E)
-
-Fingerprint Linux kernel 2.6.4 (x86)
-Class Linux | Linux | 2.6.X | general purpose
-TSeq(Class=RI%gcd=<6%SI=<16FCF2E&>297DE%IPID=Z%TS=1000HZ)
-T1(DF=Y%W=16A0%ACK=S++%Flags=AS%Ops=MNNTNW)
-T2(Resp=N)
-T3(Resp=Y%DF=Y%W=16A0%ACK=S++%Flags=AS%Ops=MNNTNW)
-T4(DF=Y%W=0%ACK=O%Flags=R%Ops=)
-T5(DF=Y%W=0%ACK=S++%Flags=AR%Ops=)
-T6(DF=Y%W=0%ACK=O%Flags=R%Ops=)
-T7(DF=Y%W=0%ACK=S++%Flags=AR%Ops=)
-PU(DF=N%TOS=20%IPLEN=164%RIPTL=148%RID=E%RIPCK=E%UCK=F%ULEN=134%DAT=E)
-
-Fingerprint Linux kernel 2.6.4 (X86)
-Class Linux | Linux | 2.6.X | general purpose
-TSeq(Class=RI%gcd=<A%SI=<1E2EBD0&>198DF%IPID=Z%TS=1000HZ)
-T1(DF=Y%W=1680%ACK=S++%Flags=AS%Ops=MNNTNW)
-T2(Resp=Y%DF=Y%W=0%ACK=S%Flags=AR%Ops=)
-T3(Resp=Y%DF=Y%W=1680%ACK=S++%Flags=AS%Ops=MNNTNW)
-T4(DF=Y%W=0%ACK=O%Flags=R%Ops=)
-T5(DF=Y%W=0%ACK=S++%Flags=AR%Ops=)
-T6(DF=Y%W=0%ACK=O%Flags=R%Ops=)
-T7(DF=Y%W=0%ACK=S++%Flags=AR%Ops=)
-PU(DF=N%TOS=C0%IPLEN=164%RIPTL=148%RID=E%RIPCK=E%UCK=E%ULEN=134%DAT=E)
-
-# Linux 2.6.7-hardened-r16 (Gentoo hardened-dev-sources) x86
-# Linux 2.6.7-hardened-r16 #3 SMP i686  GNU/Linux (grsec+pax, gentoo hardened-dev-sources))
-Fingerprint Linux 2.6.7
-Class Linux | Linux | 2.6.X | general purpose
-TSeq(Class=TR%gcd=<6%IPID=RD%TS=1000HZ)
-T1(DF=Y%W=7FFF%ACK=S++%Flags=AS%Ops=MNNTNW)
-T2(Resp=N)
-T3(Resp=N)
-T4(DF=Y%W=0%ACK=O%Flags=R%Ops=)
-T5(DF=Y%W=0%ACK=S++%Flags=AR%Ops=)
-T6(DF=Y%W=0%ACK=O%Flags=R%Ops=)
-T7(Resp=N)
-PU(DF=N%TOS=C0%IPLEN=164%RIPTL=148%RID=E%RIPCK=E%UCK=E%ULEN=134%DAT=E)
-
-# Linux 2.6.5 (Gentoo)
-# Linux 2.6.8 (Fedora Core 2)
-# Fingerprint Linux kernel 2.6.8-1.521 Fedora 2
-Fingerprint Linux kernel 2.6.5 - 2.6.8
-Class Linux | Linux | 2.6.X | general purpose
-TSeq(Class=RI%gcd=<6%SI=<17F9116&>3D580%IPID=Z%TS=1000HZ)
-T1(DF=Y%W=16A0%ACK=S++%Flags=AS%Ops=MNNTNW)
-T2(Resp=Y%DF=Y%W=0%ACK=S%Flags=AR%Ops=)
-T3(Resp=Y%DF=Y%W=16A0%ACK=S++%Flags=AS%Ops=MNNTNW)
-T4(DF=Y%W=0%ACK=O%Flags=R%Ops=)
-T5(DF=Y%W=0%ACK=S++%Flags=AR%Ops=)
-T6(DF=Y%W=0%ACK=O%Flags=R%Ops=)
-T7(DF=Y%W=0%ACK=S++%Flags=AR%Ops=)
-PU(DF=N%TOS=0%IPLEN=164%RIPTL=148%RID=E%RIPCK=E%UCK=E%ULEN=134%DAT=E)
-
-# Linux ubuntu 2.6.8.1-5-386 #1 Sat Feb 12 00:19:31 UTC 2005 i686 GNU/Linux
-Fingerprint Linux 2.6.8 (ubuntu)
-Class Linux | Linux | 2.6.X | general purpose
-TSeq(Class=RI%gcd=<6%SI=<10F66C0&>2B6A6%IPID=Z%TS=1000HZ)
-T1(DF=Y%W=16A0%ACK=S++%Flags=AS%Ops=MNNTNW)
-T2(Resp=N)
-T3(Resp=Y%DF=Y%W=16A0%ACK=S++%Flags=AS%Ops=MNNTNW)
-T4(DF=Y%W=0%ACK=O%Flags=R%Ops=)
-T5(DF=N%W=0%ACK=S++%Flags=AR%Ops=)
-T6(DF=N%W=0%ACK=O%Flags=R%Ops=)
-T7(DF=N%W=0%ACK=S%Flags=AR%Ops=)
-PU(DF=N%TOS=0%IPLEN=38%RIPTL=15C%RID=F%RIPCK=0%UCK=0%ULEN=134%DAT=E)
-
-# Debian Sarge Kernel 2.6.8
-Fingerprint Linux 2.6.8 (Debian)
-Class Linux | Linux | 2.6.X | general purpose
-TSeq(Class=RI%gcd=<6%SI=<2C96D4E&>34B7A%IPID=Z%TS=100HZ)
-T1(DF=Y%W=16A0%ACK=S++%Flags=AS%Ops=MNNTNW)
-T2(Resp=N)
-T3(Resp=N)
-T4(DF=Y%W=0%ACK=O%Flags=R%Ops=)
-T5(DF=Y%W=0%ACK=S++%Flags=AR%Ops=)
-T6(DF=Y%W=0%ACK=O%Flags=R%Ops=)
-T7(Resp=N)
-PU(DF=Y%TOS=C0%IPLEN=164%RIPTL=148%RID=E%RIPCK=E%UCK=E%ULEN=134%DAT=E)
-
-# Linux 2.6.8-24.14-smp GNU/Linux Suse Linux 9.2 Professional
-Fingerprint Linux 2.6.8
-Class Linux | Linux | 2.6.X | general purpose
-TSeq(Class=RI%gcd=<6%SI=<C0DF46&>1ED0B%IPID=Z%TS=1000HZ)
-T1(DF=N%W=16A0%ACK=S++%Flags=AS%Ops=MNNTNW)
-T2(Resp=N)
-T3(Resp=Y%DF=N%W=16A0%ACK=S++%Flags=AS%Ops=MNNTNW)
-T4(DF=N%W=0%ACK=O%Flags=R%Ops=)
-T5(DF=N%W=0%ACK=S++%Flags=AR%Ops=)
-T6(DF=N%W=0%ACK=O%Flags=R%Ops=)
-T7(DF=N%W=0%ACK=S++%Flags=AR%Ops=)
-PU(DF=N%TOS=C0%IPLEN=164%RIPTL=148%RID=E%RIPCK=E%UCK=E%ULEN=134%DAT=E)
-
-# Linux Mandrake 10.1, i586, kernel 2.6.8.1-12mdk
-# Linux 2.6.8.1-12mdk #1 Fri Oct 1 12:53:41 CEST 2004 i686 AMD Athlon(tm) XP 3000+ unknown GNU/Linux
-Fingerprint Linux 2.6.8
-Class Linux | Linux | 2.6.X | general purpose
-TSeq(Class=RI%gcd=<6%SI=<1E91DE8&>4E3D1%IPID=Z%TS=1000HZ)
-T1(DF=Y%W=111C%ACK=S++%Flags=AS%Ops=MNNTNW)
-T2(Resp=N)
-T3(Resp=Y%DF=Y%W=111C%ACK=S++%Flags=AS%Ops=MNNTNW)
-T4(DF=Y%W=0%ACK=O%Flags=R%Ops=)
-T5(DF=Y%W=0%ACK=S++%Flags=AR%Ops=)
-T6(DF=Y%W=0%ACK=O%Flags=R%Ops=)
-T7(DF=Y%W=0%ACK=S++%Flags=AR%Ops=)
-PU(DF=N%TOS=0%IPLEN=164%RIPTL=148%RID=E%RIPCK=E%UCK=E%ULEN=134%DAT=E)
-
-# Linux 2.6.8-1.521 #1 i686 athlon i386 GNU/Linux
-Fingerprint Linux 2.6.8
-Class Linux | Linux | 2.6.X | general purpose
-TSeq(Class=RI%gcd=<6%SI=<C88D22&>20154%IPID=I%TS=1000HZ)
-T1(DF=N%W=7FFF%ACK=S++%Flags=AS%Ops=MNNTNW)
-T2(Resp=N)
-T3(Resp=Y%DF=N%W=7FFF%ACK=S++%Flags=AS%Ops=MNNTNW)
-T4(DF=Y%W=0%ACK=O%Flags=R%Ops=)
-T5(DF=Y%W=0%ACK=S++%Flags=AR%Ops=)
-T6(DF=Y%W=0%ACK=O%Flags=R%Ops=)
-T7(DF=Y%W=0%ACK=S++%Flags=AR%Ops=)
-PU(DF=N%TOS=C0%IPLEN=164%RIPTL=148%RID=E%RIPCK=E%UCK=E%ULEN=134%DAT=E)
-
-# Linux 2.6.9-gentoo-r13Hipcia #3 i686 Pentium III (Coppermine) GenuineIntel GNU/Linux
-# Linux 2.6.8-1-686-smp #1 SMP i686 GNU/Linux from Debian 3.1
-Fingerprint Linux 2.6.8 - 2.6.9
-Class Linux | Linux | 2.6.X | general purpose
-TSeq(Class=RI%gcd=<6%SI=<11DFD8E&>15CCF%IPID=Z%TS=1000HZ)
-T1(DF=Y%W=16A0%ACK=S++%Flags=AS%Ops=MNNTNW)
-T2(Resp=Y%DF=N%W=400|800|C00%ACK=S%Flags=AR%Ops=WNMETL)
-T3(Resp=Y%DF=N%W=400|800|1000%ACK=S%Flags=AR%Ops=WNMETL)
-T4(DF=N%W=C00|400|1000%ACK=S%Flags=AR%Ops=WNMETL)
-T5(DF=Y%W=0%ACK=S++%Flags=AR%Ops=)
-T6(DF=N%W=400|800|1000%ACK=S%Flags=AR%Ops=WNMETL)
-T7(DF=N%W=400|800|1000%ACK=S%Flags=AR%Ops=WNMETL)
-PU(DF=N%TOS=C0%IPLEN=164%RIPTL=148%RID=E%RIPCK=E%UCK=F%ULEN=134%DAT=E)
-
-# Linux 2.6.8-2-k7 #1 Thu May 19 18:03:29 JST 2005 i686 GNU/Linux
-# Linux 2.6.8-2-386 #1 Mon Jan 24 03:01:58 EST 2005 i686 GNU/Linux, from Debian testing
-Fingerprint Linux 2.6.8
-Class Linux | Linux | 2.6.X | general purpose
-TSeq(Class=RI%gcd=<6%SI=<32035F2&>2A223%IPID=Z%TS=1000HZ)
-T1(DF=Y%W=16A0%ACK=S++%Flags=AS%Ops=MNNTNW)
-T2(Resp=Y%DF=N%W=800|C00|1000%ACK=S%Flags=AR%Ops=WNMETL)
-T3(Resp=Y%DF=N%W=1000|400|800|C00%ACK=S++%Flags=AR%Ops=WNMETL)
-T4(DF=N%W=C00|800|1000%ACK=S%Flags=AR%Ops=WNMETL)
-T5(DF=Y%W=0%ACK=S++%Flags=AR%Ops=)
-T6(DF=N%W=1000|800|C00%ACK=S%Flags=AR%Ops=WNMETL)
-T7(DF=N%W=400|800%ACK=S++%Flags=AR%Ops=WNMETL)
-PU(DF=N%TOS=C0%IPLEN=164%RIPTL=148%RID=E%RIPCK=E%UCK=F%ULEN=134%DAT=E)
-
-# Linux 2.6.8.1-12mdk #1 i686 Intel(R) Xeon(TM) CPU 2.80GHz unknown GNU/Linux
-# Linux 2.6.8-1-k7 #1 i686 GNU/Linux
-Fingerprint Linux 2.6.8
-Class Linux | Linux | 2.6.X | general purpose
-TSeq(Class=RI%gcd=<6%SI=<18C0F36&>3F49D%IPID=Z%TS=1000HZ)
-T1(DF=Y%W=16A0%ACK=S++%Flags=AS%Ops=MNNTNW)
-T2(Resp=N)
-T3(Resp=Y%DF=Y%W=16A0%ACK=S++%Flags=AS%Ops=MNNTNW)
-T4(DF=Y%W=0%ACK=O%Flags=R%Ops=)
-T5(DF=Y%W=0%ACK=S++%Flags=AR%Ops=)
-T6(DF=Y%W=0%ACK=O%Flags=R%Ops=)
-T7(DF=Y%W=0%ACK=S++%Flags=AR%Ops=)
-PU(DF=N%TOS=14|30%IPLEN=164%RIPTL=148%RID=E%RIPCK=E%UCK=E%ULEN=134%DAT=E)
-
-# Linux kernel 2.6.8 on PLD Linux
-# Linux kernel 2.6.8.1-10mdk (x86) from Mandrake 10.1 Community
-# Linux kernel 2.6.8.1-10mdk (X86) from Mandrake 10.1 community
-# Linux kernel 2.6.7-SMP from Knoppix 3.6
-# Linux 2.6.8.1-4-k7 i686 GNU/Linux
-Fingerprint Linux 2.6.7 - 2.6.8
-Class Linux | Linux | 2.6.X | general purpose
-TSeq(Class=RI%gcd=<6%SI=<1D19DA8&>4A672%IPID=Z%TS=1000HZ)
-T1(DF=Y%W=830|159C|474C%ACK=S++%Flags=AS%Ops=MNNTNW)
-T2(Resp=N)
-T3(Resp=Y%DF=Y%W=830|159C|474C%ACK=S++%Flags=AS%Ops=MNNTNW)
-T4(DF=Y%W=0%ACK=O%Flags=R%Ops=)
-T5(DF=Y%W=0%ACK=S++%Flags=AR%Ops=)
-T6(DF=Y%W=0%ACK=O%Flags=R%Ops=)
-T7(DF=Y%W=0%ACK=S++%Flags=AR%Ops=)
-PU(DF=N%TOS=C0%IPLEN=164%RIPTL=148%RID=E%RIPCK=E%UCK=E%ULEN=134%DAT=E)
-
-# Linux kernel 2.6.8.1 from Debian sarge netinst
-# Linux kernel 2.6.11-1.27 from Fedora Core 3
-Fingerprint Linux 2.6.8 - 2.6.11
-Class Linux | Linux | 2.6.X | general purpose
-TSeq(Class=RI%gcd=<6%SI=<23C986A&>4BB91%IPID=Z%TS=1000HZ)
-T1(DF=Y%W=16A0%ACK=S++%Flags=AS%Ops=MNNT)
-T2(Resp=N)
-T3(Resp=Y%DF=Y%W=16A0%ACK=S++%Flags=AS%Ops=MNNT)
-T4(DF=Y%W=0%ACK=O%Flags=R%Ops=)
-T5(DF=Y%W=0%ACK=S++%Flags=AR%Ops=)
-T6(DF=Y%W=0%ACK=O%Flags=R%Ops=)
-T7(DF=Y%W=0%ACK=S++%Flags=AR%Ops=)
-PU(DF=N%TOS=C0%IPLEN=164%RIPTL=148%RID=E%RIPCK=E%UCK=E%ULEN=134%DAT=E)
-
-# Linux 2.6.9 #1 i686
-# Linux kernel 2.6.9 (PIII-80Mhz)
-Fingerprint Linux 2.6.9
-Class Linux | Linux | 2.6.X | general purpose
-TSeq(Class=RI%gcd=<6%SI=<2AB93AA&>6D5A3%IPID=Z%TS=1000HZ)
-T1(DF=Y%W=16A0%ACK=S++%Flags=AS%Ops=MNNTNW)
-T2(Resp=N)
-T3(Resp=Y%DF=Y%W=16A0%ACK=S++%Flags=AS%Ops=MNNTNW)
-T4(DF=Y%W=0%ACK=O%Flags=R%Ops=)
-T5(DF=Y%W=0%ACK=S++%Flags=AR%Ops=)
-T6(DF=Y%W=0%ACK=O%Flags=R%Ops=)
-T7(DF=Y%W=0%ACK=S++%Flags=AR%Ops=)
-PU(DF=N%TOS=28|40%IPLEN=164%RIPTL=148%RID=E%RIPCK=E%UCK=E%ULEN=134%DAT=E)
-
-# Slackware current kernel 2.6.9
-# Fedora Core 3 Linux Kernel 2.6.9 x86 (i386)
-# Linux kernel 2.6.4-52 from (X86) SuSE Linux 9.1
-# Debian Sarge Linux 2.6.6-1, i686 (x86)
-Fingerprint Linux 2.6.4 - 2.6.9
-Class Linux | Linux | 2.6.X | general purpose
-TSeq(Class=RI%gcd=<6%SI=<28A04EC&>2F60A%IPID=Z%TS=1000HZ)
-T1(DF=Y%W=16A0%ACK=S++%Flags=AS%Ops=MNNTNW)
-T2(Resp=N)
-T3(Resp=Y%DF=Y%W=16A0%ACK=S++%Flags=AS%Ops=MNNTNW)
-T4(DF=Y%W=0%ACK=O%Flags=R%Ops=)
-T5(DF=N%W=1000|800|C00|400%ACK=S++%Flags=AR%Ops=)
-T6(DF=N%W=C00|1000|400|800%ACK=S%Flags=AR%Ops=)
-T7(DF=N%W=800|1000|C00%ACK=S++%Flags=AR%Ops=)
-PU(DF=N%TOS=0%IPLEN=38%RIPTL=148%RID=E%RIPCK=F%UCK=F%ULEN=134%DAT=E)
-
-# Linux 2.6.9-1.649 FC Rawhide
-# Linux kernel 2.6.9 (x86_64) from kernel.org
-Fingerprint Linux 2.6.9
-Class Linux | Linux | 2.6.X | general purpose
-TSeq(Class=RI%gcd=<6%SI=<13935EA&>32119%IPID=Z%TS=1000HZ)
-T1(DF=Y%W=5AC|1540%ACK=S++%Flags=AS%Ops=MNNTNW)
-T2(Resp=N)
-T3(Resp=Y%DF=Y%W=5AC|1540%ACK=S++%Flags=AS%Ops=MNNTNW)
-T4(DF=Y%W=0%ACK=O%Flags=R%Ops=)
-T5(DF=Y%W=0%ACK=S++%Flags=AR%Ops=)
-T6(DF=Y%W=0%ACK=O%Flags=R%Ops=)
-T7(DF=Y%W=0%ACK=S++%Flags=AR%Ops=)
-PU(DF=N%TOS=0%IPLEN=164%RIPTL=148%RID=E%RIPCK=E%UCK=E%ULEN=134%DAT=E)
-
-# Linux 2.6.9-1.681_FC3 #1 i686 i686 i386 GNU/Linux Fedora Core 3
-Fingerprint Linux 2.6.9
-Class Linux | Linux | 2.6.X | general purpose
-TSeq(Class=RI%gcd=<6%SI=<1BA9D60&>26DF4%IPID=Z%TS=1000HZ)
-T1(DF=Y%W=16A0%ACK=S++%Flags=AS%Ops=MNNTNW)
-T2(Resp=Y%DF=Y%W=0%ACK=S%Flags=AR%Ops=)
-T3(Resp=Y%DF=Y%W=0%ACK=O%Flags=AR%Ops=)
-T4(DF=Y%W=0%ACK=O%Flags=R%Ops=)
-T5(DF=Y%W=0%ACK=S++%Flags=AR%Ops=)
-T6(DF=Y%W=0%ACK=O%Flags=R%Ops=)
-T7(DF=Y%W=0%ACK=S++%Flags=AR%Ops=)
-PU(DF=N%TOS=C0%IPLEN=164%RIPTL=148%RID=E%RIPCK=E%UCK=E%ULEN=134%DAT=E)
-
 # Gentoo Linux running on a UML client, Linux 2.6.10-linode12 #1 i686 UML User Mode
 Fingerprint Linux 2.6.10
 Class Linux | Linux | 2.6.X | general purpose
@@ -13025,21 +12579,6 @@ T6(DF=Y%W=0%ACK=O%Flags=R%Ops=)
 T7(Resp=N)
 PU(DF=N%TOS=0%IPLEN=164%RIPTL=148%RID=E%RIPCK=F%UCK=F%ULEN=134%DAT=E)
 
-# Linux runerm 2.6.10-kanotix-8 #1 Wed Feb 2 16:49:31 GMT 2005 i686 GNU/Linux
-# Linux Kernel 2.6.11 With some Fixes from debian/kanotix
-# debian 3.1 kernel : 2.6.11-rc7
-Fingerprint Linux 2.6.10 - 2.6.11
-Class Linux | Linux | 2.6.X | general purpose
-TSeq(Class=RI%gcd=<6%SI=<249F172&>5DBEE%IPID=Z%TS=U)
-T1(DF=Y%W=16D0%ACK=O|S++%Flags=AS%Ops=M)
-T2(Resp=N)
-T3(Resp=N)
-T4(DF=Y%W=0%ACK=O%Flags=R%Ops=)
-T5(DF=Y%W=0%ACK=S++%Flags=AR%Ops=)
-T6(DF=Y%W=0%ACK=O%Flags=R%Ops=)
-T7(Resp=N)
-PU(DF=N%TOS=C0%IPLEN=164%RIPTL=148%RID=E%RIPCK=E%UCK=E%ULEN=134%DAT=E)
-
 # Linux 2.6.10 i686 on IBM Thinkpad T30
 # Linux barton 2.6.10-gentoo-r6 Gentoo
 # Linux 2.6.10-grsec #1 Fri Jan 28 00:37:15 CET 2005 i686 GNU/Linux
@@ -13096,6 +12635,171 @@ T6(DF=Y%W=0%ACK=O%Flags=R%Ops=)
 T7(DF=Y%W=0%ACK=S++%Flags=AR%Ops=)
 PU(DF=N%TOS=0%IPLEN=164%RIPTL=148%RID=E%RIPCK=F%UCK=F%ULEN=134%DAT=E)
 
+# Linux runerm 2.6.10-kanotix-8 #1 Wed Feb 2 16:49:31 GMT 2005 i686 GNU/Linux
+# Linux Kernel 2.6.11 With some Fixes from debian/kanotix
+# debian 3.1 kernel : 2.6.11-rc7
+Fingerprint Linux 2.6.10 - 2.6.11
+Class Linux | Linux | 2.6.X | general purpose
+TSeq(Class=RI%gcd=<6%SI=<249F172&>5DBEE%IPID=Z%TS=U)
+T1(DF=Y%W=16D0%ACK=O|S++%Flags=AS%Ops=M)
+T2(Resp=N)
+T3(Resp=N)
+T4(DF=Y%W=0%ACK=O%Flags=R%Ops=)
+T5(DF=Y%W=0%ACK=S++%Flags=AR%Ops=)
+T6(DF=Y%W=0%ACK=O%Flags=R%Ops=)
+T7(Resp=N)
+PU(DF=N%TOS=C0%IPLEN=164%RIPTL=148%RID=E%RIPCK=E%UCK=E%ULEN=134%DAT=E)
+
+# Linux linux 2.6.11.9 #1 Sat May 14 00:49:06 CEST 2005 i686 unknown unknown GNU/Linux
+Fingerprint Linux 2.6.11
+Class Linux | Linux | 2.6.X | general purpose
+TSeq(Class=TR%gcd=<6%IPID=Z%TS=1000HZ)
+T1(DF=Y%W=1680%ACK=S++%Flags=AS%Ops=MNNTNW)
+T2(Resp=Y%DF=N%W=400|1000%ACK=S%Flags=AR%Ops=WNMETL)
+T3(Resp=Y%DF=N%W=800|C00|1000%ACK=S%Flags=AR%Ops=WNMETL)
+T4(DF=N%W=800|400|C00%ACK=S%Flags=AR%Ops=WNMETL)
+T5(DF=Y%W=0%ACK=S++%Flags=AR%Ops=)
+T6(DF=N%W=400|1000%ACK=S%Flags=AR%Ops=WNMETL)
+T7(DF=N%W=C00%ACK=S%Flags=AR%Ops=WNMETL)
+PU(DF=N%TOS=0%IPLEN=164%RIPTL=148%RID=E%RIPCK=E%UCK=E%ULEN=134%DAT=E)
+
+# Linux 2.6.11 (gentoo-dev-sources)
+Fingerprint Linux 2.6.11 (gentoo)
+Class Linux | Linux | 2.6.X | general purpose
+TSeq(Class=RI%gcd=<6%SI=<1F96C34&>50AA5%IPID=Z%TS=1000HZ)
+T1(DF=Y%W=7D0%ACK=S++%Flags=AS%Ops=MNNTNW)
+T2(Resp=N)
+T3(Resp=Y%DF=Y%W=7D0%ACK=S++%Flags=AS%Ops=MNNTNW)
+T4(DF=Y%W=0%ACK=O%Flags=R%Ops=)
+T5(DF=Y%W=0%ACK=S++%Flags=AR%Ops=)
+T6(DF=Y%W=0%ACK=O%Flags=R%Ops=)
+T7(DF=Y%W=0%ACK=S++%Flags=AR%Ops=)
+PU(Resp=N)
+
+# Linux 2.6.10-1.741_FC3 i686 athlon i386 GNU/Linux
+Fingerprint Linux 2.6.3 - 2.6.10
+Class Linux | Linux | 2.6.X | general purpose
+TSeq(Class=RI%gcd=<6%SI=<3552DC&>8860%IPID=Z%TS=1000HZ)
+T1(DF=Y%W=7FFF%ACK=S++%Flags=AS%Ops=MNNTNW)
+T2(Resp=N)
+T3(Resp=Y%DF=Y%W=7FFF%ACK=S++%Flags=AS%Ops=MNNTNW)
+T4(DF=Y%W=0%ACK=O%Flags=R%Ops=)
+T5(DF=Y%W=0%ACK=S++%Flags=AR%Ops=)
+T6(DF=Y%W=0%ACK=O%Flags=R%Ops=)
+T7(DF=Y%W=0%ACK=S++%Flags=AR%Ops=)
+PU(DF=N%TOS=C0%IPLEN=164%RIPTL=148%RID=E%RIPCK=E%UCK=E%ULEN=134%DAT=E)
+
+# Linux Kernel 2.6.3 (X86)
+# Linux 2.6.7 #3 Sat Jul 17 13:25:29 EEST 2004 i486
+Fingerprint Linux 2.6.3 - 2.6.7 (X86)
+Class Linux | Linux | 2.6.X | general purpose
+TSeq(Class=RI%gcd=<6%SI=<205C682&>528B7%IPID=Z%TS=1000HZ)
+T1(DF=Y%W=4000%ACK=S++%Flags=AS%Ops=MNNTNW)
+T2(Resp=N)
+T3(Resp=Y%DF=Y%W=4000%ACK=S++%Flags=AS%Ops=MNNTNW)
+T4(DF=Y%W=0%ACK=O%Flags=R%Ops=)
+T5(DF=Y%W=0%ACK=S++%Flags=AR%Ops=)
+T6(DF=Y%W=0%ACK=O%Flags=R%Ops=)
+T7(DF=Y%W=0%ACK=S++%Flags=AR%Ops=)
+PU(DF=N%TOS=C0%IPLEN=164%RIPTL=148%RID=E%RIPCK=E%UCK=E%ULEN=134%DAT=E)
+
+# Linux 2.6.3-gentoo-r1 #5 Wed Apr 7 13:48:31 EDT 2004 i686 Pentium III (Coppermine) GenuineIntel GNU/Linux
+# Gentoo 1.4.16; Kernel 2.6.7
+# Linux sarge 2.6.8-2-386 #1 Thu May 19 17:40:50 JST 2005 i686 GNU/Linux
+Fingerprint Linux 2.6.3 - 2.6.8
+Class Linux | Linux | 2.6.X | general purpose
+TSeq(Class=RI%gcd=<6%SI=<16883CC&>1CD61%IPID=Z%TS=1000HZ)
+T1(DF=Y%W=16A0%ACK=S++%Flags=AS%Ops=MNNTNW)
+T2(Resp=N)
+T3(Resp=Y%DF=Y%W=16A0%ACK=S++%Flags=AS%Ops=MNNTNW)
+T4(DF=Y%W=0%ACK=O%Flags=R%Ops=)
+T5(DF=Y%W=0%ACK=S++%Flags=AR%Ops=)
+T6(DF=Y%W=0%ACK=O%Flags=R%Ops=)
+T7(DF=Y%W=0%ACK=S++%Flags=AR%Ops=)
+PU(DF=N%TOS=C0%IPLEN=164%RIPTL=148%RID=E%RIPCK=E%UCK=F%ULEN=134%DAT=E)
+
+# Linux 2.6.3-6mdksecure #1 SMP x86_64 from Mandrake 10
+# Linux 2.6.8-p4 #1 SMP i686 GNU/Linux
+Fingerprint Linux 2.6.3 or 2.6.8
+Class Linux | Linux | 2.6.X | general purpose
+TSeq(Class=RI%gcd=<8%SI=<24F1576&>1E7BD%IPID=Z%TS=1000HZ)
+T1(DF=Y%W=16A0%ACK=S++%Flags=AS%Ops=MNNTNW)
+T2(Resp=Y%DF=N%W=0%ACK=S%Flags=AR%Ops=)
+T3(Resp=Y%DF=N%W=0%ACK=S++%Flags=AR%Ops=)
+T4(DF=N%W=0%ACK=S%Flags=R%Ops=)
+T5(DF=Y%W=0%ACK=S++%Flags=AR%Ops=)
+T6(DF=N%W=0%ACK=S%Flags=R%Ops=)
+T7(DF=N%W=0%ACK=S++%Flags=AR%Ops=)
+PU(DF=N%TOS=C0%IPLEN=164%RIPTL=148%RID=E%RIPCK=E%UCK=E%ULEN=134%DAT=E)
+
+# LINUX Suse 9.1 Professional Kernel 2.6.4 i686
+Fingerprint Linux 2.6.4 (Suse)
+Class Linux | Linux | 2.6.X | general purpose
+TSeq(Class=RI%gcd=<6%SI=<1B18996&>45556%IPID=Z%TS=1000HZ)
+T1(DF=Y%W=1680%ACK=S++%Flags=AS%Ops=MNNTNW)
+T2(Resp=N)
+T3(Resp=Y%DF=Y%W=1680%ACK=S++%Flags=AS%Ops=MNNTNW)
+T4(DF=Y%W=0%ACK=O%Flags=R%Ops=)
+T5(DF=Y%W=0%ACK=S++%Flags=AR%Ops=)
+T6(DF=Y%W=0%ACK=O%Flags=R%Ops=)
+T7(DF=Y%W=0%ACK=S++%Flags=AR%Ops=)
+PU(DF=N%TOS=C0%IPLEN=164%RIPTL=148%RID=E%RIPCK=E%UCK=F%ULEN=134%DAT=E)
+
+# Slackware current kernel 2.6.9
+# Fedora Core 3 Linux Kernel 2.6.9 x86 (i386)
+# Linux kernel 2.6.4-52 from (X86) SuSE Linux 9.1
+# Debian Sarge Linux 2.6.6-1, i686 (x86)
+Fingerprint Linux 2.6.4 - 2.6.9
+Class Linux | Linux | 2.6.X | general purpose
+TSeq(Class=RI%gcd=<6%SI=<28A04EC&>2F60A%IPID=Z%TS=1000HZ)
+T1(DF=Y%W=16A0%ACK=S++%Flags=AS%Ops=MNNTNW)
+T2(Resp=N)
+T3(Resp=Y%DF=Y%W=16A0%ACK=S++%Flags=AS%Ops=MNNTNW)
+T4(DF=Y%W=0%ACK=O%Flags=R%Ops=)
+T5(DF=N%W=1000|800|C00|400%ACK=S++%Flags=AR%Ops=)
+T6(DF=N%W=C00|1000|400|800%ACK=S%Flags=AR%Ops=)
+T7(DF=N%W=800|1000|C00%ACK=S++%Flags=AR%Ops=)
+PU(DF=N%TOS=0%IPLEN=38%RIPTL=148%RID=E%RIPCK=F%UCK=F%ULEN=134%DAT=E)
+
+# Linux 2.6.5-1.358 #1 Sat May 8 09:04:50 EDT 2004 i686 i686 i386 GNU/Linux
+Fingerprint Linux 2.6.5
+Class Linux | Linux | 2.6.X | general purpose
+TSeq(Class=RI%gcd=<6%SI=<265B754&>6225F%IPID=Z%TS=1000HZ)
+T1(DF=Y%W=1680%ACK=S++%Flags=AS%Ops=MNNTNW)
+T2(Resp=N)
+T3(Resp=Y%DF=Y%W=1680%ACK=S++%Flags=AS%Ops=MNNTNW)
+T4(DF=Y%W=0%ACK=O%Flags=R%Ops=)
+T5(DF=N%W=0%ACK=S++%Flags=AR%Ops=)
+T6(DF=N%W=0%ACK=O%Flags=R%Ops=)
+T7(DF=N%W=0%ACK=S++%Flags=AR%Ops=)
+PU(Resp=N)
+
+# Linux 2.6.7-gentoo-r11 #2 Wed Jul 28 23:25:03 PDT 2004 i686 Pentium II (Deschutes)
+# Linux  2.6.8-rc3 #1 Sat Aug 7 07:19:34 EDT 2004 i686 GNU/Linux
+# Debian Sarge GNU/Linux kernel 2.6.8-1 (i386)
+# Linux 2.6.7-hardened-r17 Gentoo
+# Linux 2.6.9-1.681_FC3smp #1 SMP i586 i586 i386 GNU/Linux (Fedora Core 3+kernel as supplied)
+# Linux 2.6.8-1-686 from Debian sid
+# SuSE Linux Prefessional 9.1, with kernel 2.6.10
+# Linux 2.6.8, PLD distribution, SMP
+# Linux 2.6.11.4-20a-default #1 i686 i686 i386 GNU/Linux from+Suse 9.3
+# Linux 2.6.8-24.11-default #1 Fri Jan 14 13:01:26 UTC 2005 i686 i686 i386 GNU/Linux
+# Linux 2.6.5-7.155.29-default #1 Thu Jun 2 12:07:05 UTC 2005 i686 i686 i386 GNU/Linux (SuSE+9.2 )
+# Linux Debian Sarge 2.6.11.7
+# Linux kernel 2.6.10-4GB (X86) with Debian GNU/Linux 3.1
+# Linux Kernel 2.6.7-1-686-smp from backports.org Debian Woody
+Fingerprint Linux 2.6.5 - 2.6.11
+Class Linux | Linux | 2.6.X | general purpose
+TSeq(Class=RI%gcd=<6%SI=<2BF6254&>70895%IPID=Z%TS=1000HZ)
+T1(DF=Y%W=15E0|16A0%ACK=S++%Flags=AS%Ops=MNNTNW)
+T2(Resp=N)
+T3(Resp=N)
+T4(DF=Y%W=0%ACK=O%Flags=R%Ops=)
+T5(DF=Y%W=0%ACK=S++%Flags=AR%Ops=)
+T6(DF=Y%W=0%ACK=O%Flags=R%Ops=)
+T7(Resp=N)
+PU(DF=N%TOS=0|C0%IPLEN=164%RIPTL=148%RID=E%RIPCK=E%UCK=E|F%ULEN=134%DAT=E)
+
 # Linux 2.6.9 #1 i686 Intel(R) Pentium(R) 4 CPU 3.06GHz+GenuineIntel GNU/Linux
 # Linux kernel 2.6.10-rc3 from Gentoo on an Ultra 1 (sparc)
 # Linux 2.6.5 i686 P42.00GHz, Gentoo Base System version 1.6.6, Portage+2.0.51-r3
@@ -13112,19 +12816,222 @@ T6(DF=N%W=400|C00|1000%ACK=S%Flags=AR%Ops=WNMETL)
 T7(DF=N%W=C00|1000%ACK=S++%Flags=AR%Ops=WNMETL)
 PU(DF=N%TOS=0|C0%IPLEN=164%RIPTL=148%RID=E%RIPCK=E%UCK=F%ULEN=134%DAT=E)
 
-# Linux linux 2.6.11.9 #1 Sat May 14 00:49:06 CEST 2005 i686 unknown unknown GNU/Linux
-Fingerprint Linux 2.6.11
+# Linux 2.6.6-rc2-bk3
+Fingerprint Linux 2.6.6
 Class Linux | Linux | 2.6.X | general purpose
-TSeq(Class=TR%gcd=<6%IPID=Z%TS=1000HZ)
-T1(DF=Y%W=1680%ACK=S++%Flags=AS%Ops=MNNTNW)
-T2(Resp=Y%DF=N%W=400|1000%ACK=S%Flags=AR%Ops=WNMETL)
-T3(Resp=Y%DF=N%W=800|C00|1000%ACK=S%Flags=AR%Ops=WNMETL)
-T4(DF=N%W=800|400|C00%ACK=S%Flags=AR%Ops=WNMETL)
+TSeq(Class=RI%gcd=<6%SI=<2E04BFE&>4ADED%IPID=Z%TS=1000HZ)
+T1(DF=Y%W=1164%ACK=S++%Flags=AS%Ops=MNNTNW)
+T2(Resp=N)
+T3(Resp=Y%DF=Y%W=1164%ACK=S++%Flags=AS%Ops=MNNTNW)
+T4(DF=Y%W=0%ACK=O%Flags=R%Ops=)
 T5(DF=Y%W=0%ACK=S++%Flags=AR%Ops=)
-T6(DF=N%W=400|1000%ACK=S%Flags=AR%Ops=WNMETL)
-T7(DF=N%W=C00%ACK=S%Flags=AR%Ops=WNMETL)
+T6(DF=Y%W=0%ACK=O%Flags=R%Ops=)
+T7(DF=Y%W=0%ACK=S++%Flags=AR%Ops=)
+PU(DF=N%TOS=C0%IPLEN=164%RIPTL=148%RID=E%RIPCK=E%UCK=E%ULEN=134%DAT=E)
+
+# Linux kernel 2.6.6-1-k7 (X86) from Debian Testing
+Fingerprint Linux 2.6.6-1-k7 (X86)
+Class Linux | Linux | 2.6.X | general purpose
+TSeq(Class=RI%gcd=<6%SI=<235C288&>5A817%IPID=Z%TS=1000HZ)
+T1(DF=N%W=16A0%ACK=S++%Flags=AS%Ops=MNNTNW)
+T2(Resp=N)
+T3(Resp=Y%DF=N%W=16A0%ACK=S++%Flags=AS%Ops=MNNTNW)
+T4(DF=N%W=0%ACK=O%Flags=R%Ops=)
+T5(DF=N%W=0%ACK=S++%Flags=AR%Ops=)
+T6(DF=N%W=0%ACK=O%Flags=R%Ops=)
+T7(DF=N%W=0%ACK=S++%Flags=AR%Ops=)
 PU(DF=N%TOS=0%IPLEN=164%RIPTL=148%RID=E%RIPCK=E%UCK=E%ULEN=134%DAT=E)
 
+# Linux 2.6.7-tp #5 i686 GNU/Linux
+Fingerprint Linux 2.6.7
+Class Linux | Linux | 2.6.X | general purpose
+TSeq(Class=RI%gcd=<8%SI=<13C059A&>1B365%IPID=Z%TS=100HZ)
+T1(DF=Y%W=16A0%ACK=S++%Flags=AS%Ops=MNNTNW)
+T2(Resp=N)
+T3(Resp=N)
+T4(DF=Y%W=0%ACK=O%Flags=R%Ops=)
+T5(DF=Y%W=0%ACK=S++%Flags=AR%Ops=)
+T6(DF=Y%W=0%ACK=O%Flags=R%Ops=)
+T7(Resp=N)
+PU(DF=N%TOS=14%IPLEN=164%RIPTL=148%RID=E%RIPCK=E%UCK=E%ULEN=134%DAT=E)
+
+# Linux kernel 2.6.7 with grsecurity patches
+Fingerprint Linux 2.6.7
+Class Linux | Linux | 2.6.X | general purpose
+TSeq(Class=TR%gcd=<6%IPID=RD%TS=1000HZ)
+T1(DF=Y%W=16A0%ACK=S++%Flags=AS%Ops=MNNTNW)
+T2(Resp=Y%DF=Y%W=0%ACK=S%Flags=AR%Ops=)
+T3(Resp=N)
+T4(DF=Y%W=0%ACK=O%Flags=R%Ops=)
+T5(DF=Y%W=0%ACK=S++%Flags=AR%Ops=)
+T6(DF=Y%W=0%ACK=O%Flags=R%Ops=)
+T7(DF=Y%W=0%ACK=S++%Flags=AR%Ops=)
+PU(DF=N%TOS=C0%IPLEN=164%RIPTL=148%RID=E%RIPCK=E%UCK=E%ULEN=134%DAT=E)
+
+# Linux 2.6.7-hardened-r16 (Gentoo hardened-dev-sources) x86
+# Linux 2.6.7-hardened-r16 #3 SMP i686  GNU/Linux (grsec+pax, gentoo hardened-dev-sources))
+Fingerprint Linux 2.6.7
+Class Linux | Linux | 2.6.X | general purpose
+TSeq(Class=TR%gcd=<6%IPID=RD%TS=1000HZ)
+T1(DF=Y%W=7FFF%ACK=S++%Flags=AS%Ops=MNNTNW)
+T2(Resp=N)
+T3(Resp=N)
+T4(DF=Y%W=0%ACK=O%Flags=R%Ops=)
+T5(DF=Y%W=0%ACK=S++%Flags=AR%Ops=)
+T6(DF=Y%W=0%ACK=O%Flags=R%Ops=)
+T7(Resp=N)
+PU(DF=N%TOS=C0%IPLEN=164%RIPTL=148%RID=E%RIPCK=E%UCK=E%ULEN=134%DAT=E)
+
+# Linux kernel 2.6.7 (X86) from Mepis
+Fingerprint Linux 2.6.7 (X86)
+Class Linux | Linux | 2.6.X | general purpose
+TSeq(Class=RI%gcd=<6%SI=<14E7284&>35813%IPID=Z%TS=U)
+T1(DF=Y%W=1800%ACK=S++%Flags=AS%Ops=MNW)
+T2(Resp=N)
+T3(Resp=Y%DF=Y%W=1800%ACK=S++%Flags=AS%Ops=MNW)
+T4(DF=Y%W=0%ACK=O%Flags=R%Ops=)
+T5(DF=Y%W=0%ACK=S++%Flags=AR%Ops=)
+T6(DF=Y%W=0%ACK=O%Flags=R%Ops=)
+T7(DF=Y%W=0%ACK=S++%Flags=AR%Ops=)
+PU(DF=N%TOS=C0%IPLEN=164%RIPTL=148%RID=E%RIPCK=E%UCK=E%ULEN=134%DAT=E)
+
+# Linux kernel 2.6.8 on PLD Linux
+# Linux kernel 2.6.8.1-10mdk (x86) from Mandrake 10.1 Community
+# Linux kernel 2.6.8.1-10mdk (X86) from Mandrake 10.1 community
+# Linux kernel 2.6.7-SMP from Knoppix 3.6
+# Linux 2.6.8.1-4-k7 i686 GNU/Linux
+Fingerprint Linux 2.6.7 - 2.6.8
+Class Linux | Linux | 2.6.X | general purpose
+TSeq(Class=RI%gcd=<6%SI=<1D19DA8&>4A672%IPID=Z%TS=1000HZ)
+T1(DF=Y%W=830|159C|474C%ACK=S++%Flags=AS%Ops=MNNTNW)
+T2(Resp=N)
+T3(Resp=Y%DF=Y%W=830|159C|474C%ACK=S++%Flags=AS%Ops=MNNTNW)
+T4(DF=Y%W=0%ACK=O%Flags=R%Ops=)
+T5(DF=Y%W=0%ACK=S++%Flags=AR%Ops=)
+T6(DF=Y%W=0%ACK=O%Flags=R%Ops=)
+T7(DF=Y%W=0%ACK=S++%Flags=AR%Ops=)
+PU(DF=N%TOS=C0%IPLEN=164%RIPTL=148%RID=E%RIPCK=E%UCK=E%ULEN=134%DAT=E)
+
+Fingerprint Linux 2.6.7 w/grsecurity.org patch
+Class Linux | Linux | 2.6.X | general purpose
+TSeq(Class=TR%gcd=<6%IPID=RD%TS=1000HZ)
+T1(DF=Y%W=16A0%ACK=S++%Flags=AS%Ops=MNNTNW)
+T2(Resp=N)
+T3(Resp=Y%DF=Y%W=16A0%ACK=S++%Flags=AS%Ops=MNNTNW)
+T4(DF=Y%W=0%ACK=O%Flags=R%Ops=)
+T5(DF=Y%W=0%ACK=S++%Flags=AR%Ops=)
+T6(DF=Y%W=0%ACK=O%Flags=R%Ops=)
+T7(DF=Y%W=0%ACK=S++%Flags=AR%Ops=)
+PU(DF=N%TOS=0%IPLEN=164%RIPTL=148%RID=E%RIPCK=E%UCK=E%ULEN=134%DAT=E)
+
+# Linux 2.6.8-24.14-smp GNU/Linux Suse Linux 9.2 Professional
+Fingerprint Linux 2.6.8
+Class Linux | Linux | 2.6.X | general purpose
+TSeq(Class=RI%gcd=<6%SI=<C0DF46&>1ED0B%IPID=Z%TS=1000HZ)
+T1(DF=N%W=16A0%ACK=S++%Flags=AS%Ops=MNNTNW)
+T2(Resp=N)
+T3(Resp=Y%DF=N%W=16A0%ACK=S++%Flags=AS%Ops=MNNTNW)
+T4(DF=N%W=0%ACK=O%Flags=R%Ops=)
+T5(DF=N%W=0%ACK=S++%Flags=AR%Ops=)
+T6(DF=N%W=0%ACK=O%Flags=R%Ops=)
+T7(DF=N%W=0%ACK=S++%Flags=AR%Ops=)
+PU(DF=N%TOS=C0%IPLEN=164%RIPTL=148%RID=E%RIPCK=E%UCK=E%ULEN=134%DAT=E)
+
+# Linux Mandrake 10.1, i586, kernel 2.6.8.1-12mdk
+# Linux 2.6.8.1-12mdk #1 Fri Oct 1 12:53:41 CEST 2004 i686 AMD Athlon(tm) XP 3000+ unknown GNU/Linux
+Fingerprint Linux 2.6.8
+Class Linux | Linux | 2.6.X | general purpose
+TSeq(Class=RI%gcd=<6%SI=<1E91DE8&>4E3D1%IPID=Z%TS=1000HZ)
+T1(DF=Y%W=111C%ACK=S++%Flags=AS%Ops=MNNTNW)
+T2(Resp=N)
+T3(Resp=Y%DF=Y%W=111C%ACK=S++%Flags=AS%Ops=MNNTNW)
+T4(DF=Y%W=0%ACK=O%Flags=R%Ops=)
+T5(DF=Y%W=0%ACK=S++%Flags=AR%Ops=)
+T6(DF=Y%W=0%ACK=O%Flags=R%Ops=)
+T7(DF=Y%W=0%ACK=S++%Flags=AR%Ops=)
+PU(DF=N%TOS=0%IPLEN=164%RIPTL=148%RID=E%RIPCK=E%UCK=E%ULEN=134%DAT=E)
+
+# Linux 2.6.8-1.521 #1 i686 athlon i386 GNU/Linux
+Fingerprint Linux 2.6.8
+Class Linux | Linux | 2.6.X | general purpose
+TSeq(Class=RI%gcd=<6%SI=<C88D22&>20154%IPID=I%TS=1000HZ)
+T1(DF=N%W=7FFF%ACK=S++%Flags=AS%Ops=MNNTNW)
+T2(Resp=N)
+T3(Resp=Y%DF=N%W=7FFF%ACK=S++%Flags=AS%Ops=MNNTNW)
+T4(DF=Y%W=0%ACK=O%Flags=R%Ops=)
+T5(DF=Y%W=0%ACK=S++%Flags=AR%Ops=)
+T6(DF=Y%W=0%ACK=O%Flags=R%Ops=)
+T7(DF=Y%W=0%ACK=S++%Flags=AR%Ops=)
+PU(DF=N%TOS=C0%IPLEN=164%RIPTL=148%RID=E%RIPCK=E%UCK=E%ULEN=134%DAT=E)
+
+# Linux 2.6.8-2-k7 #1 Thu May 19 18:03:29 JST 2005 i686 GNU/Linux
+# Linux 2.6.8-2-386 #1 Mon Jan 24 03:01:58 EST 2005 i686 GNU/Linux, from Debian testing
+Fingerprint Linux 2.6.8
+Class Linux | Linux | 2.6.X | general purpose
+TSeq(Class=RI%gcd=<6%SI=<32035F2&>2A223%IPID=Z%TS=1000HZ)
+T1(DF=Y%W=16A0%ACK=S++%Flags=AS%Ops=MNNTNW)
+T2(Resp=Y%DF=N%W=800|C00|1000%ACK=S%Flags=AR%Ops=WNMETL)
+T3(Resp=Y%DF=N%W=1000|400|800|C00%ACK=S++%Flags=AR%Ops=WNMETL)
+T4(DF=N%W=C00|800|1000%ACK=S%Flags=AR%Ops=WNMETL)
+T5(DF=Y%W=0%ACK=S++%Flags=AR%Ops=)
+T6(DF=N%W=1000|800|C00%ACK=S%Flags=AR%Ops=WNMETL)
+T7(DF=N%W=400|800%ACK=S++%Flags=AR%Ops=WNMETL)
+PU(DF=N%TOS=C0%IPLEN=164%RIPTL=148%RID=E%RIPCK=E%UCK=F%ULEN=134%DAT=E)
+
+# Linux 2.6.8.1-12mdk #1 i686 Intel(R) Xeon(TM) CPU 2.80GHz unknown GNU/Linux
+# Linux 2.6.8-1-k7 #1 i686 GNU/Linux
+Fingerprint Linux 2.6.8
+Class Linux | Linux | 2.6.X | general purpose
+TSeq(Class=RI%gcd=<6%SI=<18C0F36&>3F49D%IPID=Z%TS=1000HZ)
+T1(DF=Y%W=16A0%ACK=S++%Flags=AS%Ops=MNNTNW)
+T2(Resp=N)
+T3(Resp=Y%DF=Y%W=16A0%ACK=S++%Flags=AS%Ops=MNNTNW)
+T4(DF=Y%W=0%ACK=O%Flags=R%Ops=)
+T5(DF=Y%W=0%ACK=S++%Flags=AR%Ops=)
+T6(DF=Y%W=0%ACK=O%Flags=R%Ops=)
+T7(DF=Y%W=0%ACK=S++%Flags=AR%Ops=)
+PU(DF=N%TOS=14|30%IPLEN=164%RIPTL=148%RID=E%RIPCK=E%UCK=E%ULEN=134%DAT=E)
+
+# Debian Sarge Kernel 2.6.8
+Fingerprint Linux 2.6.8 (Debian)
+Class Linux | Linux | 2.6.X | general purpose
+TSeq(Class=RI%gcd=<6%SI=<2C96D4E&>34B7A%IPID=Z%TS=100HZ)
+T1(DF=Y%W=16A0%ACK=S++%Flags=AS%Ops=MNNTNW)
+T2(Resp=N)
+T3(Resp=N)
+T4(DF=Y%W=0%ACK=O%Flags=R%Ops=)
+T5(DF=Y%W=0%ACK=S++%Flags=AR%Ops=)
+T6(DF=Y%W=0%ACK=O%Flags=R%Ops=)
+T7(Resp=N)
+PU(DF=Y%TOS=C0%IPLEN=164%RIPTL=148%RID=E%RIPCK=E%UCK=E%ULEN=134%DAT=E)
+
+# Linux ubuntu 2.6.8.1-5-386 #1 Sat Feb 12 00:19:31 UTC 2005 i686 GNU/Linux
+Fingerprint Linux 2.6.8 (ubuntu)
+Class Linux | Linux | 2.6.X | general purpose
+TSeq(Class=RI%gcd=<6%SI=<10F66C0&>2B6A6%IPID=Z%TS=1000HZ)
+T1(DF=Y%W=16A0%ACK=S++%Flags=AS%Ops=MNNTNW)
+T2(Resp=N)
+T3(Resp=Y%DF=Y%W=16A0%ACK=S++%Flags=AS%Ops=MNNTNW)
+T4(DF=Y%W=0%ACK=O%Flags=R%Ops=)
+T5(DF=N%W=0%ACK=S++%Flags=AR%Ops=)
+T6(DF=N%W=0%ACK=O%Flags=R%Ops=)
+T7(DF=N%W=0%ACK=S%Flags=AR%Ops=)
+PU(DF=N%TOS=0%IPLEN=38%RIPTL=15C%RID=F%RIPCK=0%UCK=0%ULEN=134%DAT=E)
+
+# Linux kernel 2.6.8.1 from Debian sarge netinst
+# Linux kernel 2.6.11-1.27 from Fedora Core 3
+Fingerprint Linux 2.6.8 - 2.6.11
+Class Linux | Linux | 2.6.X | general purpose
+TSeq(Class=RI%gcd=<6%SI=<23C986A&>4BB91%IPID=Z%TS=1000HZ)
+T1(DF=Y%W=16A0%ACK=S++%Flags=AS%Ops=MNNT)
+T2(Resp=N)
+T3(Resp=Y%DF=Y%W=16A0%ACK=S++%Flags=AS%Ops=MNNT)
+T4(DF=Y%W=0%ACK=O%Flags=R%Ops=)
+T5(DF=Y%W=0%ACK=S++%Flags=AR%Ops=)
+T6(DF=Y%W=0%ACK=O%Flags=R%Ops=)
+T7(DF=Y%W=0%ACK=S++%Flags=AR%Ops=)
+PU(DF=N%TOS=C0%IPLEN=164%RIPTL=148%RID=E%RIPCK=E%UCK=E%ULEN=134%DAT=E)
+
 # Linux kernel 2.6.8-1-k7-smp (X86) Debian GNU/Linux 3.1 (Sarge - testing)
 # Linux 2.6.11-gentoo-r2-ck1
 # Linux 2.6.11-gentoo-r4 #1 i686 P4CPU+2.40GHz GenuineIntel GNU/Linux Gentoo Base System version 1.4.16
@@ -13141,18 +13048,99 @@ T6(DF=Y%W=0%ACK=O%Flags=R%Ops=)
 T7(DF=Y%W=0%ACK=S++%Flags=AR%Ops=)
 PU(DF=N%TOS=80%IPLEN=164%RIPTL=148%RID=E%RIPCK=E%UCK=E%ULEN=134%DAT=E)
 
-# Linux 2.6.11 (gentoo-dev-sources)
-Fingerprint Linux 2.6.11 (gentoo)
+# Linux 2.6.9-gentoo-r13Hipcia #3 i686 Pentium III (Coppermine) GenuineIntel GNU/Linux
+# Linux 2.6.8-1-686-smp #1 SMP i686 GNU/Linux from Debian 3.1
+Fingerprint Linux 2.6.8 - 2.6.9
 Class Linux | Linux | 2.6.X | general purpose
-TSeq(Class=RI%gcd=<6%SI=<1F96C34&>50AA5%IPID=Z%TS=1000HZ)
-T1(DF=Y%W=7D0%ACK=S++%Flags=AS%Ops=MNNTNW)
+TSeq(Class=RI%gcd=<6%SI=<11DFD8E&>15CCF%IPID=Z%TS=1000HZ)
+T1(DF=Y%W=16A0%ACK=S++%Flags=AS%Ops=MNNTNW)
+T2(Resp=Y%DF=N%W=400|800|C00%ACK=S%Flags=AR%Ops=WNMETL)
+T3(Resp=Y%DF=N%W=400|800|1000%ACK=S%Flags=AR%Ops=WNMETL)
+T4(DF=N%W=C00|400|1000%ACK=S%Flags=AR%Ops=WNMETL)
+T5(DF=Y%W=0%ACK=S++%Flags=AR%Ops=)
+T6(DF=N%W=400|800|1000%ACK=S%Flags=AR%Ops=WNMETL)
+T7(DF=N%W=400|800|1000%ACK=S%Flags=AR%Ops=WNMETL)
+PU(DF=N%TOS=C0%IPLEN=164%RIPTL=148%RID=E%RIPCK=E%UCK=F%ULEN=134%DAT=E)
+
+# Linux 2.6.9 #1 i686
+# Linux kernel 2.6.9 (PIII-80Mhz)
+Fingerprint Linux 2.6.9
+Class Linux | Linux | 2.6.X | general purpose
+TSeq(Class=RI%gcd=<6%SI=<2AB93AA&>6D5A3%IPID=Z%TS=1000HZ)
+T1(DF=Y%W=16A0%ACK=S++%Flags=AS%Ops=MNNTNW)
 T2(Resp=N)
-T3(Resp=Y%DF=Y%W=7D0%ACK=S++%Flags=AS%Ops=MNNTNW)
+T3(Resp=Y%DF=Y%W=16A0%ACK=S++%Flags=AS%Ops=MNNTNW)
 T4(DF=Y%W=0%ACK=O%Flags=R%Ops=)
 T5(DF=Y%W=0%ACK=S++%Flags=AR%Ops=)
 T6(DF=Y%W=0%ACK=O%Flags=R%Ops=)
 T7(DF=Y%W=0%ACK=S++%Flags=AR%Ops=)
-PU(Resp=N)
+PU(DF=N%TOS=28|40%IPLEN=164%RIPTL=148%RID=E%RIPCK=E%UCK=E%ULEN=134%DAT=E)
+
+# Linux 2.6.9-1.649 FC Rawhide
+# Linux kernel 2.6.9 (x86_64) from kernel.org
+Fingerprint Linux 2.6.9
+Class Linux | Linux | 2.6.X | general purpose
+TSeq(Class=RI%gcd=<6%SI=<13935EA&>32119%IPID=Z%TS=1000HZ)
+T1(DF=Y%W=5AC|1540%ACK=S++%Flags=AS%Ops=MNNTNW)
+T2(Resp=N)
+T3(Resp=Y%DF=Y%W=5AC|1540%ACK=S++%Flags=AS%Ops=MNNTNW)
+T4(DF=Y%W=0%ACK=O%Flags=R%Ops=)
+T5(DF=Y%W=0%ACK=S++%Flags=AR%Ops=)
+T6(DF=Y%W=0%ACK=O%Flags=R%Ops=)
+T7(DF=Y%W=0%ACK=S++%Flags=AR%Ops=)
+PU(DF=N%TOS=0%IPLEN=164%RIPTL=148%RID=E%RIPCK=E%UCK=E%ULEN=134%DAT=E)
+
+# Linux 2.6.9-1.681_FC3 #1 i686 i686 i386 GNU/Linux Fedora Core 3
+Fingerprint Linux 2.6.9
+Class Linux | Linux | 2.6.X | general purpose
+TSeq(Class=RI%gcd=<6%SI=<1BA9D60&>26DF4%IPID=Z%TS=1000HZ)
+T1(DF=Y%W=16A0%ACK=S++%Flags=AS%Ops=MNNTNW)
+T2(Resp=Y%DF=Y%W=0%ACK=S%Flags=AR%Ops=)
+T3(Resp=Y%DF=Y%W=0%ACK=O%Flags=AR%Ops=)
+T4(DF=Y%W=0%ACK=O%Flags=R%Ops=)
+T5(DF=Y%W=0%ACK=S++%Flags=AR%Ops=)
+T6(DF=Y%W=0%ACK=O%Flags=R%Ops=)
+T7(DF=Y%W=0%ACK=S++%Flags=AR%Ops=)
+PU(DF=N%TOS=C0%IPLEN=164%RIPTL=148%RID=E%RIPCK=E%UCK=E%ULEN=134%DAT=E)
+
+Fingerprint Linux kernel 2.6.4 (x86)
+Class Linux | Linux | 2.6.X | general purpose
+TSeq(Class=RI%gcd=<6%SI=<16FCF2E&>297DE%IPID=Z%TS=1000HZ)
+T1(DF=Y%W=16A0%ACK=S++%Flags=AS%Ops=MNNTNW)
+T2(Resp=N)
+T3(Resp=Y%DF=Y%W=16A0%ACK=S++%Flags=AS%Ops=MNNTNW)
+T4(DF=Y%W=0%ACK=O%Flags=R%Ops=)
+T5(DF=Y%W=0%ACK=S++%Flags=AR%Ops=)
+T6(DF=Y%W=0%ACK=O%Flags=R%Ops=)
+T7(DF=Y%W=0%ACK=S++%Flags=AR%Ops=)
+PU(DF=N%TOS=20%IPLEN=164%RIPTL=148%RID=E%RIPCK=E%UCK=F%ULEN=134%DAT=E)
+
+Fingerprint Linux kernel 2.6.4 (X86)
+Class Linux | Linux | 2.6.X | general purpose
+TSeq(Class=RI%gcd=<A%SI=<1E2EBD0&>198DF%IPID=Z%TS=1000HZ)
+T1(DF=Y%W=1680%ACK=S++%Flags=AS%Ops=MNNTNW)
+T2(Resp=Y%DF=Y%W=0%ACK=S%Flags=AR%Ops=)
+T3(Resp=Y%DF=Y%W=1680%ACK=S++%Flags=AS%Ops=MNNTNW)
+T4(DF=Y%W=0%ACK=O%Flags=R%Ops=)
+T5(DF=Y%W=0%ACK=S++%Flags=AR%Ops=)
+T6(DF=Y%W=0%ACK=O%Flags=R%Ops=)
+T7(DF=Y%W=0%ACK=S++%Flags=AR%Ops=)
+PU(DF=N%TOS=C0%IPLEN=164%RIPTL=148%RID=E%RIPCK=E%UCK=E%ULEN=134%DAT=E)
+
+# Linux 2.6.5 (Gentoo)
+# Linux 2.6.8 (Fedora Core 2)
+# Fingerprint Linux kernel 2.6.8-1.521 Fedora 2
+Fingerprint Linux kernel 2.6.5 - 2.6.8
+Class Linux | Linux | 2.6.X | general purpose
+TSeq(Class=RI%gcd=<6%SI=<17F9116&>3D580%IPID=Z%TS=1000HZ)
+T1(DF=Y%W=16A0%ACK=S++%Flags=AS%Ops=MNNTNW)
+T2(Resp=Y%DF=Y%W=0%ACK=S%Flags=AR%Ops=)
+T3(Resp=Y%DF=Y%W=16A0%ACK=S++%Flags=AS%Ops=MNNTNW)
+T4(DF=Y%W=0%ACK=O%Flags=R%Ops=)
+T5(DF=Y%W=0%ACK=S++%Flags=AR%Ops=)
+T6(DF=Y%W=0%ACK=O%Flags=R%Ops=)
+T7(DF=Y%W=0%ACK=S++%Flags=AR%Ops=)
+PU(DF=N%TOS=0%IPLEN=164%RIPTL=148%RID=E%RIPCK=E%UCK=E%ULEN=134%DAT=E)
 
 Fingerprint ComOS based terminal server - Livingston PortMaster or U.S. Robotics/3Com Total Control
 Class Livingston | ComOS || terminal server
@@ -13504,27 +13492,6 @@ T6(DF=N%W=0%ACK=O%Flags=R%Ops=)
 T7(DF=N%W=0%ACK=S++%Flags=AR%Ops=)
 PU(DF=N%TOS=0%IPLEN=B0%RIPTL=148%RID=E%RIPCK=E%UCK=E|F%ULEN=134%DAT=E)
 
-# Microsoft Windows Server 2003 Standard Edition
-# Microsoft Windows 2003 standard edition Version 5.2 (Build 3790.srv03_gdr.040410-1234)
-# Microsoft Windows 2003 Server with SP1
-# Windows server 2003 enterprise sp1 + hotfixes (build 3790.srv30_sp1_rtm.050324-1447 : Service Pack 1)
-# Windows 2003 Enterprise SP1 Version 5.2 (Build 3790.srv03_sp1_rc1.041202-1618 : +Service Pack 1, v.1)
-# Microsoft Windows XP Professional /w SP2 build 2600.xpsp_sp2_rtm.040803-2158
-# Microsoft Windows 2003 Standard Edition SP1 Updated through June 19th 2005
-# Windows Server 2003 Enterprise Edition (Version 5.2 Build 3790.srv03_sp1_rtm.050324-1447 : +Service Pack 1)
-Fingerprint Microsoft Windows 2003 Server, 2003 Server SP1 or XP Pro SP2
-Class Microsoft | Windows | NT/2K/XP | general purpose
-Class Microsoft | Windows | 2003/.NET | general purpose
-TSeq(Class=TR%gcd=<6%IPID=I)
-T1(DF=N%W=4000|402E%ACK=S++%Flags=AS%Ops=MNWNNT)
-T2(Resp=Y%DF=N%W=0%ACK=S%Flags=AR%Ops=)
-T3(Resp=Y%DF=N%W=4000|402E%ACK=S++%Flags=AS%Ops=MNWNNT)
-T4(DF=N%W=0%ACK=O%Flags=R%Ops=)
-T5(DF=N%W=0%ACK=S++%Flags=AR%Ops=)
-T6(DF=N%W=0%ACK=O%Flags=R%Ops=)
-T7(DF=N%W=0%ACK=S++%Flags=AR%Ops=)
-PU(DF=N%TOS=0%IPLEN=B0%RIPTL=148%RID=E%RIPCK=E%UCK=E%ULEN=134%DAT=E)
-
 # Microsoft Windows 2003 server edition, no service packs
 Fingerprint Microsoft Windows 2003 Server
 Class Microsoft | Windows | 2003/.NET | general purpose
@@ -13563,66 +13530,6 @@ T6(DF=N%W=0%ACK=O%Flags=R%Ops=)
 T7(DF=N%W=0%ACK=S++%Flags=AR%Ops=)
 PU(DF=N%TOS=0%IPLEN=B0%RIPTL=148%RID=E%RIPCK=E%UCK=E%ULEN=134%DAT=E)
 
-# Microsoft Windows.NET Enterprise Server (build 3615 beta)
-# Windows .NET standard server build 3604
-# Microsoft Windows 2003 Standard Build V5.2.3790 build 3790
-# Microsoft Windows 2003 Server - Web edition - all available critical fixes as of 15th feb 2004
-# Windows 2003 Standard Edition RTM
-# Window Server 2003 Enterprise Edition Swedish
-# Microsoft Windows XP Professional (English) w/ SP2 RC1 build 2600.xpsp_sp2_rc1.040311-2315 - WINDOWS FIREWALL DISABLED
-# Microsoft Windows 5.2 Build 3790.srv03_rtm.030324-2048
-# Microsoft Windows Version 5.1 (Build 2600.spdp_sp2_rtm.040803-2158 : Services Pack 2)
-Fingerprint Microsoft Windows 2003 Server or XP SP2
-Class Microsoft | Windows | 2003/.NET | general purpose
-Class Microsoft | Windows | NT/2K/XP | general purpose
-TSeq(Class=TR%gcd=<6%IPID=I)
-T1(DF=Y%W=402E|FB8B%ACK=S++%Flags=AS%Ops=MNWNNT)
-T2(Resp=Y%DF=N%W=0%ACK=S%Flags=AR%Ops=)
-T3(Resp=Y%DF=Y%W=402E|FB8B%ACK=S++%Flags=AS%Ops=MNWNNT)
-T4(DF=N%W=0%ACK=O%Flags=R%Ops=)
-T5(DF=N%W=0%ACK=S++%Flags=AR%Ops=)
-T6(DF=N%W=0%ACK=O%Flags=R%Ops=)
-T7(DF=N%W=0%ACK=S++%Flags=AR%Ops=)
-PU(DF=N%TOS=0%IPLEN=B0%RIPTL=148%RID=E%RIPCK=E|F%UCK=E|F%ULEN=134%DAT=E)
-
-Fingerprint Microsoft Windows 2003 Server Standard Edition
-Class Microsoft | Windows | 2003/.NET | general purpose
-TSeq(Class=TR%gcd=<6%IPID=I)
-T1(DF=Y%W=402E%ACK=S++%Flags=AS%Ops=MNWNNT)
-T2(Resp=Y%DF=N%W=0%ACK=S%Flags=AR%Ops=)
-T3(Resp=Y%DF=Y%W=402E%ACK=S++%Flags=AS%Ops=MNWNNT)
-T4(DF=N%W=0%ACK=O%Flags=R%Ops=)
-T5(DF=N%W=0%ACK=S++%Flags=AR%Ops=)
-T6(DF=N%W=0%ACK=O%Flags=R%Ops=)
-T7(DF=N%W=0%ACK=S++%Flags=AR%Ops=)
-PU(DF=N%TOS=20%IPLEN=B0%RIPTL=148%RID=E|F%RIPCK=E%UCK=E%ULEN=134%DAT=E)
-
-# Microsoft Windows Server 2003 Enterprise Edition Version 5.2.3790
-Fingerprint Microsoft Windows Server 2003 Enterprise Edition
-Class Microsoft | Windows | 2003/.NET | general purpose
-TSeq(Class=TR%gcd=<6%IPID=I)
-T1(DF=Y%W=402E%ACK=S++%Flags=AS%Ops=MNWNNT)
-T2(Resp=Y%DF=N%W=0%ACK=S%Flags=AR%Ops=)
-T3(Resp=Y%DF=Y%W=402E%ACK=S++%Flags=AS%Ops=MNWNNT)
-T4(DF=N%W=0%ACK=O%Flags=R%Ops=)
-T5(DF=N%W=0%ACK=S++%Flags=AR%Ops=)
-T6(DF=N%W=0%ACK=O%Flags=R%Ops=)
-T7(DF=N%W=0%ACK=S++%Flags=AR%Ops=)
-PU(DF=N%TOS=10%IPLEN=B0%RIPTL=148%RID=E%RIPCK=E%UCK=E%ULEN=134%DAT=E)
-
-# Microsoft Windows Server 2003, No Service Packs build 3790.srv03_gdr.040410-1234
-Fingerprint Microsoft Windows Server 2003
-Class Microsoft | Windows | 2003/.NET | general purpose
-TSeq(Class=TR%gcd=<6%IPID=I)
-T1(DF=Y%W=5B4%ACK=S++%Flags=AS%Ops=MNWNNT)
-T2(Resp=Y%DF=N%W=0%ACK=S%Flags=AR%Ops=)
-T3(Resp=Y%DF=Y%W=5B4%ACK=S++%Flags=AS%Ops=MNWNNT)
-T4(DF=N%W=0%ACK=O%Flags=R%Ops=)
-T5(DF=N%W=0%ACK=S++%Flags=AR%Ops=)
-T6(DF=N%W=0%ACK=O%Flags=R%Ops=)
-T7(DF=N%W=0%ACK=S++%Flags=AR%Ops=)
-PU(DF=N%TOS=0%IPLEN=B0%RIPTL=148%RID=E%RIPCK=F%UCK=F%ULEN=134%DAT=E)
-
 Fingerprint Microsoft Windows 2003 Server
 Class Microsoft | Windows | 2003/.NET | general purpose
 TSeq(Class=TR%gcd=<6)
@@ -13635,40 +13542,6 @@ T6(DF=N%W=0%ACK=O%Flags=R%Ops=)
 T7(Resp=N)
 PU(DF=N%TOS=0%IPLEN=B0%RIPTL=148%RID=E%RIPCK=E%UCK=E%ULEN=134%DAT=E)
 
-# Microsoft Windows XP pro (French) version:2002 sp2
-# Microsoft Windows Server 2003 version 5.2 (Build 3790.srv03_gdr.040410-1234)
-# Microsoft Windows Server 2003 Enterprise Edition (Trial Version downloaded from Microsoft as at 06/03
-# Microsoft Windows 2003 Server Enterprise Edition (German) build 3790.srv03_rtm.030324-2048
-# Microsoft Windows .NET Standard Server RC#2 (build 3718)
-# Microsoft Windows XP Professional version 2002 service pack 2
-# Microsoft Windows XP Home (English) w/SP2 Version 5.1 (Build 2600.xpsp_sp2_rtm.040803-2158 : Service Pack 2)
-# Microsoft Windows XP Home /SP2 Polish Edition
-Fingerprint Microsoft Windows 2003 Server or XP SP2
-Class Microsoft | Windows | 2003/.NET | general purpose
-Class Microsoft | Windows | NT/2K/XP | general purpose
-TSeq(Class=TR%gcd=<6%IPID=I)
-T1(DF=Y|N%W=2017|402E|FFFF%ACK=S++%Flags=AS%Ops=MNWNNT)
-T2(Resp=N)
-T3(Resp=N)
-T4(DF=N%W=0%ACK=O%Flags=R%Ops=)
-T5(DF=N%W=0%ACK=S++%Flags=AR%Ops=)
-T6(DF=N%W=0%ACK=O%Flags=R%Ops=)
-T7(Resp=N)
-PU(DF=N%TOS=0|20%IPLEN=B0%RIPTL=148%RID=E%RIPCK=E|F%UCK=E|F%ULEN=134%DAT=E)
-
-# Microsoft Windows XP Pro Service Pack 2 Build 5 1 2600
-Fingerprint Microsoft Windows XP Pro SP2
-Class Microsoft | Windows | NT/2K/XP | general purpose
-TSeq(Class=TR%gcd=<6%IPID=I)
-T1(DF=Y%W=FFFF%ACK=S++%Flags=AS%Ops=MNWNNT)
-T2(Resp=N)
-T3(Resp=N)
-T4(DF=Y%W=0%ACK=O%Flags=R%Ops=)
-T5(DF=N%W=0%ACK=S++%Flags=AR%Ops=)
-T6(DF=Y%W=0%ACK=O%Flags=R%Ops=)
-T7(Resp=N)
-PU(DF=N%TOS=20%IPLEN=B0%RIPTL=148%RID=E%RIPCK=E%UCK=F%ULEN=134%DAT=E)
-
 Fingerprint Microsoft Windows 2003 Server
 Class Microsoft | Windows | 2003/.NET | general purpose
 TSeq(Class=TR%gcd=<6%IPID=I%TS=U)
@@ -13693,6 +13566,76 @@ T6(DF=N%W=0%ACK=O%Flags=R%Ops=)
 T7(DF=N%W=0%ACK=S++%Flags=AR%Ops=)
 PU(DF=N%TOS=0%IPLEN=B0%RIPTL=148%RID=E%RIPCK=E%UCK=E%ULEN=134%DAT=E)
 
+Fingerprint Microsoft Windows 2003 Server Enterprise Edition
+Class Microsoft | Windows | 2003/.NET | general purpose
+TSeq(Class=TR%gcd=<6%IPID=I)
+T1(DF=Y%W=402E%ACK=S++%Flags=AS%Ops=MNWNNT)
+T2(Resp=Y%DF=N%W=0%ACK=S%Flags=AR%Ops=)
+T3(Resp=Y%DF=Y%W=402E%ACK=S++%Flags=AS%Ops=MNWNNT)
+T4(DF=N%W=0%ACK=O%Flags=R%Ops=)
+T5(DF=N%W=0%ACK=S++%Flags=AR%Ops=)
+T6(DF=N%W=0%ACK=O%Flags=R%Ops=)
+T7(DF=N%W=0%ACK=S++%Flags=AR%Ops=)
+PU(DF=N%TOS=0%IPLEN=38%RIPTL=15C%RID=E|F%RIPCK=F%UCK=0%ULEN=134%DAT=E)
+
+# Microsoft Windows Server 2003, Enterprise Edition, no service packs, (build 3790.srv03_rtm.030324-2048)
+# Microsoft Windows XP Professional (English) w/SP2 with latest updates through Nov. 24, 2004
+Fingerprint Microsoft Windows 2003 Server Enterprise Edition or XP Pro SP2
+Class Microsoft | Windows | 2003/.NET | general purpose
+Class Microsoft | Windows | NT/2K/XP | general purpose
+TSeq(Class=TR%gcd=<6%IPID=I)
+T1(DF=Y%W=6360%ACK=S++%Flags=AS%Ops=MNWNNT)
+T2(Resp=Y%DF=N%W=0%ACK=S%Flags=AR%Ops=)
+T3(Resp=Y%DF=Y%W=6360%ACK=S++%Flags=AS%Ops=MNWNNT)
+T4(DF=N%W=0%ACK=O%Flags=R%Ops=)
+T5(DF=N%W=0%ACK=S++%Flags=AR%Ops=)
+T6(DF=N%W=0%ACK=O%Flags=R%Ops=)
+T7(DF=N%W=0%ACK=S++%Flags=AR%Ops=)
+PU(DF=N%TOS=0%IPLEN=B0%RIPTL=148%RID=E%RIPCK=E%UCK=E%ULEN=134%DAT=E)
+
+# Microsoft Windows.NET Enterprise Server (build 3615 beta)
+# Windows .NET standard server build 3604
+# Microsoft Windows 2003 Standard Build V5.2.3790 build 3790
+# Microsoft Windows 2003 Server - Web edition - all available critical fixes as of 15th feb 2004
+# Windows 2003 Standard Edition RTM
+# Window Server 2003 Enterprise Edition Swedish
+# Microsoft Windows XP Professional (English) w/ SP2 RC1 build 2600.xpsp_sp2_rc1.040311-2315 - WINDOWS FIREWALL DISABLED
+# Microsoft Windows 5.2 Build 3790.srv03_rtm.030324-2048
+# Microsoft Windows Version 5.1 (Build 2600.spdp_sp2_rtm.040803-2158 : Services Pack 2)
+Fingerprint Microsoft Windows 2003 Server or XP SP2
+Class Microsoft | Windows | 2003/.NET | general purpose
+Class Microsoft | Windows | NT/2K/XP | general purpose
+TSeq(Class=TR%gcd=<6%IPID=I)
+T1(DF=Y%W=402E|FB8B%ACK=S++%Flags=AS%Ops=MNWNNT)
+T2(Resp=Y%DF=N%W=0%ACK=S%Flags=AR%Ops=)
+T3(Resp=Y%DF=Y%W=402E|FB8B%ACK=S++%Flags=AS%Ops=MNWNNT)
+T4(DF=N%W=0%ACK=O%Flags=R%Ops=)
+T5(DF=N%W=0%ACK=S++%Flags=AR%Ops=)
+T6(DF=N%W=0%ACK=O%Flags=R%Ops=)
+T7(DF=N%W=0%ACK=S++%Flags=AR%Ops=)
+PU(DF=N%TOS=0%IPLEN=B0%RIPTL=148%RID=E%RIPCK=E|F%UCK=E|F%ULEN=134%DAT=E)
+
+# Microsoft Windows XP pro (French) version:2002 sp2
+# Microsoft Windows Server 2003 version 5.2 (Build 3790.srv03_gdr.040410-1234)
+# Microsoft Windows Server 2003 Enterprise Edition (Trial Version downloaded from Microsoft as at 06/03
+# Microsoft Windows 2003 Server Enterprise Edition (German) build 3790.srv03_rtm.030324-2048
+# Microsoft Windows .NET Standard Server RC#2 (build 3718)
+# Microsoft Windows XP Professional version 2002 service pack 2
+# Microsoft Windows XP Home (English) w/SP2 Version 5.1 (Build 2600.xpsp_sp2_rtm.040803-2158 : Service Pack 2)
+# Microsoft Windows XP Home /SP2 Polish Edition
+Fingerprint Microsoft Windows 2003 Server or XP SP2
+Class Microsoft | Windows | 2003/.NET | general purpose
+Class Microsoft | Windows | NT/2K/XP | general purpose
+TSeq(Class=TR%gcd=<6%IPID=I)
+T1(DF=Y|N%W=2017|402E|FFFF%ACK=S++%Flags=AS%Ops=MNWNNT)
+T2(Resp=N)
+T3(Resp=N)
+T4(DF=N%W=0%ACK=O%Flags=R%Ops=)
+T5(DF=N%W=0%ACK=S++%Flags=AR%Ops=)
+T6(DF=N%W=0%ACK=O%Flags=R%Ops=)
+T7(Resp=N)
+PU(DF=N%TOS=0|20%IPLEN=B0%RIPTL=148%RID=E%RIPCK=E|F%UCK=E|F%ULEN=134%DAT=E)
+
 # Windows Server 2003, build 3790
 # Microsoft Windows XP Media Center Edition
 Fingerprint Microsoft Windows 2003 Server or XP SP2
@@ -13708,85 +13651,6 @@ T6(DF=N%W=0%ACK=O%Flags=R%Ops=)
 T7(DF=N%W=0%ACK=S++%Flags=AR%Ops=)
 PU(DF=N%TOS=0%IPLEN=B0%RIPTL=148%RID=E%RIPCK=E%UCK=E|F%ULEN=134%DAT=E)
 
-Fingerprint Microsoft Windows 2003 Server Standard Edition
-Class Microsoft | Windows | 2003/.NET | general purpose
-TSeq(Class=TR%gcd=<6%IPID=I)
-T1(DF=Y%W=402E%ACK=S++%Flags=AS%Ops=MNWNNT)
-T2(Resp=Y%DF=N%W=400|C00%ACK=S%Flags=AR%Ops=WNMETL)
-T3(Resp=Y%DF=N%W=C00|400%ACK=S++%Flags=AR%Ops=WNMETL)
-T4(DF=N%W=1000|C00%ACK=S%Flags=AR%Ops=WNMETL)
-T5(DF=N%W=800|400%ACK=S++%Flags=AR%Ops=)
-T6(DF=N%W=C00|800%ACK=S%Flags=AR%Ops=WNMETL)
-T7(DF=N%W=400|1000%ACK=S++%Flags=AR%Ops=WNMETL)
-PU(DF=N%TOS=0%IPLEN=38%RIPTL=148%RID=E%RIPCK=E%UCK=E%ULEN=134%DAT=E)
-
-Fingerprint Microsoft Windows 2003 Server Enterprise Edition
-Class Microsoft | Windows | 2003/.NET | general purpose
-TSeq(Class=TR%gcd=<6%IPID=I)
-T1(DF=Y%W=402E%ACK=S++%Flags=AS%Ops=MNWNNT)
-T2(Resp=Y%DF=N%W=0%ACK=S%Flags=AR%Ops=)
-T3(Resp=Y%DF=Y%W=402E%ACK=S++%Flags=AS%Ops=MNWNNT)
-T4(DF=N%W=0%ACK=O%Flags=R%Ops=)
-T5(DF=N%W=0%ACK=S++%Flags=AR%Ops=)
-T6(DF=N%W=0%ACK=O%Flags=R%Ops=)
-T7(DF=N%W=0%ACK=S++%Flags=AR%Ops=)
-PU(DF=N%TOS=0%IPLEN=38%RIPTL=15C%RID=E|F%RIPCK=F%UCK=0%ULEN=134%DAT=E)
-
-# Microsoft Windows 2003 Server Standard Edition (Build 3790.srv03_gdr.040410-1234)
-Fingerprint Microsoft Windows 2003 Server Standard Edition
-Class Microsoft | Windows | 2003/.NET | general purpose
-TSeq(Class=TR%gcd=<6)
-T1(DF=Y%W=402E%ACK=S++%Flags=AS%Ops=MNWNNT)
-T2(Resp=N)
-T3(Resp=Y%DF=Y%W=402E%ACK=S++%Flags=AS%Ops=MNWNNT)
-T4(DF=N%W=0%ACK=O%Flags=R%Ops=)
-T5(DF=Y%W=402E%ACK=S++%Flags=AS%Ops=MNWNNT)
-T6(DF=N%W=0%ACK=O%Flags=R%Ops=)
-T7(DF=N%W=0%ACK=S++%Flags=AR%Ops=)
-PU(Resp=N)
-
-# Windows 2003 Standard build 3790
-# Microsoft Windows 2003/.NET Standard Edition
-# Windows 2000 Server with SP4 fully patched as of 10/8/04
-Fingerprint Microsoft Windows 2000 Server SP4 or 2003 Server Standard Edition
-Class Microsoft | Windows | NT/2K/XP | general purpose
-Class Microsoft | Windows | 2003/.NET | general purpose
-TSeq(Class=TR%gcd=<6%IPID=I)
-T1(DF=Y%W=402E|FFFF%ACK=S++%Flags=AS%Ops=MNWNNT|MNNT)
-T2(Resp=Y%DF=N%W=400|800|C00|1000%ACK=S%Flags=AR%Ops=WNMETL)
-T3(Resp=Y%DF=N%W=400|800|C00|1000%ACK=S++%Flags=AR%Ops=WNMETL)
-T4(DF=N%W=400|800|C00|1000%ACK=S%Flags=AR%Ops=WNMETL)
-T5(DF=N%W=0%ACK=S++%Flags=AR%Ops=)
-T6(DF=N%W=400|800|C00|1000%ACK=S%Flags=AR%Ops=WNMETL)
-T7(DF=N%W=400|800|C00|1000%ACK=S++%Flags=AR%Ops=WNMETL)
-PU(DF=N%TOS=0%IPLEN=B0%RIPTL=148%RID=E|F%RIPCK=E%UCK=E|F%ULEN=134%DAT=E)
-
-# MS Windows 2000: v5.00.2195: SP4
-Fingerprint Microsoft Windows 2000 SP4
-Class Microsoft | Windows | NT/2K/XP | general purpose
-TSeq(Class=TR%gcd=<6)
-T1(DF=Y%W=402E%ACK=S++%Flags=AS%Ops=MNWNNT)
-T2(Resp=Y%DF=N%W=400|1000|800%ACK=S%Flags=AR%Ops=WNMETL)
-T3(Resp=Y%DF=N%W=400|800|C00%ACK=S++%Flags=AR%Ops=WNMETL)
-T4(DF=N%W=400%ACK=S%Flags=AR%Ops=WNMETL)
-T5(DF=N%W=0%ACK=S++%Flags=AR%Ops=)
-T6(DF=N%W=400|C00|800%ACK=S%Flags=AR%Ops=WNMETL)
-T7(DF=N%W=1000%ACK=S++%Flags=AR%Ops=WNMETL)
-PU(DF=N%TOS=0%IPLEN=38%RIPTL=148%RID=E|F%RIPCK=E%UCK=E%ULEN=134%DAT=E)
-
-# Windows 2000 server SP4 with all current patches april 9th 2005
-Fingerprint Windows 2000 server SP4
-Class Microsoft | Windows | NT/2K/XP | general purpose
-TSeq(Class=RI%gcd=<6%SI=<1C3B8&>157%IPID=I)
-T1(DF=Y%W=FFFF%ACK=S++%Flags=AS%Ops=MNWNNT)
-T2(Resp=Y%DF=N%W=0%ACK=S%Flags=AR%Ops=)
-T3(Resp=Y%DF=N%W=0%ACK=S++%Flags=AR%Ops=)
-T4(DF=N%W=0%ACK=S%Flags=R%Ops=)
-T5(DF=N%W=0%ACK=S++%Flags=AR%Ops=)
-T6(DF=N%W=0%ACK=S%Flags=R%Ops=)
-T7(DF=N%W=0%ACK=S++%Flags=AR%Ops=)
-PU(DF=N%TOS=0%IPLEN=38%RIPTL=148%RID=E%RIPCK=E%UCK=E%ULEN=134%DAT=E)
-
 # Microsoft Windows 2003 Server with SP1 and latest Windows Update patches as of May, 2005
 # Windows Server 2003 w/ SP1, build 3790.srv03_sp1
 # Microsoft Windows 2003 Server, version SBS 2003 Premium, just after Windows Server SP1 installed
@@ -13818,6 +13682,107 @@ T6(DF=N%W=0%ACK=O%Flags=R%Ops=)
 T7(DF=N%W=0%ACK=S++%Flags=AR%Ops=)
 PU(DF=N%TOS=0%IPLEN=B0%RIPTL=148%RID=E%RIPCK=E%UCK=E%ULEN=134%DAT=E)
 
+Fingerprint Microsoft Windows 2003 Server Standard Edition
+Class Microsoft | Windows | 2003/.NET | general purpose
+TSeq(Class=TR%gcd=<6%IPID=I)
+T1(DF=Y%W=402E%ACK=S++%Flags=AS%Ops=MNWNNT)
+T2(Resp=Y%DF=N%W=0%ACK=S%Flags=AR%Ops=)
+T3(Resp=Y%DF=Y%W=402E%ACK=S++%Flags=AS%Ops=MNWNNT)
+T4(DF=N%W=0%ACK=O%Flags=R%Ops=)
+T5(DF=N%W=0%ACK=S++%Flags=AR%Ops=)
+T6(DF=N%W=0%ACK=O%Flags=R%Ops=)
+T7(DF=N%W=0%ACK=S++%Flags=AR%Ops=)
+PU(DF=N%TOS=20%IPLEN=B0%RIPTL=148%RID=E|F%RIPCK=E%UCK=E%ULEN=134%DAT=E)
+
+Fingerprint Microsoft Windows 2003 Server Standard Edition
+Class Microsoft | Windows | 2003/.NET | general purpose
+TSeq(Class=TR%gcd=<6%IPID=I)
+T1(DF=Y%W=402E%ACK=S++%Flags=AS%Ops=MNWNNT)
+T2(Resp=Y%DF=N%W=400|C00%ACK=S%Flags=AR%Ops=WNMETL)
+T3(Resp=Y%DF=N%W=C00|400%ACK=S++%Flags=AR%Ops=WNMETL)
+T4(DF=N%W=1000|C00%ACK=S%Flags=AR%Ops=WNMETL)
+T5(DF=N%W=800|400%ACK=S++%Flags=AR%Ops=)
+T6(DF=N%W=C00|800%ACK=S%Flags=AR%Ops=WNMETL)
+T7(DF=N%W=400|1000%ACK=S++%Flags=AR%Ops=WNMETL)
+PU(DF=N%TOS=0%IPLEN=38%RIPTL=148%RID=E%RIPCK=E%UCK=E%ULEN=134%DAT=E)
+
+# Microsoft Windows 2003 Server Standard Edition (Build 3790.srv03_gdr.040410-1234)
+Fingerprint Microsoft Windows 2003 Server Standard Edition
+Class Microsoft | Windows | 2003/.NET | general purpose
+TSeq(Class=TR%gcd=<6)
+T1(DF=Y%W=402E%ACK=S++%Flags=AS%Ops=MNWNNT)
+T2(Resp=N)
+T3(Resp=Y%DF=Y%W=402E%ACK=S++%Flags=AS%Ops=MNWNNT)
+T4(DF=N%W=0%ACK=O%Flags=R%Ops=)
+T5(DF=Y%W=402E%ACK=S++%Flags=AS%Ops=MNWNNT)
+T6(DF=N%W=0%ACK=O%Flags=R%Ops=)
+T7(DF=N%W=0%ACK=S++%Flags=AR%Ops=)
+PU(Resp=N)
+
+# Windows 2003 standard edition version 5.2 build 3790.srv03_rtm.030324-2048 and lastest windows updates patches as november 9, 2004
+Fingerprint Microsoft Windows 2003 standard edition
+Class Microsoft | Windows | 2003/.NET | general purpose
+T1(DF=N%W=0%ACK=S++%Flags=AR%Ops=)
+T2(Resp=Y%DF=N%W=0%ACK=S%Flags=AR%Ops=)
+T3(Resp=Y%DF=N%W=0%ACK=O%Flags=AR%Ops=)
+T4(DF=N%W=0%ACK=O%Flags=R%Ops=)
+T5(DF=N%W=0%ACK=S++%Flags=AR%Ops=)
+T6(DF=N%W=0%ACK=O%Flags=R%Ops=)
+T7(DF=N%W=0%ACK=S++%Flags=AR%Ops=)
+PU(DF=N%TOS=0%IPLEN=B0%RIPTL=148%RID=E|F%RIPCK=E%UCK=E%ULEN=134%DAT=E)
+
+# Microsoft Windows Server 2003, No Service Packs build 3790.srv03_gdr.040410-1234
+Fingerprint Microsoft Windows Server 2003
+Class Microsoft | Windows | 2003/.NET | general purpose
+TSeq(Class=TR%gcd=<6%IPID=I)
+T1(DF=Y%W=5B4%ACK=S++%Flags=AS%Ops=MNWNNT)
+T2(Resp=Y%DF=N%W=0%ACK=S%Flags=AR%Ops=)
+T3(Resp=Y%DF=Y%W=5B4%ACK=S++%Flags=AS%Ops=MNWNNT)
+T4(DF=N%W=0%ACK=O%Flags=R%Ops=)
+T5(DF=N%W=0%ACK=S++%Flags=AR%Ops=)
+T6(DF=N%W=0%ACK=O%Flags=R%Ops=)
+T7(DF=N%W=0%ACK=S++%Flags=AR%Ops=)
+PU(DF=N%TOS=0%IPLEN=B0%RIPTL=148%RID=E%RIPCK=F%UCK=F%ULEN=134%DAT=E)
+
+# Microsoft Windows Server 2003 Enterprise Edition Version 5.2.3790
+Fingerprint Microsoft Windows Server 2003 Enterprise Edition
+Class Microsoft | Windows | 2003/.NET | general purpose
+TSeq(Class=TR%gcd=<6%IPID=I)
+T1(DF=Y%W=402E%ACK=S++%Flags=AS%Ops=MNWNNT)
+T2(Resp=Y%DF=N%W=0%ACK=S%Flags=AR%Ops=)
+T3(Resp=Y%DF=Y%W=402E%ACK=S++%Flags=AS%Ops=MNWNNT)
+T4(DF=N%W=0%ACK=O%Flags=R%Ops=)
+T5(DF=N%W=0%ACK=S++%Flags=AR%Ops=)
+T6(DF=N%W=0%ACK=O%Flags=R%Ops=)
+T7(DF=N%W=0%ACK=S++%Flags=AR%Ops=)
+PU(DF=N%TOS=10%IPLEN=B0%RIPTL=148%RID=E%RIPCK=E%UCK=E%ULEN=134%DAT=E)
+
+# Windows 5.2 (Build 3790.srv03_sp1_rtm.050324-1447 : Service Pack 1)
+# Windows Server 2003 SP1 all patches as of June-23-05
+Fingerprint Microsoft Windows 2003 Server SP1
+Class Microsoft | Windows | 2003/.NET | general purpose
+TSeq(Class=TR%gcd=<6%IPID=I)
+T1(DF=N%W=FAF0%ACK=S++%Flags=AS%Ops=MNWNNT)
+T2(Resp=Y%DF=N%W=0%ACK=S%Flags=AR%Ops=)
+T3(Resp=Y%DF=N%W=FAF0%ACK=S++%Flags=AS%Ops=MNWNNT)
+T4(DF=N%W=0%ACK=O%Flags=R%Ops=)
+T5(DF=N%W=0%ACK=S++%Flags=AR%Ops=)
+T6(DF=N%W=0%ACK=O%Flags=R%Ops=)
+T7(DF=N%W=0%ACK=S++%Flags=AR%Ops=)
+PU(DF=N%TOS=0%IPLEN=B0%RIPTL=148%RID=E%RIPCK=E%UCK=E%ULEN=134%DAT=E)
+
+Fingerprint Microsoft Windows 2003 Server Standart Edition SP1
+Class Microsoft | Windows | 2003/.NET | general purpose
+TSeq(Class=TR%gcd=<6%IPID=I)
+T1(DF=N%W=4000%ACK=S++%Flags=AS%Ops=MNWNNT)
+T2(Resp=Y%DF=N%W=0%ACK=S%Flags=AR%Ops=)
+T3(Resp=Y%DF=N%W=4000%ACK=S++%Flags=AS%Ops=MNWNNT)
+T4(DF=N%W=0%ACK=O%Flags=R%Ops=)
+T5(DF=N%W=0%ACK=S++%Flags=AR%Ops=)
+T6(DF=N%W=0%ACK=O%Flags=R%Ops=)
+T7(DF=N%W=0%ACK=S++%Flags=AR%Ops=)
+PU(DF=N%TOS=5C%IPLEN=B0%RIPTL=148%RID=E%RIPCK=E%UCK=E%ULEN=134%DAT=E)
+
 Fingerprint Microsoft Windows 3.1 with Trumpet Winsock 2.0 revision B
 Class Microsoft | Windows | 3.X | general purpose
 TSeq(Class=TD%gcd=10000%SI=<FF)
@@ -13906,6 +13871,18 @@ T6(DF=N%W=0%ACK=S++%Flags=R%Ops=)
 T7(DF=N%W=0%ACK=S++%Flags=AR%Ops=)
 PU(DF=N%TOS=0%IPLEN=38%RIPTL=148%RID=E%RIPCK=E%UCK=E%ULEN=134%DAT=E)
 
+Fingerprint Microsoft Windows 98
+Class Microsoft | Windows | 95/98/ME | general purpose
+TSeq(Class=TD%gcd=<6%SI=<1E%IPID=BI%TS=U)
+T1(DF=Y%W=7FFF%ACK=S++%Flags=AS%Ops=MNW)
+T2(Resp=Y%DF=N%W=0%ACK=S%Flags=AR%Ops=)
+T3(Resp=Y%DF=Y%W=7FFF%ACK=S++%Flags=AS%Ops=MNW)
+T4(DF=N%W=0%ACK=S++%Flags=R%Ops=)
+T5(DF=N%W=0%ACK=S++%Flags=AR%Ops=)
+T6(DF=N%W=0%ACK=S++%Flags=R%Ops=)
+T7(DF=N%W=0%ACK=S++%Flags=AR%Ops=)
+PU(DF=N%TOS=0%IPLEN=38%RIPTL=148%RID=E%RIPCK=E%UCK=F%ULEN=134%DAT=E)
+
 # Microsoft Windows 98 X86 No Service Pack
 # Microsoft Windows 98 4.10.1998
 Fingerprint Microsoft Windows 98 4.10.1998
@@ -13932,18 +13909,6 @@ T6(DF=N%W=0%ACK=S|O%Flags=R%Ops=)
 T7(DF=N%W=0%ACK=S++%Flags=AR%Ops=)
 PU(DF=N%TOS=0%IPLEN=38%RIPTL=148%RID=E%RIPCK=E%UCK=E%ULEN=134%DAT=E)
 
-Fingerprint Microsoft Windows 98
-Class Microsoft | Windows | 95/98/ME | general purpose
-TSeq(Class=TD%gcd=<6%SI=<1E%IPID=BI%TS=U)
-T1(DF=Y%W=7FFF%ACK=S++%Flags=AS%Ops=MNW)
-T2(Resp=Y%DF=N%W=0%ACK=S%Flags=AR%Ops=)
-T3(Resp=Y%DF=Y%W=7FFF%ACK=S++%Flags=AS%Ops=MNW)
-T4(DF=N%W=0%ACK=S++%Flags=R%Ops=)
-T5(DF=N%W=0%ACK=S++%Flags=AR%Ops=)
-T6(DF=N%W=0%ACK=S++%Flags=R%Ops=)
-T7(DF=N%W=0%ACK=S++%Flags=AR%Ops=)
-PU(DF=N%TOS=0%IPLEN=38%RIPTL=148%RID=E%RIPCK=E%UCK=F%ULEN=134%DAT=E)
-
 # Windows 98SE 4.10.2222A
 # Windows 98 4.10.1998
 Fingerprint Microsoft Windows 98 or 98SE
@@ -13958,20 +13923,6 @@ T6(DF=N%W=0%ACK=O%Flags=R%Ops=)
 T7(DF=N%W=0%ACK=S++%Flags=AR%Ops=)
 PU(DF=N%TOS=0%IPLEN=38%RIPTL=148%RID=E%RIPCK=E%UCK=E%ULEN=134%DAT=E)
 
-# Windows 98SE + unoffical service pack 1.6.1 (includes all cumulative patches and hotfixes)
-#                (http://exuberant.ms11.net/98sesp.html)
-Fingerprint Windows 98SE
-Class Microsoft | Windows | 95/98/ME | general purpose
-TSeq(Class=TD%gcd=<E2%SI=<1E%IPID=RPI%TS=U)
-T1(DF=Y%W=FFFF%ACK=S++%Flags=AS%Ops=M)
-T2(Resp=Y%DF=N%W=0%ACK=S%Flags=AR%Ops=)
-T3(Resp=Y%DF=Y%W=FFFF%ACK=S++%Flags=AS%Ops=M)
-T4(DF=N%W=0%ACK=O%Flags=R%Ops=)
-T5(DF=N%W=0%ACK=S++%Flags=AR%Ops=)
-T6(DF=N%W=0%ACK=O%Flags=R%Ops=)
-T7(DF=N%W=0%ACK=S++%Flags=AR%Ops=)
-PU(DF=N%TOS=0%IPLEN=38%RIPTL=148%RID=E%RIPCK=E%UCK=E%ULEN=134%DAT=E)
-
 Fingerprint Microsoft Windows 98 SP1
 Class Microsoft | Windows | 95/98/ME | general purpose
 TSeq(Class=TD%gcd=<5%SI=<20)
@@ -14036,35 +13987,6 @@ T6(DF=N%W=0%ACK=O%Flags=R%Ops=)
 T7(DF=N%W=0%ACK=S++%Flags=AR%Ops=)
 PU(DF=N%TOS=0%IPLEN=38%RIPTL=148%RID=E%RIPCK=E%UCK=E%ULEN=134%DAT=E)
 
-# Windows 98 SE, no service packs, on AMD Sempron 2.4 GHz
-Fingerprint Windows 98 SE
-Class Microsoft | Windows | 95/98/ME | general purpose
-TSeq(Class=RI%gcd=<6%SI=<1AA4&>D%IPID=RPI%TS=U)
-T1(DF=Y%W=FFFF%ACK=S++%Flags=AS%Ops=M)
-T2(Resp=Y%DF=N%W=0%ACK=S%Flags=AR%Ops=)
-T3(Resp=Y%DF=Y%W=FFFF%ACK=S++%Flags=AS%Ops=M)
-T4(DF=N%W=0%ACK=O%Flags=R%Ops=)
-T5(DF=N%W=0%ACK=S++%Flags=AR%Ops=)
-T6(DF=N%W=0%ACK=O%Flags=R%Ops=)
-T7(DF=N%W=0%ACK=S++%Flags=AR%Ops=)
-PU(DF=N%TOS=0%IPLEN=38%RIPTL=148%RID=E%RIPCK=E%UCK=E%ULEN=134%DAT=E)
-
-# Win 98 SE, 4.10.2222 A (fully WindowsUpdated)
-# Windows 98 Second Edition build 4.10.2222 A
-# Microsoft Windows 98SE, Version 4.10.2222
-# Windows 98SE 4.10.2222 A  Compaq OEM version Patched as of 1/2005
-Fingerprint Microsoft Windows 98SE 4.10.2222
-Class Microsoft | Windows | 95/98/ME | general purpose
-TSeq(Class=TD%gcd=<E4%SI=<14%IPID=BI|RPI%TS=U)
-T1(DF=Y%W=2017|2058|FAF0|FFFF%ACK=S++%Flags=AS%Ops=M)
-T2(Resp=Y%DF=N%W=0%ACK=S%Flags=AR%Ops=)
-T3(Resp=Y%DF=Y%W=2017|2058|FAF0|FFFF%ACK=S++%Flags=AS%Ops=M)
-T4(DF=N%W=0%ACK=O%Flags=R%Ops=)
-T5(DF=N%W=0%ACK=S++%Flags=AR%Ops=)
-T6(DF=N%W=0%ACK=O%Flags=R%Ops=)
-T7(DF=N%W=0%ACK=S++%Flags=AR%Ops=)
-PU(DF=N%TOS=0%IPLEN=38%RIPTL=148%RID=E%RIPCK=E%UCK=E%ULEN=134%DAT=E)
-
 # Microsoft Windows 98SE, no service packs
 Fingerprint Microsoft Windows 98SE
 Class Microsoft | Windows | 95/98/ME | general purpose
@@ -14089,6 +14011,22 @@ T6(DF=N%W=0%ACK=O%Flags=R%Ops=)
 T7(DF=N%W=0%ACK=S++%Flags=AR%Ops=)
 PU(Resp=N|Y)
 
+# Win 98 SE, 4.10.2222 A (fully WindowsUpdated)
+# Windows 98 Second Edition build 4.10.2222 A
+# Microsoft Windows 98SE, Version 4.10.2222
+# Windows 98SE 4.10.2222 A  Compaq OEM version Patched as of 1/2005
+Fingerprint Microsoft Windows 98SE 4.10.2222
+Class Microsoft | Windows | 95/98/ME | general purpose
+TSeq(Class=TD%gcd=<E4%SI=<14%IPID=BI|RPI%TS=U)
+T1(DF=Y%W=2017|2058|FAF0|FFFF%ACK=S++%Flags=AS%Ops=M)
+T2(Resp=Y%DF=N%W=0%ACK=S%Flags=AR%Ops=)
+T3(Resp=Y%DF=Y%W=2017|2058|FAF0|FFFF%ACK=S++%Flags=AS%Ops=M)
+T4(DF=N%W=0%ACK=O%Flags=R%Ops=)
+T5(DF=N%W=0%ACK=S++%Flags=AR%Ops=)
+T6(DF=N%W=0%ACK=O%Flags=R%Ops=)
+T7(DF=N%W=0%ACK=S++%Flags=AR%Ops=)
+PU(DF=N%TOS=0%IPLEN=38%RIPTL=148%RID=E%RIPCK=E%UCK=E%ULEN=134%DAT=E)
+
 # Microsoft Windows 98SE, service pack 1 installed, litepc installed (www.litepc.com)
 Fingerprint Microsoft Windows 98SE SP1
 Class Microsoft | Windows | 95/98/ME | general purpose
@@ -14194,6 +14132,62 @@ T6(DF=N%W=0%ACK=S++|O%Flags=R%Ops=)
 T7(DF=N%W=0%ACK=S++|S%Flags=AR%Ops=)
 PU(DF=N%TOS=0%IPLEN=38%RIPTL=148%RID=E%RIPCK=E%UCK=E|F%ULEN=134%DAT=E)
 
+# Windows 98 SE, no service packs, on AMD Sempron 2.4 GHz
+Fingerprint Microsoft Windows 98 SE
+Class Microsoft | Windows | 95/98/ME | general purpose
+TSeq(Class=RI%gcd=<6%SI=<1AA4&>D%IPID=RPI%TS=U)
+T1(DF=Y%W=FFFF%ACK=S++%Flags=AS%Ops=M)
+T2(Resp=Y%DF=N%W=0%ACK=S%Flags=AR%Ops=)
+T3(Resp=Y%DF=Y%W=FFFF%ACK=S++%Flags=AS%Ops=M)
+T4(DF=N%W=0%ACK=O%Flags=R%Ops=)
+T5(DF=N%W=0%ACK=S++%Flags=AR%Ops=)
+T6(DF=N%W=0%ACK=O%Flags=R%Ops=)
+T7(DF=N%W=0%ACK=S++%Flags=AR%Ops=)
+PU(DF=N%TOS=0%IPLEN=38%RIPTL=148%RID=E%RIPCK=E%UCK=E%ULEN=134%DAT=E)
+
+# Windows 98SE + unoffical service pack 1.6.1 (includes all cumulative patches and hotfixes)
+#                (http://exuberant.ms11.net/98sesp.html)
+Fingerprint Microsoft Windows 98SE
+Class Microsoft | Windows | 95/98/ME | general purpose
+TSeq(Class=TD%gcd=<E2%SI=<1E%IPID=RPI%TS=U)
+T1(DF=Y%W=FFFF%ACK=S++%Flags=AS%Ops=M)
+T2(Resp=Y%DF=N%W=0%ACK=S%Flags=AR%Ops=)
+T3(Resp=Y%DF=Y%W=FFFF%ACK=S++%Flags=AS%Ops=M)
+T4(DF=N%W=0%ACK=O%Flags=R%Ops=)
+T5(DF=N%W=0%ACK=S++%Flags=AR%Ops=)
+T6(DF=N%W=0%ACK=O%Flags=R%Ops=)
+T7(DF=N%W=0%ACK=S++%Flags=AR%Ops=)
+PU(DF=N%TOS=0%IPLEN=38%RIPTL=148%RID=E%RIPCK=E%UCK=E%ULEN=134%DAT=E)
+
+# Microaodr Windows XP Professional with SP! and latest Windows Update patches as of June 1, 2005
+Fingerprint Microsoft Windows XP Pro SP1
+Class Microsoft | Windows | NT/2K/XP | general purpose
+TSeq(Class=TR%gcd=<6%IPID=I%TS=U)
+T1(DF=Y%W=FAF0%ACK=S++%Flags=AS%Ops=MNW)
+T2(Resp=Y%DF=N%W=0%ACK=S%Flags=AR%Ops=)
+T3(Resp=Y%DF=Y%W=FAF0%ACK=S++%Flags=AS%Ops=MNW)
+T4(DF=N%W=0%ACK=O%Flags=R%Ops=)
+T5(DF=N%W=0%ACK=S++%Flags=AR%Ops=)
+T6(DF=N%W=0%ACK=O%Flags=R%Ops=)
+T7(DF=N%W=0%ACK=S++%Flags=AR%Ops=)
+PU(DF=N%TOS=0%IPLEN=38%RIPTL=148%RID=E%RIPCK=E%UCK=E%ULEN=134%DAT=E)
+
+# Microsoft Windows XP Professional (English) w/ SP2 (Build 2600.xpsp_sp2_rtm.040803-2158 : Service Pack 2)
+# Widows XP Professional (English UK) w/SP2 - latest patches as of 20 Dec 2004 - build 2600.xpsp_sp2_rtm.040803-2158
+# Microsoft Windows XP Home (French) w/SP2 build 2600.xpsp_sp2_rtm.040803-2158
+# Microsoft Windows XP Profesional (English) w/SP2 Ver 5.1 build 2600.xpsp_sp2_rtm.040803-2158 : Service Pack 2
+Fingerprint Microsoft Widows XP SP2
+Class Microsoft | Windows | NT/2K/XP | general purpose
+TSeq(Class=TR%gcd=<6%IPID=I%TS=U)
+T1(DF=Y%W=805C|88A4|FC94|FFFF%ACK=S++%Flags=AS%Ops=MNW)
+T2(Resp=Y%DF=N%W=0%ACK=S%Flags=AR%Ops=)
+T3(Resp=Y%DF=Y%W=805C|88A4|FC94|FFFF%ACK=S++%Flags=AS%Ops=MNW)
+T4(DF=N%W=0%ACK=O%Flags=R%Ops=)
+T5(DF=N%W=0%ACK=S++%Flags=AR%Ops=)
+T6(DF=N%W=0%ACK=O%Flags=R%Ops=)
+T7(DF=N%W=0%ACK=S++%Flags=AR%Ops=)
+PU(DF=N%TOS=0%IPLEN=B0%RIPTL=148%RID=E%RIPCK=E%UCK=E%ULEN=134%DAT=E)
+
 Fingerprint Microsoft Windows 2000 Advanced Server SP2
 Class Microsoft | Windows | NT/2K/XP | general purpose
 TSeq(Class=RI%gcd=<6%SI=<22FBA&>28B%IPID=I)
@@ -14244,19 +14238,6 @@ T6(DF=N%W=0%ACK=O%Flags=R%Ops=)
 T7(DF=N%W=0%ACK=S++%Flags=AR%Ops=)
 PU(DF=N%TOS=0%IPLEN=38%RIPTL=148%RID=E%RIPCK=E%UCK=E|F%ULEN=134%DAT=E)
 
-# Windows 2000 Advanced Server Version 5.0 (Build 2195: Service Pack 4)
-Fingerprint Windows 2000 AS SP4
-Class Microsoft | Windows | NT/2K/XP | general purpose
-TSeq(Class=TR%gcd=<6%IPID=I)
-T1(DF=Y%W=402E%ACK=S++%Flags=AS%Ops=MNWNNT)
-T2(Resp=Y%DF=N%W=800|400%ACK=S%Flags=AR%Ops=WNMETL)
-T3(Resp=Y%DF=N%W=C00|800%ACK=S++%Flags=AR%Ops=WNMETL)
-T4(DF=N%W=C00%ACK=S%Flags=AR%Ops=WNMETL)
-T5(DF=N%W=0%ACK=S++%Flags=AR%Ops=)
-T6(DF=N%W=400|800|C00%ACK=S%Flags=AR%Ops=WNMETL)
-T7(DF=N%W=1000|C00%ACK=S++%Flags=AR%Ops=WNMETL)
-PU(DF=N%TOS=0%IPLEN=38%RIPTL=148%RID=E%RIPCK=E%UCK=F%ULEN=134%DAT=E)
-
 Fingerprint Microsoft Windows 2000 AS SP4
 Class Microsoft | Windows | NT/2K/XP | general purpose
 TSeq(Class=RI%gcd=<6%SI=<7CE98&>6B7)
@@ -14281,6 +14262,20 @@ T6(DF=N%W=0%ACK=O%Flags=R%Ops=)
 T7(DF=N%W=0%ACK=S++%Flags=AR%Ops=)
 PU(DF=N%TOS=0|20|80%IPLEN=38%RIPTL=148%RID=E%RIPCK=E%UCK=E|F%ULEN=134%DAT=E)
 
+# Microsoft Windows 2000 Pro (Russian) SP2 with some antiworm patches (MS04-011 etc.), firewalled with wipfw (http://wipfw.sourceforge.net) dropping TCP_SYNFIN
+# MS Windows 2000 Professional Rus with SP2 with only Sasser etc. patches
+Fingerprint Microsoft Windows 2000 Pro (Russian) SP2
+Class Microsoft | Windows | NT/2K/XP | general purpose
+TSeq(Class=RI%gcd=<6%SI=<3073C&>393)
+T1(DF=Y%W=402E%ACK=S++%Flags=AS%Ops=MNWNNT)
+T2(Resp=Y%DF=N%W=0%ACK=S%Flags=AR%Ops=)
+T3(Resp=N)
+T4(DF=N%W=0%ACK=O%Flags=R%Ops=)
+T5(DF=N%W=0%ACK=S++%Flags=AR%Ops=)
+T6(DF=N%W=0%ACK=O%Flags=R%Ops=)
+T7(DF=N%W=0%ACK=S++%Flags=AR%Ops=)
+PU(DF=N%TOS=0%IPLEN=38%RIPTL=148%RID=E%RIPCK=E%UCK=E%ULEN=134%DAT=E)
+
 Fingerprint Microsoft Windows 2000 Pro RC1 or Windows 2000 Advanced Server Beta3
 Class Microsoft | Windows | NT/2K/XP | general purpose
 TSeq(Class=RI%gcd=<8%SI=<27D922&>65EE)
@@ -14307,21 +14302,6 @@ T6(DF=N%W=0%ACK=S++|O%Flags=R%Ops=)
 T7(DF=N%W=0%ACK=S++%Flags=AR%Ops=)
 PU(DF=N%TOS=0%IPLEN=38%RIPTL=148%RID=E%RIPCK=E%UCK=E%ULEN=134%DAT=E)
 
-# Microsoft Windows 2000 Pro SP2
-# Microsoft Windows XP Pro SP1
-# Microsoft Windows XP Professional, ver. 5.1 Build 2600.xpclnt_qfe.010827-1803
-Fingerprint Microsoft Windows 2000 SP2 or XP or XP SP1
-Class Microsoft | Windows | NT/2K/XP | general purpose
-TSeq(Class=RI%gcd=<6%SI=<327F6C&>3E9%IPID=I)
-T1(DF=Y%W=FD80%ACK=S++%Flags=AS%Ops=MNWNNT)
-T2(Resp=Y%DF=N%W=0%ACK=S%Flags=AR%Ops=)
-T3(Resp=Y%DF=Y%W=FD80%ACK=S++%Flags=AS%Ops=MNWNNT)
-T4(DF=N%W=0%ACK=O%Flags=R%Ops=)
-T5(DF=N%W=0%ACK=S++%Flags=AR%Ops=)
-T6(DF=N%W=0%ACK=O%Flags=R%Ops=)
-T7(DF=N%W=0%ACK=S++%Flags=AR%Ops=)
-PU(DF=N%TOS=0%IPLEN=38%RIPTL=148%RID=E%RIPCK=E%UCK=E%ULEN=134%DAT=E)
-
 # Windows 2000 Pro Build 2195 Service Pack 3
 Fingerprint Microsoft Windows 2000 Pro SP3
 Class Microsoft | Windows | NT/2K/XP | general purpose
@@ -14352,13 +14332,13 @@ T6(DF=N%W=0%ACK=O%Flags=R%Ops=)
 T7(DF=N%W=0%ACK=S++%Flags=AR%Ops=)
 PU(DF=N%TOS=0%IPLEN=38%RIPTL=148%RID=E%RIPCK=E%UCK=E%ULEN=134%DAT=E)
 
-# Microsoft Windows 2000 Server (Spanish) with SP4 build 2195
-Fingerprint Microsoft Windows 2000 Server SP4
+# MS Windows 2000 Professional w/SP4 build 2195
+Fingerprint Microsoft Windows 2000 Pro SP4
 Class Microsoft | Windows | NT/2K/XP | general purpose
-TSeq(Class=RI%gcd=<6%SI=<67DF4&>2FB%IPID=I)
-T1(DF=Y%W=402E%ACK=S++%Flags=A%Ops=NNT)
+TSeq(Class=RI%gcd=<6%SI=<29B6C&>2EF%IPID=I%TS=U)
+T1(DF=Y%W=FB06|FF70%ACK=S++%Flags=AS%Ops=MNW)
 T2(Resp=Y%DF=N%W=0%ACK=S%Flags=AR%Ops=)
-T3(Resp=Y%DF=Y%W=402E%ACK=S++%Flags=AS%Ops=MNWNNT)
+T3(Resp=Y%DF=Y%W=FB06|FF70%ACK=S++%Flags=AS%Ops=MNW)
 T4(DF=N%W=0%ACK=O%Flags=R%Ops=)
 T5(DF=N%W=0%ACK=S++%Flags=AR%Ops=)
 T6(DF=N%W=0%ACK=O%Flags=R%Ops=)
@@ -14439,6 +14419,89 @@ T6(DF=N%W=0%ACK=O%Flags=R%Ops=)
 T7(DF=N%W=0%ACK=S++%Flags=AR%Ops=)
 PU(DF=N%TOS=0%IPLEN=38%RIPTL=148%RID=E%RIPCK=E%UCK=E%ULEN=134%DAT=E)
 
+# Microsoft Windows 2000 Server (Spanish) with SP4 build 2195
+Fingerprint Microsoft Windows 2000 Server SP4
+Class Microsoft | Windows | NT/2K/XP | general purpose
+TSeq(Class=RI%gcd=<6%SI=<67DF4&>2FB%IPID=I)
+T1(DF=Y%W=402E%ACK=S++%Flags=A%Ops=NNT)
+T2(Resp=Y%DF=N%W=0%ACK=S%Flags=AR%Ops=)
+T3(Resp=Y%DF=Y%W=402E%ACK=S++%Flags=AS%Ops=MNWNNT)
+T4(DF=N%W=0%ACK=O%Flags=R%Ops=)
+T5(DF=N%W=0%ACK=S++%Flags=AR%Ops=)
+T6(DF=N%W=0%ACK=O%Flags=R%Ops=)
+T7(DF=N%W=0%ACK=S++%Flags=AR%Ops=)
+PU(DF=N%TOS=0%IPLEN=38%RIPTL=148%RID=E%RIPCK=E%UCK=E%ULEN=134%DAT=E)
+
+# Microsoft Windows 2000 server with SP4 and Windows Update patches as of January 14, 2005.
+# Microsoft Windows 2000 server with SP4 and latest Update Patches as of January 10 2005
+Fingerprint Microsoft Windows 2000 Server SP4
+Class Microsoft | Windows | NT/2K/XP | general purpose
+TSeq(Class=RI%gcd=<6%SI=<E76A8&>110C)
+T1(DF=Y%W=FFFF%ACK=S++%Flags=AS%Ops=MNWNNT)
+T2(Resp=Y%DF=N%W=0%ACK=S%Flags=AR%Ops=)
+T3(Resp=Y%DF=Y%W=FFFF%ACK=S++%Flags=AS%Ops=MNWNNT)
+T4(DF=N%W=0%ACK=O%Flags=R%Ops=)
+T5(DF=N%W=0%ACK=S++%Flags=AR%Ops=)
+T6(DF=N%W=0%ACK=O%Flags=R%Ops=)
+T7(DF=N%W=0%ACK=S|S++%Flags=AR%Ops=)
+PU(DF=N%TOS=C0|68%IPLEN=38%RIPTL=148%RID=E%RIPCK=E%UCK=E|F%ULEN=134%DAT=E)
+
+# Windows 2000 Server Edition Version 5.0 (Build 2195: Service Pack 4)
+Fingerprint Microsoft Windows 2000 Server SP4
+Class Microsoft | Windows | NT/2K/XP | general purpose
+TSeq(Class=RI%gcd=<6%SI=<21E62&>256%IPID=I)
+T1(DF=N%W=FFFF%ACK=S++%Flags=AS%Ops=MNWNNT)
+T2(Resp=Y%DF=N%W=0%ACK=S%Flags=AR%Ops=)
+T3(Resp=Y%DF=N%W=FFFF%ACK=S++%Flags=AS%Ops=MNWNNT)
+T4(DF=N%W=0%ACK=O%Flags=R%Ops=)
+T5(DF=N%W=0%ACK=S++%Flags=AR%Ops=)
+T6(DF=N%W=0%ACK=O%Flags=R%Ops=)
+T7(DF=N%W=0%ACK=S++%Flags=AR%Ops=)
+PU(DF=N%TOS=0%IPLEN=38%RIPTL=148%RID=E%RIPCK=F%UCK=F%ULEN=134%DAT=E)
+
+Fingerprint Microsoft Windows 2000 server SP4
+Class Microsoft | Windows | NT/2K/XP | general purpose
+TSeq(Class=RI%gcd=<6%SI=<DDB08&>6AA%IPID=I)
+T1(DF=Y%W=FFFF%ACK=S++%Flags=AS%Ops=MNWNNT)
+T2(Resp=Y%DF=N%W=800|400%ACK=S%Flags=AR%Ops=WNMETL)
+T3(Resp=Y%DF=N%W=800|C00%ACK=S++%Flags=AR%Ops=WNMETL)
+T4(DF=N%W=1000|800%ACK=S%Flags=AR%Ops=WNMETL)
+T5(DF=N%W=0%ACK=S++%Flags=AR%Ops=)
+T6(DF=N%W=1000|800%ACK=S%Flags=AR%Ops=WNMETL)
+T7(DF=N%W=C00|800%ACK=S++%Flags=AR%Ops=WNMETL)
+PU(DF=N%TOS=0%IPLEN=38%RIPTL=148%RID=E|F%RIPCK=E%UCK=E%ULEN=134%DAT=E)
+
+# Windows 2003 Standard build 3790
+# Microsoft Windows 2003/.NET Standard Edition
+# Windows 2000 Server with SP4 fully patched as of 10/8/04
+Fingerprint Microsoft Windows 2000 Server SP4 or 2003 Server Standard Edition
+Class Microsoft | Windows | NT/2K/XP | general purpose
+Class Microsoft | Windows | 2003/.NET | general purpose
+TSeq(Class=TR%gcd=<6%IPID=I)
+T1(DF=Y%W=402E|FFFF%ACK=S++%Flags=AS%Ops=MNWNNT|MNNT)
+T2(Resp=Y%DF=N%W=400|800|C00|1000%ACK=S%Flags=AR%Ops=WNMETL)
+T3(Resp=Y%DF=N%W=400|800|C00|1000%ACK=S++%Flags=AR%Ops=WNMETL)
+T4(DF=N%W=400|800|C00|1000%ACK=S%Flags=AR%Ops=WNMETL)
+T5(DF=N%W=0%ACK=S++%Flags=AR%Ops=)
+T6(DF=N%W=400|800|C00|1000%ACK=S%Flags=AR%Ops=WNMETL)
+T7(DF=N%W=400|800|C00|1000%ACK=S++%Flags=AR%Ops=WNMETL)
+PU(DF=N%TOS=0%IPLEN=B0%RIPTL=148%RID=E|F%RIPCK=E%UCK=E|F%ULEN=134%DAT=E)
+
+# Microsoft Windows 2000 server with SP4 and no other updates
+# Windows 2000 Server SP 4 + ALL patches at 25 Sep. 2003
+# Windows XP Pro SP1 and latest Windows Update patches as of Oct 04, 2004
+Fingerprint Microsoft Windows 2000 Server SP4 or XP SP1
+Class Microsoft | Windows | NT/2K/XP | general purpose
+TSeq(Class=RI%gcd=<6%SI=<2B430&>5AD%IPID=I)
+T1(DF=Y%W=FA00|FFFF%ACK=S++%Flags=AS%Ops=MNWNNT)
+T2(Resp=Y%DF=N%W=C00|400|1000%ACK=S%Flags=AR%Ops=WNMETL)
+T3(Resp=Y%DF=N%W=C00|800%ACK=S++%Flags=AR%Ops=WNMETL)
+T4(DF=N%W=400|1000%ACK=S%Flags=AR%Ops=WNMETL)
+T5(DF=N%W=0%ACK=S++%Flags=AR%Ops=)
+T6(DF=N%W=C00|400%ACK=S%Flags=AR%Ops=WNMETL)
+T7(DF=N%W=1000|C00%ACK=S++%Flags=AR%Ops=WNMETL)
+PU(DF=N%TOS=0%IPLEN=38%RIPTL=148%RID=E|F%RIPCK=E%UCK=F%ULEN=134%DAT=E)
+
 Fingerprint Microsoft Windows 2000 SP1
 Class Microsoft | Windows | NT/2K/XP | general purpose
 TSeq(Class=RI%gcd=<6%SI=<1F216&>251%IPID=I)
@@ -14489,20 +14552,6 @@ T6(DF=N%W=0%ACK=O%Flags=R%Ops=)
 T7(DF=N%W=0%ACK=S++%Flags=AR%Ops=)
 PU(DF=N%TOS=0%IPLEN=38%RIPTL=148%RID=E%RIPCK=E%UCK=E%ULEN=134%DAT=E)
 
-# Microsoft Windows 2000 Pro (Russian) SP2 with some antiworm patches (MS04-011 etc.), firewalled with wipfw (http://wipfw.sourceforge.net) dropping TCP_SYNFIN
-# MS Windows 2000 Professional Rus with SP2 with only Sasser etc. patches
-Fingerprint Microsoft Windows 2000 Pro (Russian) SP2
-Class Microsoft | Windows | NT/2K/XP | general purpose
-TSeq(Class=RI%gcd=<6%SI=<3073C&>393)
-T1(DF=Y%W=402E%ACK=S++%Flags=AS%Ops=MNWNNT)
-T2(Resp=Y%DF=N%W=0%ACK=S%Flags=AR%Ops=)
-T3(Resp=N)
-T4(DF=N%W=0%ACK=O%Flags=R%Ops=)
-T5(DF=N%W=0%ACK=S++%Flags=AR%Ops=)
-T6(DF=N%W=0%ACK=O%Flags=R%Ops=)
-T7(DF=N%W=0%ACK=S++%Flags=AR%Ops=)
-PU(DF=N%TOS=0%IPLEN=38%RIPTL=148%RID=E%RIPCK=E%UCK=E%ULEN=134%DAT=E)
-
 Fingerprint Microsoft Windows 2000 SP2
 Class Microsoft | Windows | NT/2K/XP | general purpose
 TSeq(Class=RI%gcd=<6%SI=<2FE90&>6F9%IPID=I%TS=U)
@@ -14527,6 +14576,21 @@ T6(DF=N%W=0%ACK=O%Flags=R%Ops=)
 T7(DF=N%W=0%ACK=S++%Flags=AR%Ops=)
 PU(DF=N%TOS=0%IPLEN=38%RIPTL=148%RID=E%RIPCK=E%UCK=E%ULEN=134%DAT=E)
 
+# Microsoft Windows 2000 Pro SP2
+# Microsoft Windows XP Pro SP1
+# Microsoft Windows XP Professional, ver. 5.1 Build 2600.xpclnt_qfe.010827-1803
+Fingerprint Microsoft Windows 2000 SP2 or XP or XP SP1
+Class Microsoft | Windows | NT/2K/XP | general purpose
+TSeq(Class=RI%gcd=<6%SI=<327F6C&>3E9%IPID=I)
+T1(DF=Y%W=FD80%ACK=S++%Flags=AS%Ops=MNWNNT)
+T2(Resp=Y%DF=N%W=0%ACK=S%Flags=AR%Ops=)
+T3(Resp=Y%DF=Y%W=FD80%ACK=S++%Flags=AS%Ops=MNWNNT)
+T4(DF=N%W=0%ACK=O%Flags=R%Ops=)
+T5(DF=N%W=0%ACK=S++%Flags=AR%Ops=)
+T6(DF=N%W=0%ACK=O%Flags=R%Ops=)
+T7(DF=N%W=0%ACK=S++%Flags=AR%Ops=)
+PU(DF=N%TOS=0%IPLEN=38%RIPTL=148%RID=E%RIPCK=E%UCK=E%ULEN=134%DAT=E)
+
 # base on msg 1039
 # Microsoft Windows 2000 SP2 with Hotfix Q300972, Q301625
 Fingerprint Microsoft Windows 2000 SP2 with Hotfix (Pre-SP3)
@@ -14618,18 +14682,6 @@ T6(DF=N%W=0%ACK=O%Flags=R%Ops=)
 T7(DF=N%W=0%ACK=S++%Flags=AR%Ops=)
 PU(DF=N%TOS=0|D0%IPLEN=38%RIPTL=148%RID=E%RIPCK=E%UCK=E%ULEN=134%DAT=E)
 
-Fingerprint MS Windows 2000 Server SP3
-Class Microsoft | Windows || general purpose
-TSeq(Class=RI%gcd=<6%SI=<30714&>2A7%IPID=I)
-T1(DF=Y%W=2DA0%ACK=S++%Flags=AS%Ops=MNWNNT)
-T2(Resp=Y%DF=N%W=0%ACK=S%Flags=AR%Ops=)
-T3(Resp=Y%DF=Y%W=2DA0%ACK=S++%Flags=AS%Ops=MNWNNT)
-T4(DF=N%W=0%ACK=O%Flags=R%Ops=)
-T5(DF=N%W=0%ACK=S++%Flags=AR%Ops=)
-T6(DF=N%W=0%ACK=O%Flags=R%Ops=)
-T7(DF=N%W=0%ACK=S++%Flags=AR%Ops=)
-PU(DF=N%TOS=0%IPLEN=38%RIPTL=148%RID=E%RIPCK=E%UCK=E%ULEN=134%DAT=E)
-
 # Microsoft Windows 2000 SP3
 Fingerprint Microsoft Windows 2000 SP3
 Class Microsoft | Windows | NT/2K/XP | general purpose
@@ -14680,60 +14732,18 @@ T6(DF=N%W=0%ACK=O%Flags=R%Ops=)
 T7(DF=N%W=0%ACK=S++%Flags=AR%Ops=)
 PU(DF=N%TOS=80%IPLEN=38%RIPTL=148%RID=E%RIPCK=E%UCK=F%ULEN=134%DAT=E)
 
-# Microsoft Windows 2000 server with SP4 and Windows Update patches as of January 14, 2005.
-# Microsoft Windows 2000 server with SP4 and latest Update Patches as of January 10 2005
-Fingerprint Microsoft Windows 2000 Server SP4
+# MS Windows 2000: v5.00.2195: SP4
+Fingerprint Microsoft Windows 2000 SP4
 Class Microsoft | Windows | NT/2K/XP | general purpose
-TSeq(Class=RI%gcd=<6%SI=<E76A8&>110C)
-T1(DF=Y%W=FFFF%ACK=S++%Flags=AS%Ops=MNWNNT)
-T2(Resp=Y%DF=N%W=0%ACK=S%Flags=AR%Ops=)
-T3(Resp=Y%DF=Y%W=FFFF%ACK=S++%Flags=AS%Ops=MNWNNT)
-T4(DF=N%W=0%ACK=O%Flags=R%Ops=)
+TSeq(Class=TR%gcd=<6)
+T1(DF=Y%W=402E%ACK=S++%Flags=AS%Ops=MNWNNT)
+T2(Resp=Y%DF=N%W=400|1000|800%ACK=S%Flags=AR%Ops=WNMETL)
+T3(Resp=Y%DF=N%W=400|800|C00%ACK=S++%Flags=AR%Ops=WNMETL)
+T4(DF=N%W=400%ACK=S%Flags=AR%Ops=WNMETL)
 T5(DF=N%W=0%ACK=S++%Flags=AR%Ops=)
-T6(DF=N%W=0%ACK=O%Flags=R%Ops=)
-T7(DF=N%W=0%ACK=S|S++%Flags=AR%Ops=)
-PU(DF=N%TOS=C0|68%IPLEN=38%RIPTL=148%RID=E%RIPCK=E%UCK=E|F%ULEN=134%DAT=E)
-
-# Fingerprint Windows 2000 build 5.00.2195 SP4
-Fingerprint Windows 2000 SP4
-Class Microsoft | Windows | NT/2K/XP | general purpose
-TSeq(Class=RI%gcd=<8%SI=<78816&>95%IPID=I)
-T1(DF=Y%W=FFFF%ACK=S++%Flags=AS%Ops=MNWNNT)
-T2(Resp=N)
-T3(Resp=Y%DF=Y%W=FFFF%ACK=S++%Flags=AS%Ops=MNWNNT)
-T4(DF=N%W=0%ACK=O%Flags=R%Ops=)
-T5(DF=Y%W=0%ACK=S++%Flags=AR%Ops=)
-T6(Resp=N)
-T7(Resp=N)
-PU(DF=N%TOS=C0%IPLEN=164%RIPTL=148%RID=E%RIPCK=E%UCK=E%ULEN=134%DAT=E)
-
-# Windows 2000 Server Edition Version 5.0 (Build 2195: Service Pack 4)
-Fingerprint Microsoft Windows 2000 Server SP4
-Class Microsoft | Windows | NT/2K/XP | general purpose
-TSeq(Class=RI%gcd=<6%SI=<21E62&>256%IPID=I)
-T1(DF=N%W=FFFF%ACK=S++%Flags=AS%Ops=MNWNNT)
-T2(Resp=Y%DF=N%W=0%ACK=S%Flags=AR%Ops=)
-T3(Resp=Y%DF=N%W=FFFF%ACK=S++%Flags=AS%Ops=MNWNNT)
-T4(DF=N%W=0%ACK=O%Flags=R%Ops=)
-T5(DF=N%W=0%ACK=S++%Flags=AR%Ops=)
-T6(DF=N%W=0%ACK=O%Flags=R%Ops=)
-T7(DF=N%W=0%ACK=S++%Flags=AR%Ops=)
-PU(DF=N%TOS=0%IPLEN=38%RIPTL=148%RID=E%RIPCK=F%UCK=F%ULEN=134%DAT=E)
-
-# Microsoft Windows 2000 server with SP4 and no other updates
-# Windows 2000 Server SP 4 + ALL patches at 25 Sep. 2003
-# Windows XP Pro SP1 and latest Windows Update patches as of Oct 04, 2004
-Fingerprint Microsoft Windows 2000 Server SP4 or XP SP1
-Class Microsoft | Windows | NT/2K/XP | general purpose
-TSeq(Class=RI%gcd=<6%SI=<2B430&>5AD%IPID=I)
-T1(DF=Y%W=FA00|FFFF%ACK=S++%Flags=AS%Ops=MNWNNT)
-T2(Resp=Y%DF=N%W=C00|400|1000%ACK=S%Flags=AR%Ops=WNMETL)
-T3(Resp=Y%DF=N%W=C00|800%ACK=S++%Flags=AR%Ops=WNMETL)
-T4(DF=N%W=400|1000%ACK=S%Flags=AR%Ops=WNMETL)
-T5(DF=N%W=0%ACK=S++%Flags=AR%Ops=)
-T6(DF=N%W=C00|400%ACK=S%Flags=AR%Ops=WNMETL)
-T7(DF=N%W=1000|C00%ACK=S++%Flags=AR%Ops=WNMETL)
-PU(DF=N%TOS=0%IPLEN=38%RIPTL=148%RID=E|F%RIPCK=E%UCK=F%ULEN=134%DAT=E)
+T6(DF=N%W=400|C00|800%ACK=S%Flags=AR%Ops=WNMETL)
+T7(DF=N%W=1000%ACK=S++%Flags=AR%Ops=WNMETL)
+PU(DF=N%TOS=0%IPLEN=38%RIPTL=148%RID=E|F%RIPCK=E%UCK=E%ULEN=134%DAT=E)
 
 # Microsoft Windows 2000 with SP4 ( version 5.0 (build 2195: sp 4) )
 Fingerprint Microsoft Windows 2000 SP4
@@ -14748,18 +14758,6 @@ T6(DF=N%W=0%ACK=O%Flags=R%Ops=)
 T7(DF=N%W=0%ACK=S++%Flags=AR%Ops=)
 PU(DF=N%TOS=0%IPLEN=38%RIPTL=148%RID=E%RIPCK=E%UCK=F%ULEN=134%DAT=E)
 
-Fingerprint Microsoft Windows 2000 server SP4
-Class Microsoft | Windows | NT/2K/XP | general purpose
-TSeq(Class=RI%gcd=<6%SI=<DDB08&>6AA%IPID=I)
-T1(DF=Y%W=FFFF%ACK=S++%Flags=AS%Ops=MNWNNT)
-T2(Resp=Y%DF=N%W=800|400%ACK=S%Flags=AR%Ops=WNMETL)
-T3(Resp=Y%DF=N%W=800|C00%ACK=S++%Flags=AR%Ops=WNMETL)
-T4(DF=N%W=1000|800%ACK=S%Flags=AR%Ops=WNMETL)
-T5(DF=N%W=0%ACK=S++%Flags=AR%Ops=)
-T6(DF=N%W=1000|800%ACK=S%Flags=AR%Ops=WNMETL)
-T7(DF=N%W=C00|800%ACK=S++%Flags=AR%Ops=WNMETL)
-PU(DF=N%TOS=0%IPLEN=38%RIPTL=148%RID=E|F%RIPCK=E%UCK=E%ULEN=134%DAT=E)
-
 # Windows 2000 Pro 5.00.2195 SP4 incl. latest Hotfixes till 30.12.2004
 # Microsoft Windows 2000 build 2195 SP 4
 Fingerprint Microsoft Windows 2000 SP4
@@ -14811,6 +14809,20 @@ T6(DF=N%W=0%ACK=O%Flags=R%Ops=)
 T7(DF=N%W=0%ACK=S++%Flags=AR%Ops=)
 PU(DF=N%TOS=0%IPLEN=38%RIPTL=148%RID=E%RIPCK=E%UCK=E%ULEN=134%DAT=E)
 
+# Microsoft Windows 2000 SP4 and latest Windows Update patches as of Sept 26, 2003 running BlackICE
+# Microsoft Windows XP Pro with SP1 and latest Windows Update patches as of September 01, 2003
+Fingerprint Microsoft Windows 2000 SP4 or Windows XP SP1
+Class Microsoft | Windows | NT/2K/XP | general purpose
+TSeq(Class=RI%gcd=<6%SI=<1E58A2&>1517)
+T1(DF=Y%W=2238|FFFF%ACK=S++%Flags=AS%Ops=MNWNNT)
+T2(Resp=N)
+T3(Resp=N)
+T4(DF=N%W=0%ACK=O%Flags=R%Ops=)
+T5(DF=N%W=0%ACK=S++%Flags=AR%Ops=)
+T6(DF=N%W=0%ACK=O%Flags=R%Ops=)
+T7(Resp=N)
+PU(DF=N%TOS=0%IPLEN=38%RIPTL=148%RID=E%RIPCK=E%UCK=E%ULEN=134%DAT=E)
+
 # base on msg 2213(-2210), 2378, 2473, 2476, 2174, 2153, 1942, 1955
 # Microsoft Windows 2000 Pro (German) with SP4 build 2195 and latest Windows Update patches (2005.5.19)
 # Windows 2000 terminal version 5.0 build 2195 service pack 4
@@ -14830,58 +14842,26 @@ T6(DF=N%W=0%ACK=O%Flags=R%Ops=)
 T7(DF=N%W=0%ACK=S++%Flags=AR%Ops=)
 PU(DF=N%TOS=0%IPLEN=38%RIPTL=148%RID=E%RIPCK=E%UCK=E%ULEN=134%DAT=E)
 
-# MS Windows 2000 Professional w/SP4 build 2195
-Fingerprint Microsoft Windows 2000 Pro SP4
-Class Microsoft | Windows | NT/2K/XP | general purpose
-TSeq(Class=RI%gcd=<6%SI=<29B6C&>2EF%IPID=I%TS=U)
-T1(DF=Y%W=FB06|FF70%ACK=S++%Flags=AS%Ops=MNW)
-T2(Resp=Y%DF=N%W=0%ACK=S%Flags=AR%Ops=)
-T3(Resp=Y%DF=Y%W=FB06|FF70%ACK=S++%Flags=AS%Ops=MNW)
-T4(DF=N%W=0%ACK=O%Flags=R%Ops=)
-T5(DF=N%W=0%ACK=S++%Flags=AR%Ops=)
-T6(DF=N%W=0%ACK=O%Flags=R%Ops=)
-T7(DF=N%W=0%ACK=S++%Flags=AR%Ops=)
-PU(DF=N%TOS=0%IPLEN=38%RIPTL=148%RID=E%RIPCK=E%UCK=E%ULEN=134%DAT=E)
-
-# Windows 2000 Version 5.0 Build 2195 SP 4 X86
-Fingerprint Windows 2000 SP4
+# Microsoft Windows Server 2003 Standard Edition
+# Microsoft Windows 2003 standard edition Version 5.2 (Build 3790.srv03_gdr.040410-1234)
+# Microsoft Windows 2003 Server with SP1
+# Windows server 2003 enterprise sp1 + hotfixes (build 3790.srv30_sp1_rtm.050324-1447 : Service Pack 1)
+# Windows 2003 Enterprise SP1 Version 5.2 (Build 3790.srv03_sp1_rc1.041202-1618 : +Service Pack 1, v.1)
+# Microsoft Windows XP Professional /w SP2 build 2600.xpsp_sp2_rtm.040803-2158
+# Microsoft Windows 2003 Standard Edition SP1 Updated through June 19th 2005
+# Windows Server 2003 Enterprise Edition (Version 5.2 Build 3790.srv03_sp1_rtm.050324-1447 : +Service Pack 1)
+Fingerprint Microsoft Windows 2003 Server, 2003 Server SP1 or XP Pro SP2
 Class Microsoft | Windows | NT/2K/XP | general purpose
+Class Microsoft | Windows | 2003/.NET | general purpose
 TSeq(Class=TR%gcd=<6%IPID=I)
-T1(DF=Y%W=4204|FFAF%ACK=S++%Flags=AS%Ops=MNWNNT)
+T1(DF=N%W=4000|402E%ACK=S++%Flags=AS%Ops=MNWNNT)
 T2(Resp=Y%DF=N%W=0%ACK=S%Flags=AR%Ops=)
-T3(Resp=Y%DF=Y%W=4204|FFAF%ACK=S++%Flags=AS%Ops=MNWNNT)
+T3(Resp=Y%DF=N%W=4000|402E%ACK=S++%Flags=AS%Ops=MNWNNT)
 T4(DF=N%W=0%ACK=O%Flags=R%Ops=)
 T5(DF=N%W=0%ACK=S++%Flags=AR%Ops=)
 T6(DF=N%W=0%ACK=O%Flags=R%Ops=)
 T7(DF=N%W=0%ACK=S++%Flags=AR%Ops=)
-PU(DF=N%TOS=0%IPLEN=38%RIPTL=148%RID=E%RIPCK=E%UCK=E%ULEN=134%DAT=E)
-
-# Windows Version 5.0 build 2195 SP 4
-Fingerprint Windows 2000 SP4
-Class Microsoft | Windows | NT/2K/XP | general purpose
-TSeq(Class=TR%gcd=<6%IPID=I)
-T1(DF=Y%W=7FFF|832C|FA00%ACK=S++%Flags=AS%Ops=MNWNNT)
-T2(Resp=Y%DF=N%W=0%ACK=S%Flags=AR%Ops=)
-T3(Resp=Y%DF=Y%W=7FFF|832C|FA00%ACK=S++|O%Flags=AS|A%Ops=MNWNNT|NNT)
-T4(DF=N%W=0%ACK=O%Flags=R%Ops=)
-T5(DF=N%W=0%ACK=S++%Flags=AR%Ops=)
-T6(DF=N%W=0%ACK=O%Flags=R%Ops=)
-T7(DF=N%W=0%ACK=S++%Flags=AR%Ops=)
-PU(DF=N%TOS=0%IPLEN=38%RIPTL=148%RID=E%RIPCK=E%UCK=E%ULEN=134%DAT=E)
-
-# Microsoft Windows 2000 SP4 and latest Windows Update patches as of Sept 26, 2003 running BlackICE
-# Microsoft Windows XP Pro with SP1 and latest Windows Update patches as of September 01, 2003
-Fingerprint Microsoft Windows 2000 SP4 or Windows XP SP1
-Class Microsoft | Windows | NT/2K/XP | general purpose
-TSeq(Class=RI%gcd=<6%SI=<1E58A2&>1517)
-T1(DF=Y%W=2238|FFFF%ACK=S++%Flags=AS%Ops=MNWNNT)
-T2(Resp=N)
-T3(Resp=N)
-T4(DF=N%W=0%ACK=O%Flags=R%Ops=)
-T5(DF=N%W=0%ACK=S++%Flags=AR%Ops=)
-T6(DF=N%W=0%ACK=O%Flags=R%Ops=)
-T7(Resp=N)
-PU(DF=N%TOS=0%IPLEN=38%RIPTL=148%RID=E%RIPCK=E%UCK=E%ULEN=134%DAT=E)
+PU(DF=N%TOS=0%IPLEN=B0%RIPTL=148%RID=E%RIPCK=E%UCK=E%ULEN=134%DAT=E)
 
 #  Microsoft Windows 2000 with Service Pack 3
 # Microsoft Windows XP Pro with SP1 and latest Windows Update patches as of February 1st, 2003
@@ -15070,20 +15050,6 @@ T6(DF=N%W=C00|1000|400%ACK=S%Flags=AR%Ops=WNMETL)
 T7(DF=N%W=C00|400%ACK=S++%Flags=AR%Ops=WNMETL)
 PU(DF=N%TOS=0%IPLEN=38%RIPTL=148%RID=E%RIPCK=E%UCK=E%ULEN=134%DAT=E)
 
-# Windows NT 4.0 Service pack 6 w/exchange 5.5
-# Microsoft Windows NT 4.0 service pack 6 (English)
-Fingerprint Windows NT 4.0 SP6
-Class Microsoft | Windows | NT/2K/XP | general purpose
-TSeq(Class=RI%gcd=<8%SI=<1F9C8&>FA%IPID=BI|RPI|RD%TS=U)
-T1(DF=Y%W=2017%ACK=S++%Flags=AS%Ops=M)
-T2(Resp=N)
-T3(Resp=N)
-T4(DF=N%W=0%ACK=O%Flags=R%Ops=)
-T5(DF=N%W=0%ACK=S++%Flags=AR%Ops=)
-T6(DF=N%W=0%ACK=O%Flags=R%Ops=)
-T7(Resp=N)
-PU(DF=N%TOS=0%IPLEN=38%RIPTL=148%RID=E%RIPCK=E%UCK=E%ULEN=134%DAT=E)
-
 # Microsoft Windows XP [Version 5.1.2600]
 Fingerprint Microsoft Windows XP
 Class Microsoft | Windows | NT/2K/XP | general purpose
@@ -15097,6 +15063,32 @@ T6(DF=N%W=400|800%ACK=S%Flags=AR%Ops=)
 T7(DF=N%W=800|C00%ACK=S++%Flags=AR%Ops=)
 PU(Resp=N)
 
+# Microsoft Windows XP Home (English) w/SP2 build 2600.xps_p2_gdr.050301:1519
+Fingerprint Microsoft Windows XP Home (English) w/SP2
+Class Microsoft | Windows | NT/2K/XP | general purpose
+TSeq(Class=TR%gcd=<6)
+T1(DF=Y%W=FFFF%ACK=S++%Flags=AS%Ops=MNWNNT)
+T2(Resp=N)
+T3(Resp=N)
+T4(DF=N%W=800|1000|400%ACK=S%Flags=AR%Ops=WNMETL)
+T5(DF=N%W=0%ACK=S++%Flags=AR%Ops=)
+T6(DF=N%W=1000|800%ACK=S%Flags=AR%Ops=WNMETL)
+T7(Resp=N)
+PU(DF=N%TOS=0%IPLEN=B0%RIPTL=148%RID=F%RIPCK=E%UCK=F%ULEN=134%DAT=E)
+
+# Microsoft Windows XP Version 5.1 Home German SP2 (Build 2600.xpsp_sp2_rtm.040803-2158 : SP2), latest Updates as of Oct 27, 2004
+Fingerprint Microsoft Windows XP Home (German) SP2
+Class Microsoft | Windows | NT/2K/XP | general purpose
+TSeq(Class=TR%gcd=<6%IPID=I)
+T1(DF=N%W=805C%ACK=S++%Flags=AS%Ops=MNWNNT)
+T2(Resp=N)
+T3(Resp=N)
+T4(Resp=N)
+T5(DF=N%W=0%ACK=S++%Flags=AR%Ops=)
+T6(DF=N%W=0%ACK=O%Flags=R%Ops=)
+T7(Resp=N)
+PU(DF=N%TOS=0%IPLEN=B0%RIPTL=148%RID=E%RIPCK=E%UCK=E%ULEN=134%DAT=E)
+
 Fingerprint Microsoft Windows XP Home Edition
 Class Microsoft | Windows | NT/2K/XP | general purpose
 TSeq(Class=RI%gcd=<6%SI=<23C4E&>330%IPID=I%TS=U)
@@ -15151,61 +15143,6 @@ T6(DF=N%W=0%ACK=O%Flags=R%Ops=)
 T7(Resp=N)
 PU(DF=N%TOS=0%IPLEN=38%RIPTL=148%RID=E%RIPCK=E%UCK=E%ULEN=134%DAT=E)
 
-# Microsoft Windows XP Home (English) w/SP2 build 2600.xps_p2_gdr.050301:1519
-Fingerprint Microsoft Windows XP Home (English) w/SP2
-Class Microsoft | Windows | NT/2K/XP | general purpose
-TSeq(Class=TR%gcd=<6)
-T1(DF=Y%W=FFFF%ACK=S++%Flags=AS%Ops=MNWNNT)
-T2(Resp=N)
-T3(Resp=N)
-T4(DF=N%W=800|1000|400%ACK=S%Flags=AR%Ops=WNMETL)
-T5(DF=N%W=0%ACK=S++%Flags=AR%Ops=)
-T6(DF=N%W=1000|800%ACK=S%Flags=AR%Ops=WNMETL)
-T7(Resp=N)
-PU(DF=N%TOS=0%IPLEN=B0%RIPTL=148%RID=F%RIPCK=E%UCK=F%ULEN=134%DAT=E)
-
-# bsed on msg 2236, 1304
-# Microsoft R Windows Version 5.1 (Build 2600.xpsp2.040919-1003 : Service Pack 1)
-# MS Windows XP version 5.1 (no. 2600 xpsp2.040919-1003: Service Pack 1)
-Fingerprint Microsoft Windows XP Pro SP1
-Class Microsoft | Windows | NT/2K/XP | general purpose
-TSeq(Class=RI%gcd=<6%SI=<2553A&>42E%IPID=I)
-T1(DF=Y%W=8000%ACK=S++%Flags=AS%Ops=MNNT)
-T2(DF=N%W=0%ACK=S%Flags=AR%Ops=)
-T3(Resp=Y%DF=Y%W=8000%ACK=S++%Flags=AS%Ops=MNNT)
-T4(DF=N%W=0%ACK=O%Flags=R%Ops=)
-T5(DF=N%W=0%ACK=S++%Flags=AR%Ops=)
-T6(DF=N%W=0%ACK=O%Flags=R%Ops=)
-T7(DF=N%W=0%ACK=S++%Flags=AR%Ops=)
-PU(DF=N%TOS=0%IPLEN=38%RIPTL=148%RID=E%RIPCK=E%UCK=E%ULEN=134%DAT=E)
-
-# Microaodr Windows XP Professional with SP! and latest Windows Update patches as of June 1, 2005
-Fingerprint Microaodr Windows XP Pro SP1
-Class Microsoft | Windows | NT/2K/XP | general purpose
-TSeq(Class=TR%gcd=<6%IPID=I%TS=U)
-T1(DF=Y%W=FAF0%ACK=S++%Flags=AS%Ops=MNW)
-T2(Resp=Y%DF=N%W=0%ACK=S%Flags=AR%Ops=)
-T3(Resp=Y%DF=Y%W=FAF0%ACK=S++%Flags=AS%Ops=MNW)
-T4(DF=N%W=0%ACK=O%Flags=R%Ops=)
-T5(DF=N%W=0%ACK=S++%Flags=AR%Ops=)
-T6(DF=N%W=0%ACK=O%Flags=R%Ops=)
-T7(DF=N%W=0%ACK=S++%Flags=AR%Ops=)
-PU(DF=N%TOS=0%IPLEN=38%RIPTL=148%RID=E%RIPCK=E%UCK=E%ULEN=134%DAT=E)
-
-# Microsoft Windows Version 5.1 Build 2600.xpsp2.030825-2117: Service Pack 1
-# Microsoft Windows XP Pro SP1 build 2600, latest windows updates (march 27, 2005)
-Fingerprint MS Windows XP Pro SP1
-Class Microsoft | Windows | NT/2K/XP | general purpose
-TSeq(Class=RI%gcd=<6%SI=<1B1AC&>29E%IPID=I%TS=U)
-T1(DF=N%W=2000|4000%ACK=S++%Flags=AS%Ops=M)
-T2(Resp=N)
-T3(Resp=N)
-T4(DF=N%W=0%ACK=O%Flags=R%Ops=)
-T5(DF=N%W=0%ACK=S++%Flags=AR%Ops=)
-T6(DF=N%W=0%ACK=O%Flags=R%Ops=)
-T7(Resp=N)
-PU(DF=N%TOS=0%IPLEN=38%RIPTL=148%RID=E%RIPCK=E%UCK=E%ULEN=134%DAT=E)
-
 # Windows XP Pro WITHOUT ANY service packs
 # Windows XP SP1
 Fingerprint Microsoft Windows XP Pro
@@ -15271,6 +15208,19 @@ T6(DF=N%W=0%ACK=O%Flags=R%Ops=)
 T7(DF=N%W=0%ACK=S++%Flags=AR%Ops=)
 PU(DF=N%TOS=20%IPLEN=38%RIPTL=148%RID=E%RIPCK=E%UCK=E%ULEN=134%DAT=E)
 
+# Fingerprint Microsoft Windows XP Pro (Spanish) w/SP2
+Fingerprint Microsoft Windows XP Pro (Spanish) SP2
+Class Microsoft | Windows | NT/2K/XP | general purpose
+TSeq(Class=TR%gcd=<6)
+T1(DF=Y%W=805C%ACK=S++%Flags=AS%Ops=MNWNNT)
+T2(Resp=Y%DF=N%W=0%ACK=S%Flags=AR%Ops=)
+T3(Resp=Y%DF=Y%W=805C%ACK=S++%Flags=AS%Ops=MNWNNT)
+T4(DF=N%W=0%ACK=O%Flags=R%Ops=)
+T5(DF=N%W=0%ACK=S++%Flags=AR%Ops=)
+T6(DF=N%W=0%ACK=O%Flags=R%Ops=)
+T7(DF=N%W=0%ACK=S++%Flags=AR%Ops=)
+PU(Resp=N)
+
 Fingerprint Microsoft Windows XP Pro or Windows 2000 Pro SP2+
 Class Microsoft | Windows | NT/2K/XP | general purpose
 TSeq(Class=RI%gcd=<16%SI=<25AEE&>6B%IPID=I)
@@ -15295,6 +15245,21 @@ T6(DF=N%W=0%ACK=O%Flags=R%Ops=)
 T7(Resp=N)
 PU(DF=N%TOS=0%IPLEN=38%RIPTL=148%RID=E%RIPCK=E%UCK=E%ULEN=134%DAT=E)
 
+# bsed on msg 2236, 1304
+# Microsoft R Windows Version 5.1 (Build 2600.xpsp2.040919-1003 : Service Pack 1)
+# MS Windows XP version 5.1 (no. 2600 xpsp2.040919-1003: Service Pack 1)
+Fingerprint Microsoft Windows XP Pro SP1
+Class Microsoft | Windows | NT/2K/XP | general purpose
+TSeq(Class=RI%gcd=<6%SI=<2553A&>42E%IPID=I)
+T1(DF=Y%W=8000%ACK=S++%Flags=AS%Ops=MNNT)
+T2(DF=N%W=0%ACK=S%Flags=AR%Ops=)
+T3(Resp=Y%DF=Y%W=8000%ACK=S++%Flags=AS%Ops=MNNT)
+T4(DF=N%W=0%ACK=O%Flags=R%Ops=)
+T5(DF=N%W=0%ACK=S++%Flags=AR%Ops=)
+T6(DF=N%W=0%ACK=O%Flags=R%Ops=)
+T7(DF=N%W=0%ACK=S++%Flags=AR%Ops=)
+PU(DF=N%TOS=0%IPLEN=38%RIPTL=148%RID=E%RIPCK=E%UCK=E%ULEN=134%DAT=E)
+
 Fingerprint Microsoft Windows XP Pro SP1
 Class Microsoft | Windows | NT/2K/XP | general purpose
 TSeq(Class=RI%gcd=<6%SI=<31812&>7D7%IPID=I)
@@ -15360,18 +15325,6 @@ T6(DF=N%W=0%ACK=O%Flags=R%Ops=)
 T7(DF=N%W=0%ACK=S++%Flags=AR%Ops=)
 PU(DF=N%TOS=0%IPLEN=38%RIPTL=148%RID=E%RIPCK=E%UCK=E%ULEN=134%DAT=E)
 
-Fingerprint windows 2003 Server Standart Edition SP1
-Class Microsoft | Windows | 2003/.NET | general purpose
-TSeq(Class=TR%gcd=<6%IPID=I)
-T1(DF=N%W=4000%ACK=S++%Flags=AS%Ops=MNWNNT)
-T2(Resp=Y%DF=N%W=0%ACK=S%Flags=AR%Ops=)
-T3(Resp=Y%DF=N%W=4000%ACK=S++%Flags=AS%Ops=MNWNNT)
-T4(DF=N%W=0%ACK=O%Flags=R%Ops=)
-T5(DF=N%W=0%ACK=S++%Flags=AR%Ops=)
-T6(DF=N%W=0%ACK=O%Flags=R%Ops=)
-T7(DF=N%W=0%ACK=S++%Flags=AR%Ops=)
-PU(DF=N%TOS=5C%IPLEN=B0%RIPTL=148%RID=E%RIPCK=E%UCK=E%ULEN=134%DAT=E)
-
 # Windows XP Pro Version 5.1 (Build 2600.xpsp2.030422-1633: Service Pack1)
 # Windows XP SP1 running ZoneAlarm
 # Microsoft Windows XP Pro Version 5.1 (Build 2600.xpsp2_gdr.040517-1325: Service Pack 1)
@@ -15437,6 +15390,19 @@ T6(DF=N%W=0%ACK=S%Flags=R%Ops=)
 T7(DF=N%W=0%ACK=S++%Flags=AR%Ops=)
 PU(DF=N%TOS=0%IPLEN=38%RIPTL=148%RID=E%RIPCK=E%UCK=E%ULEN=134%DAT=E)
 
+# Microsoft Windows XP [Version 5.1.2600] (XP Professional SP1)
+Fingerprint Microsoft Windows XP Pro SP1
+Class Microsoft | Windows | NT/2K/XP | general purpose
+TSeq(Class=TR%gcd=<6%IPID=I)
+T1(DF=Y%W=FAF0%ACK=S++%Flags=AS%Ops=MNWNNT)
+T2(Resp=Y%DF=N%W=C00|800%ACK=S%Flags=R%Ops=WNMETL)
+T3(Resp=Y%DF=N%W=800|1000|C00%ACK=S%Flags=R%Ops=WNMETL)
+T4(DF=N%W=1000|800%ACK=S%Flags=R%Ops=WNMETL)
+T5(DF=N%W=0%ACK=S++%Flags=AR%Ops=)
+T6(DF=N%W=C00|400|800%ACK=S%Flags=R%Ops=WNMETL)
+T7(DF=N%W=1000|800%ACK=S%Flags=R%Ops=WNMETL)
+PU(DF=N%TOS=0%IPLEN=38%RIPTL=148%RID=E%RIPCK=E%UCK=E%ULEN=134%DAT=E)
+
 # Windows XP Professional 2002 - Service Pack 1 - Hotfixes
 # Windows XP Profesional build 2600.xpsp2.030422-1633: Service Pack 1
 # Windows XP Professional w/SP1 build 2600.xpsp1.030422-166: Service Pack 1
@@ -15484,6 +15450,143 @@ T6(DF=N%W=0%ACK=O%Flags=R%Ops=)
 T7(DF=N%W=0%ACK=S++%Flags=AR%Ops=)
 PU(DF=N%TOS=0%IPLEN=38%RIPTL=148%RID=E%RIPCK=E%UCK=E%ULEN=134%DAT=E)
 
+# Microsoft Windows XP Pro w/ SP1 V5.1.2600 and most WU patches as of 4/20/05
+# Microsoft Windows XP Professional 5.1.2600 Service Pack 1 Build 2600
+# Microsoft Windows XP Home (English) with Service Pack 2
+# Windows XP Pro (Version 5.1 - Build 2600.xpsp2.050301-1526: Service Pack 1)
+# version 5.1 build 2600 xpsp2 040919-1003 service pack 1
+# Windows 2000 SP4 Version 5.0 (Build 2195: Service Pack 4) on a 2 GHz Pentium 4
+# Microsoft Windows 2000 s/SP4 build 5.00.2195
+# Microsoft Windows 2000 Pro 5.00.2195 SP4 - all patches as of 02 Jun 2005 (OEM)
+# Windows 2000 Advanced Server SP4 and patches as of June 17 2004
+# Microsoft Windows 2000 Professional (v5.0, Build 2195, SP4), all current hotfixes applied 7th June
+# Microsoft Windows 2000 Professional with SP4 and latest Windows Update patches as of June 21, 2005
+# Microsoft Windows 2000 Advanced SP4 running Sphinx a-Wall
+# Microsoft Windows XP Pro w/SP1a build 2600.xpsp2.050301-1526
+# Microsoft Windows XP Professional (German) w/SP1 build 2600.xpsp1.050301-1526
+Fingerprint Microsoft Windows XP Pro SP1/SP2 or 2000 SP4
+Class Microsoft | Windows | NT/2K/XP | general purpose
+TSeq(Class=TR%gcd=<6%IPID=I)
+T1(DF=Y%W=402E|FAF0%ACK=S++%Flags=AS%Ops=MNWNNT)
+T2(Resp=Y%DF=N%W=0%ACK=S%Flags=AR%Ops=)
+T3(Resp=Y%DF=Y%W=402E|FAF0%ACK=S++%Flags=AS%Ops=MNWNNT)
+T4(DF=N%W=0%ACK=O%Flags=R%Ops=)
+T5(DF=N%W=0%ACK=S++%Flags=AR%Ops=)
+T6(DF=N%W=0%ACK=O%Flags=R%Ops=)
+T7(DF=N%W=0%ACK=S++%Flags=AR%Ops=)
+PU(DF=N%TOS=0%IPLEN=38%RIPTL=148%RID=E%RIPCK=E%UCK=E%ULEN=134%DAT=E)
+
+# Microsoft Windows XP Pro Service Pack 2 Build 5 1 2600
+Fingerprint Microsoft Windows XP Pro SP2
+Class Microsoft | Windows | NT/2K/XP | general purpose
+TSeq(Class=TR%gcd=<6%IPID=I)
+T1(DF=Y%W=FFFF%ACK=S++%Flags=AS%Ops=MNWNNT)
+T2(Resp=N)
+T3(Resp=N)
+T4(DF=Y%W=0%ACK=O%Flags=R%Ops=)
+T5(DF=N%W=0%ACK=S++%Flags=AR%Ops=)
+T6(DF=Y%W=0%ACK=O%Flags=R%Ops=)
+T7(Resp=N)
+PU(DF=N%TOS=20%IPLEN=B0%RIPTL=148%RID=E%RIPCK=E%UCK=F%ULEN=134%DAT=E)
+
+# Microsoft Windows Version 5.1 (Build 2600.xpsp_sp2_trm.040803-2158 : Service Paxk 2) (XP Pro +SP2 + Hotfix)
+Fingerprint Microsoft Windows XP Pro SP2
+Class Microsoft | Windows | NT/2K/XP | general purpose
+TSeq(Class=TR%gcd=<6%IPID=I)
+T1(DF=N%W=402E%ACK=S++%Flags=AS%Ops=MNWNNT)
+T2(Resp=N)
+T3(Resp=N)
+T4(Resp=N)
+T5(DF=N%W=0%ACK=S++%Flags=AR%Ops=)
+T6(DF=N%W=0%ACK=O%Flags=R%Ops=)
+T7(Resp=N)
+PU(DF=N%TOS=0%IPLEN=B0%RIPTL=148%RID=E%RIPCK=E%UCK=F%ULEN=134%DAT=E)
+
+# Windows xp Pro SP2 German (Build 2600.xpsp_sp2_rtm.040803-2158 : Service Pack 2) with Agnitum Outpost Firewall Pro ver.+2.1.303.4009 (314)
+# Microsoft Windows XP Professional Version 2002 w/SP2 build 5.1.2600 latest MS patches as of Feb 9, 2005
+Fingerprint Microsoft Windows XP Pro SP2
+Class Microsoft | Windows | NT/2K/XP | general purpose
+TSeq(Class=TR%gcd=<6%IPID=I)
+T1(DF=N%W=FB8B|FC00%ACK=S++%Flags=AS%Ops=MNWNNT)
+T2(Resp=N)
+T3(Resp=N)
+T4(DF=N%W=0%ACK=O%Flags=R%Ops=)
+T5(DF=N%W=0%ACK=S++%Flags=AR%Ops=)
+T6(DF=N%W=0%ACK=O%Flags=R%Ops=)
+T7(Resp=N)
+PU(DF=N%TOS=0%IPLEN=B0%RIPTL=148%RID=E%RIPCK=E%UCK=E%ULEN=134%DAT=E)
+
+# Fingerprint Microsoft Windows XP Professional w/SP2 and latest updates
+Fingerprint Microsoft Windows XP Pro SP2
+Class Microsoft | Windows | NT/2K/XP | general purpose
+TSeq(Class=TR%gcd=<6%IPID=I)
+T1(DF=Y%W=FFFF%ACK=S++%Flags=AS%Ops=MNWNNT)
+T2(Resp=Y%DF=N%W=400|C00%ACK=S%Flags=R%Ops=WNMETL)
+T3(Resp=Y%DF=N%W=800|1000%ACK=S%Flags=R%Ops=WNMETL)
+T4(DF=N%W=800|1000%ACK=S%Flags=R%Ops=WNMETL)
+T5(DF=N%W=0%ACK=S++%Flags=AR%Ops=)
+T6(DF=N%W=C00%ACK=S%Flags=R%Ops=WNMETL)
+T7(DF=N%W=800%ACK=S%Flags=R%Ops=WNMETL)
+PU(DF=N%TOS=0%IPLEN=B0%RIPTL=148%RID=E%RIPCK=E%UCK=F%ULEN=134%DAT=E)
+
+# bsed on msg 1079
+# Fingerprint Microsoft Windows XP Proffesional (Polish) with SP2 and all patches available on January 19, 2005
+Fingerprint Microsoft Windows XP Pro SP2
+Class Microsoft | Windows | NT/2K/XP | general purpose
+TSeq(Class=TR%gcd=<6%IPID=I)
+T1(DF=Y%W=805C%ACK=S++%Flags=AS%Ops=MNWNNT)
+T2(Resp=N)
+T3(Resp=Y%DF=Y%W=805C%ACK=S++%Flags=AS%Ops=MNWNNT)
+T4(DF=N%W=0%ACK=O%Flags=R%Ops=)
+T5(DF=N%W=0%ACK=S++%Flags=AR%Ops=)
+T6(DF=N%W=0%ACK=O%Flags=R%Ops=)
+T7(DF=N%W=0%ACK=S++%Flags=AR%Ops=)
+PU(DF=N%TOS=0%IPLEN=B0%RIPTL=148%RID=E%RIPCK=E%UCK=E%ULEN=134%DAT=E)
+
+# Microsoft Windows XP Professional SP2 ( Build 2600.xpsp_sp2_rtm.040803-2158)
+# Microsoft WIndows XP Proffesional Version 2002 Service Pack 2
+Fingerprint Microsoft Windows XP Pro SP2
+Class Microsoft | Windows | NT/2K/XP | general purpose
+TSeq(Class=TR%gcd=<6%IPID=I)
+T1(DF=N%W=FFFF%ACK=S++|O%Flags=AS%Ops=MNWNNT)
+T2(Resp=Y%DF=N%W=0%ACK=S%Flags=AR%Ops=)
+T3(Resp=Y%DF=N%W=FFFF%ACK=S++|O%Flags=AS%Ops=MNWNNT)
+T4(DF=N%W=0%ACK=O%Flags=R%Ops=)
+T5(DF=N%W=0%ACK=S++%Flags=AR%Ops=)
+T6(DF=N%W=0%ACK=O%Flags=R%Ops=)
+T7(DF=N%W=0%ACK=S++%Flags=AR%Ops=)
+PU(DF=N%TOS=0%IPLEN=B0%RIPTL=148%RID=E|F%RIPCK=E%UCK=E%ULEN=134%DAT=E)
+
+# Windows XP Pro SP2: Version 5.1 (Build 2600.xpsp_sp2_rtm.040803-2158: Service Pack 2 (firewall disabled)
+Fingerprint Microsoft Windows XP Pro SP2 (firewall disabled)
+Class Microsoft | Windows | NT/2K/XP | general purpose
+TSeq(Class=TR%IPID=I%TS=0)
+T1(Resp=Y%DF=Y%W=FC94%ACK=S++%Flags=AS%Ops=MNWNNT)
+T2(Resp=N)
+T3(Resp=N)
+T4(Resp=Y%DF=N%W=0%ACK=O%Flags=R%Ops=)
+T5(Resp=Y%DF=N%W=0%ACK=S++%Flags=AR%Ops=)
+T6(Resp=Y%DF=N%W=0%ACK=O%Flags=R%Ops=)
+T7(Resp=N)
+PU(Resp=Y%DF=N%TOS=0%IPLEN=B0%RIPTL=148%RID=E%RIPCK=E%UCK=E%ULEN=134%DAT=E)
+
+# Microsoft Windows XP PRO CORP. ED. Version 5.1 (Build 2600.xpsp_sp2_rtm.040803-2158 : Service Pack 2)
+# Microsoft Windows 2003 Enterprize Edition (version 5.2 (build 3790.srv03_gdr.040410-1234))
+# Microsoft Windows XP Pro SP2 5.1.2600 SP2 Build 2600, Athlon x86, no firewall
+# Windows 2003 Enterprise Server 5.2 build 3790, srv03_gdr.040410-1234  as of Feb 22, 2003
+# Mircosoft Windows Server 2003 Enterprise w/sp1 build 3790.srv03_sp1_rtm.050324-1447
+Fingerprint Microsoft Windows XP Pro SP2 or 2003 Server Enterprise Edition
+Class Microsoft | Windows | NT/2K/XP | general purpose
+TSeq(Class=TR%gcd=<6%IPID=I%TS=U)
+T1(DF=N%W=FFFF%ACK=S++%Flags=AS%Ops=MNW)
+T2(Resp=Y%DF=N%W=0%ACK=S%Flags=AR%Ops=)
+T3(Resp=Y%DF=N%W=FFFF%ACK=S++%Flags=AS%Ops=MNW)
+T4(DF=N%W=0%ACK=O%Flags=R%Ops=)
+T5(DF=N%W=0%ACK=S++%Flags=AR%Ops=)
+T6(DF=N%W=0%ACK=O%Flags=R%Ops=)
+T7(DF=N%W=0%ACK=S++%Flags=AR%Ops=)
+PU(DF=N%TOS=0%IPLEN=B0%RIPTL=148%RID=E%RIPCK=E%UCK=E%ULEN=134%DAT=E)
+
 Fingerprint Microsoft Windows XP Pro Version 5.1 Build 2600
 Class Microsoft | Windows | NT/2K/XP | general purpose
 TSeq(Class=RI%gcd=<6%SI=<32578&>18D%IPID=I)
@@ -15533,32 +15636,6 @@ T6(DF=N%W=0%ACK=O%Flags=R%Ops=)
 T7(DF=N%W=0%ACK=S++%Flags=AR%Ops=)
 PU(DF=N%TOS=0|40%IPLEN=38%RIPTL=148%RID=E%RIPCK=E%UCK=E%ULEN=134%DAT=E)
 
-# Microsoft Windows XP Pro w/ SP1 V5.1.2600 and most WU patches as of 4/20/05
-# Microsoft Windows XP Professional 5.1.2600 Service Pack 1 Build 2600
-# Microsoft Windows XP Home (English) with Service Pack 2
-# Windows XP Pro (Version 5.1 - Build 2600.xpsp2.050301-1526: Service Pack 1)
-# version 5.1 build 2600 xpsp2 040919-1003 service pack 1
-# Windows 2000 SP4 Version 5.0 (Build 2195: Service Pack 4) on a 2 GHz Pentium 4
-# Microsoft Windows 2000 s/SP4 build 5.00.2195
-# Microsoft Windows 2000 Pro 5.00.2195 SP4 - all patches as of 02 Jun 2005 (OEM)
-# Windows 2000 Advanced Server SP4 and patches as of June 17 2004
-# Microsoft Windows 2000 Professional (v5.0, Build 2195, SP4), all current hotfixes applied 7th June
-# Microsoft Windows 2000 Professional with SP4 and latest Windows Update patches as of June 21, 2005
-# Microsoft Windows 2000 Advanced SP4 running Sphinx a-Wall
-# Microsoft Windows XP Pro w/SP1a build 2600.xpsp2.050301-1526
-# Microsoft Windows XP Professional (German) w/SP1 build 2600.xpsp1.050301-1526
-Fingerprint Microsoft Windows XP Pro SP1/SP2 or 2000 SP4
-Class Microsoft | Windows | NT/2K/XP | general purpose
-TSeq(Class=TR%gcd=<6%IPID=I)
-T1(DF=Y%W=402E|FAF0%ACK=S++%Flags=AS%Ops=MNWNNT)
-T2(Resp=Y%DF=N%W=0%ACK=S%Flags=AR%Ops=)
-T3(Resp=Y%DF=Y%W=402E|FAF0%ACK=S++%Flags=AS%Ops=MNWNNT)
-T4(DF=N%W=0%ACK=O%Flags=R%Ops=)
-T5(DF=N%W=0%ACK=S++%Flags=AR%Ops=)
-T6(DF=N%W=0%ACK=O%Flags=R%Ops=)
-T7(DF=N%W=0%ACK=S++%Flags=AR%Ops=)
-PU(DF=N%TOS=0%IPLEN=38%RIPTL=148%RID=E%RIPCK=E%UCK=E%ULEN=134%DAT=E)
-
 # Microsoft Windows XP Version 5.1 (Build 2600.xpsp 1.020828-1920: Service Pack 1) > latest Windows Update patch too (1/31/03)
 # Windows 2000 with Service Pack 3
 Fingerprint Microsoft Windows XP SP1 or Windows 2000 SP3
@@ -15573,47 +15650,6 @@ T6(DF=N%W=0%ACK=O%Flags=R%Ops=)
 T7(Resp=N)
 PU(DF=N%TOS=0%IPLEN=38%RIPTL=148%RID=E%RIPCK=E%UCK=E%ULEN=134%DAT=E)
 
-# Microsoft Windows Server 2003, Enterprise Edition, no service packs, (build 3790.srv03_rtm.030324-2048)
-# Microsoft Windows XP Professional (English) w/SP2 with latest updates through Nov. 24, 2004
-Fingerprint Microsoft Windows 2003 Server Enterprise Edition or XP Pro SP2
-Class Microsoft | Windows | 2003/.NET | general purpose
-Class Microsoft | Windows | NT/2K/XP | general purpose
-TSeq(Class=TR%gcd=<6%IPID=I)
-T1(DF=Y%W=6360%ACK=S++%Flags=AS%Ops=MNWNNT)
-T2(Resp=Y%DF=N%W=0%ACK=S%Flags=AR%Ops=)
-T3(Resp=Y%DF=Y%W=6360%ACK=S++%Flags=AS%Ops=MNWNNT)
-T4(DF=N%W=0%ACK=O%Flags=R%Ops=)
-T5(DF=N%W=0%ACK=S++%Flags=AR%Ops=)
-T6(DF=N%W=0%ACK=O%Flags=R%Ops=)
-T7(DF=N%W=0%ACK=S++%Flags=AR%Ops=)
-PU(DF=N%TOS=0%IPLEN=B0%RIPTL=148%RID=E%RIPCK=E%UCK=E%ULEN=134%DAT=E)
-
-# Windows 2003 standard edition version 5.2 build 3790.srv03_rtm.030324-2048 and lastest windows updates patches as november 9, 2004
-Fingerprint Microsoft Windows 2003 standard edition
-Class Microsoft | Windows | 2003/.NET | general purpose
-T1(DF=N%W=0%ACK=S++%Flags=AR%Ops=)
-T2(Resp=Y%DF=N%W=0%ACK=S%Flags=AR%Ops=)
-T3(Resp=Y%DF=N%W=0%ACK=O%Flags=AR%Ops=)
-T4(DF=N%W=0%ACK=O%Flags=R%Ops=)
-T5(DF=N%W=0%ACK=S++%Flags=AR%Ops=)
-T6(DF=N%W=0%ACK=O%Flags=R%Ops=)
-T7(DF=N%W=0%ACK=S++%Flags=AR%Ops=)
-PU(DF=N%TOS=0%IPLEN=B0%RIPTL=148%RID=E|F%RIPCK=E%UCK=E%ULEN=134%DAT=E)
-
-# Windows 5.2 (Build 3790.srv03_sp1_rtm.050324-1447 : Service Pack 1)
-# Windows Server 2003 SP1 all patches as of June-23-05
-Fingerprint Windows 2003 Server SP1
-Class Microsoft | Windows | 2003/.NET | general purpose
-TSeq(Class=TR%gcd=<6%IPID=I)
-T1(DF=N%W=FAF0%ACK=S++%Flags=AS%Ops=MNWNNT)
-T2(Resp=Y%DF=N%W=0%ACK=S%Flags=AR%Ops=)
-T3(Resp=Y%DF=N%W=FAF0%ACK=S++%Flags=AS%Ops=MNWNNT)
-T4(DF=N%W=0%ACK=O%Flags=R%Ops=)
-T5(DF=N%W=0%ACK=S++%Flags=AR%Ops=)
-T6(DF=N%W=0%ACK=O%Flags=R%Ops=)
-T7(DF=N%W=0%ACK=S++%Flags=AR%Ops=)
-PU(DF=N%TOS=0%IPLEN=B0%RIPTL=148%RID=E%RIPCK=E%UCK=E%ULEN=134%DAT=E)
-
 # Microsoft Windows XP SP1 (Build 2600.XP SP2.030422-1633:Service Pack 1)
 # Microsoft Windows XP Pro with SP1 and latest Windows Update patches as of Oct 12, 2003 except Q817778
 # Windows 2000 Pro with SP4 and latest Windows Update patches as of november 25th, 2003
@@ -15629,19 +15665,6 @@ T6(DF=N%W=0%ACK=O%Flags=R%Ops=)
 T7(Resp=N)
 PU(DF=N%TOS=0%IPLEN=38%RIPTL=148%RID=E%RIPCK=E%UCK=E|F%ULEN=134%DAT=E)
 
-# Microsoft Windows XP [Version 5.1.2600] (XP Professional SP1)
-Fingerprint Microsoft Windows XP Pro SP1
-Class Microsoft | Windows | NT/2K/XP | general purpose
-TSeq(Class=TR%gcd=<6%IPID=I)
-T1(DF=Y%W=FAF0%ACK=S++%Flags=AS%Ops=MNWNNT)
-T2(Resp=Y%DF=N%W=C00|800%ACK=S%Flags=R%Ops=WNMETL)
-T3(Resp=Y%DF=N%W=800|1000|C00%ACK=S%Flags=R%Ops=WNMETL)
-T4(DF=N%W=1000|800%ACK=S%Flags=R%Ops=WNMETL)
-T5(DF=N%W=0%ACK=S++%Flags=AR%Ops=)
-T6(DF=N%W=C00|400|800%ACK=S%Flags=R%Ops=WNMETL)
-T7(DF=N%W=1000|800%ACK=S%Flags=R%Ops=WNMETL)
-PU(DF=N%TOS=0%IPLEN=38%RIPTL=148%RID=E%RIPCK=E%UCK=E%ULEN=134%DAT=E)
-
 # Microsoft Windows XP2 - version 5.1 (Build 2600.xpsp_sp2_gdr.050301-1519 : Service Pack 2)
 Fingerprint Microsoft Windows XP SP2
 Class Microsoft | Windows | NT/2K/XP | general purpose
@@ -15655,59 +15678,6 @@ T6(DF=N%W=0%ACK=O%Flags=R%Ops=)
 T7(DF=N%W=0%ACK=S++%Flags=AR%Ops=)
 PU(DF=N%TOS=F0%IPLEN=B0%RIPTL=148%RID=E%RIPCK=E%UCK=E%ULEN=134%DAT=E)
 
-# Microsoft Windows Version 5.1 (Build 2600.xpsp_sp2_trm.040803-2158 : Service Paxk 2) (XP Pro +SP2 + Hotfix)
-Fingerprint Microsoft Windows XP Pro SP2
-Class Microsoft | Windows | NT/2K/XP | general purpose
-TSeq(Class=TR%gcd=<6%IPID=I)
-T1(DF=N%W=402E%ACK=S++%Flags=AS%Ops=MNWNNT)
-T2(Resp=N)
-T3(Resp=N)
-T4(Resp=N)
-T5(DF=N%W=0%ACK=S++%Flags=AR%Ops=)
-T6(DF=N%W=0%ACK=O%Flags=R%Ops=)
-T7(Resp=N)
-PU(DF=N%TOS=0%IPLEN=B0%RIPTL=148%RID=E%RIPCK=E%UCK=F%ULEN=134%DAT=E)
-
-# Microsoft Windows XP Version 5.1 Home German SP2 (Build 2600.xpsp_sp2_rtm.040803-2158 : SP2), latest Updates as of Oct 27, 2004
-Fingerprint Microsoft Windows XP Home (German) SP2
-Class Microsoft | Windows | NT/2K/XP | general purpose
-TSeq(Class=TR%gcd=<6%IPID=I)
-T1(DF=N%W=805C%ACK=S++%Flags=AS%Ops=MNWNNT)
-T2(Resp=N)
-T3(Resp=N)
-T4(Resp=N)
-T5(DF=N%W=0%ACK=S++%Flags=AR%Ops=)
-T6(DF=N%W=0%ACK=O%Flags=R%Ops=)
-T7(Resp=N)
-PU(DF=N%TOS=0%IPLEN=B0%RIPTL=148%RID=E%RIPCK=E%UCK=E%ULEN=134%DAT=E)
-
-# Windows xp Pro SP2 German (Build 2600.xpsp_sp2_rtm.040803-2158 : Service Pack 2) with Agnitum Outpost Firewall Pro ver.+2.1.303.4009 (314)
-# Microsoft Windows XP Professional Version 2002 w/SP2 build 5.1.2600 latest MS patches as of Feb 9, 2005
-Fingerprint Microsoft Windows XP Pro SP2
-Class Microsoft | Windows | NT/2K/XP | general purpose
-TSeq(Class=TR%gcd=<6%IPID=I)
-T1(DF=N%W=FB8B|FC00%ACK=S++%Flags=AS%Ops=MNWNNT)
-T2(Resp=N)
-T3(Resp=N)
-T4(DF=N%W=0%ACK=O%Flags=R%Ops=)
-T5(DF=N%W=0%ACK=S++%Flags=AR%Ops=)
-T6(DF=N%W=0%ACK=O%Flags=R%Ops=)
-T7(Resp=N)
-PU(DF=N%TOS=0%IPLEN=B0%RIPTL=148%RID=E%RIPCK=E%UCK=E%ULEN=134%DAT=E)
-
-# Windows XP Professionnel (5.1) Service Pack 2
-Fingerprint Windows XP Pro SP 2
-Class Microsoft | Windows | NT/2K/XP | general purpose
-TSeq(Class=TR%gcd=<6%IPID=I)
-T1(DF=Y%W=FFFF%ACK=S++%Flags=AS%Ops=MNWNNT)
-T2(Resp=Y%DF=N%W=C00|800|400%ACK=S%Flags=AR%Ops=WNMETL)
-T3(Resp=Y%DF=N%W=C00|800|400%ACK=S++%Flags=AR%Ops=WNMETL)
-T4(DF=N%W=400|1000%ACK=S%Flags=AR%Ops=WNMETL)
-T5(DF=N%W=C00%ACK=S++%Flags=AR%Ops=WNMETL)
-T6(DF=N%W=800|400%ACK=S%Flags=AR%Ops=WNMETL)
-T7(DF=N%W=400|800%ACK=S++%Flags=AR%Ops=WNMETL)
-PU(Resp=N)
-
 # MS Windows XP SP2 (English) Build 2600.xpsp2_rtm.040803-2158
 # Microsoft Windows XP Professional Version 5.1 (Build 2600.xpsp2_gdr.050301-1519 : Service Pack 2)
 # Microsoft Windows XP Pro (Spanizh) with SP2 and latest Windows Update patches as June 5,+2005
@@ -15723,116 +15693,6 @@ T6(DF=N%W=0%ACK=O%Flags=R%Ops=)
 T7(DF=N%W=0%ACK=S++%Flags=AR%Ops=)
 PU(DF=N%TOS=0%IPLEN=B0%RIPTL=148%RID=E%RIPCK=E%UCK=E%ULEN=134%DAT=E)
 
-# Fingerprint Microsoft Windows XP Professional w/SP2 and latest updates
-Fingerprint Microsoft Windows XP Pro SP2
-Class Microsoft | Windows | NT/2K/XP | general purpose
-TSeq(Class=TR%gcd=<6%IPID=I)
-T1(DF=Y%W=FFFF%ACK=S++%Flags=AS%Ops=MNWNNT)
-T2(Resp=Y%DF=N%W=400|C00%ACK=S%Flags=R%Ops=WNMETL)
-T3(Resp=Y%DF=N%W=800|1000%ACK=S%Flags=R%Ops=WNMETL)
-T4(DF=N%W=800|1000%ACK=S%Flags=R%Ops=WNMETL)
-T5(DF=N%W=0%ACK=S++%Flags=AR%Ops=)
-T6(DF=N%W=C00%ACK=S%Flags=R%Ops=WNMETL)
-T7(DF=N%W=800%ACK=S%Flags=R%Ops=WNMETL)
-PU(DF=N%TOS=0%IPLEN=B0%RIPTL=148%RID=E%RIPCK=E%UCK=F%ULEN=134%DAT=E)
-
-# Microsoft Windows XP Pro Build 2600.xpsp_sp2_rtm.040803-2158 : Service Pack 2
-# Microsoft Windows XP Professional w/SP2 build 2600.xpsp_sp2_rtm.040803-2158
-# Microsoft Windows XP Professional w/SP2 and latest Windows Updates patches as of Dec 15, 2004
-# Windows Version 5.1 (Build 2600.xpsp_sp2_rtm.040803-2158 : Service Pack 2)
-# Microsoft Windows XP Professional (Build 2600.xpsp_sp2_rtm.040803-2158 : Service Pack 2)
-# Microsoft Windows XP Professional (Spanish) w/SP2 build 2600.xpsp_sp2_trm.040803-2158
-# Windows Server 2003 Standard edition, Microsoft windows vers.5.2 build 3790.srv03_rtm.030324-2048
-# Microsoft Windows XP Professional Version 2002 Service Pack 2
-# Windows 2003 Server Standard Edition germany
-# Microsoft Windows Server 2003 EE Version 5.2 (Build 3790.srv03_gdr.040410-1234)
-# Microsoft Windows XP home (hebrew) with SP2
-Fingerprint Microsoft Windows XP SP2 or 2003 Server
-Class Microsoft | Windows | NT/2K/XP | general purpose
-Class Microsoft | Windows | 2003/.NET | general purpose
-TSeq(Class=TR%gcd=<6%IPID=I)
-T1(DF=Y%W=FFFF%ACK=S++%Flags=AS%Ops=MNWNNT)
-T2(Resp=N)
-T3(Resp=Y%DF=Y%W=FFFF%ACK=S++%Flags=AS%Ops=MNWNNT)
-T4(DF=N%W=0%ACK=O%Flags=R%Ops=)
-T5(DF=N%W=0%ACK=S++%Flags=AR%Ops=)
-T6(DF=N%W=0%ACK=O%Flags=R%Ops=)
-T7(DF=N%W=0%ACK=S++%Flags=AR%Ops=)
-PU(DF=N%TOS=0%IPLEN=B0%RIPTL=148%RID=E%RIPCK=E%UCK=E%ULEN=134%DAT=E)
-
-# bsed on msg 1079
-# Fingerprint Microsoft Windows XP Proffesional (Polish) with SP2 and all patches available on January 19, 2005
-Fingerprint Microsoft Windows XP Pro SP2
-Class Microsoft | Windows | NT/2K/XP | general purpose
-TSeq(Class=TR%gcd=<6%IPID=I)
-T1(DF=Y%W=805C%ACK=S++%Flags=AS%Ops=MNWNNT)
-T2(Resp=N)
-T3(Resp=Y%DF=Y%W=805C%ACK=S++%Flags=AS%Ops=MNWNNT)
-T4(DF=N%W=0%ACK=O%Flags=R%Ops=)
-T5(DF=N%W=0%ACK=S++%Flags=AR%Ops=)
-T6(DF=N%W=0%ACK=O%Flags=R%Ops=)
-T7(DF=N%W=0%ACK=S++%Flags=AR%Ops=)
-PU(DF=N%TOS=0%IPLEN=B0%RIPTL=148%RID=E%RIPCK=E%UCK=E%ULEN=134%DAT=E)
-
-# Micrososoft Windows Version 5.1 (Build 2600.XPSP_SP2_GDR.050301-1519 : Service Pack 2)
-Fingerprint Micrososoft Windows XP SP2
-Class Microsoft | Windows | NT/2K/XP | general purpose
-TSeq(Class=TR%gcd=<6%IPID=I)
-T1(DF=Y%W=402E%ACK=S++%Flags=AS%Ops=MNWNNT)
-T2(Resp=Y%DF=N%W=0%ACK=S%Flags=AR%Ops=)
-T3(Resp=Y%DF=Y%W=402E%ACK=S++%Flags=AS%Ops=MNWNNT)
-T4(DF=N%W=0%ACK=O%Flags=R%Ops=)
-T5(DF=Y%W=402E%ACK=S++%Flags=AS%Ops=MNWNNT)
-T6(DF=N%W=0%ACK=O%Flags=R%Ops=)
-T7(DF=N%W=0%ACK=S++%Flags=AR%Ops=)
-PU(DF=N%TOS=0%IPLEN=B0%RIPTL=148%RID=E%RIPCK=E%UCK=E%ULEN=134%DAT=E)
-
-# Fingerprint Microsoft Windows XP Pro (Spanish) w/SP2
-Fingerprint Microsoft Windows XP Pro (Spanish) SP2
-Class Microsoft | Windows | NT/2K/XP | general purpose
-TSeq(Class=TR%gcd=<6)
-T1(DF=Y%W=805C%ACK=S++%Flags=AS%Ops=MNWNNT)
-T2(Resp=Y%DF=N%W=0%ACK=S%Flags=AR%Ops=)
-T3(Resp=Y%DF=Y%W=805C%ACK=S++%Flags=AS%Ops=MNWNNT)
-T4(DF=N%W=0%ACK=O%Flags=R%Ops=)
-T5(DF=N%W=0%ACK=S++%Flags=AR%Ops=)
-T6(DF=N%W=0%ACK=O%Flags=R%Ops=)
-T7(DF=N%W=0%ACK=S++%Flags=AR%Ops=)
-PU(Resp=N)
-
-# Microsoft Windows XP Professional (English) w/ SP2 (Build 2600.xpsp_sp2_rtm.040803-2158 : Service Pack 2)
-# Widows XP Professional (English UK) w/SP2 - latest patches as of 20 Dec 2004 - build 2600.xpsp_sp2_rtm.040803-2158
-# Microsoft Windows XP Home (French) w/SP2 build 2600.xpsp_sp2_rtm.040803-2158
-# Microsoft Windows XP Profesional (English) w/SP2 Ver 5.1 build 2600.xpsp_sp2_rtm.040803-2158 : Service Pack 2
-Fingerprint Microsoft Widows XP SP2
-Class Microsoft | Windows | NT/2K/XP | general purpose
-TSeq(Class=TR%gcd=<6%IPID=I%TS=U)
-T1(DF=Y%W=805C|88A4|FC94|FFFF%ACK=S++%Flags=AS%Ops=MNW)
-T2(Resp=Y%DF=N%W=0%ACK=S%Flags=AR%Ops=)
-T3(Resp=Y%DF=Y%W=805C|88A4|FC94|FFFF%ACK=S++%Flags=AS%Ops=MNW)
-T4(DF=N%W=0%ACK=O%Flags=R%Ops=)
-T5(DF=N%W=0%ACK=S++%Flags=AR%Ops=)
-T6(DF=N%W=0%ACK=O%Flags=R%Ops=)
-T7(DF=N%W=0%ACK=S++%Flags=AR%Ops=)
-PU(DF=N%TOS=0%IPLEN=B0%RIPTL=148%RID=E%RIPCK=E%UCK=E%ULEN=134%DAT=E)
-
-# Microsoft Windows XP PRO CORP. ED. Version 5.1 (Build 2600.xpsp_sp2_rtm.040803-2158 : Service Pack 2)
-# Microsoft Windows 2003 Enterprize Edition (version 5.2 (build 3790.srv03_gdr.040410-1234))
-# Microsoft Windows XP Pro SP2 5.1.2600 SP2 Build 2600, Athlon x86, no firewall
-# Windows 2003 Enterprise Server 5.2 build 3790, srv03_gdr.040410-1234  as of Feb 22, 2003
-# Mircosoft Windows Server 2003 Enterprise w/sp1 build 3790.srv03_sp1_rtm.050324-1447
-Fingerprint Microsoft Windows XP Pro SP2 or 2003 Server Enterprise Edition
-Class Microsoft | Windows | NT/2K/XP | general purpose
-TSeq(Class=TR%gcd=<6%IPID=I%TS=U)
-T1(DF=N%W=FFFF%ACK=S++%Flags=AS%Ops=MNW)
-T2(Resp=Y%DF=N%W=0%ACK=S%Flags=AR%Ops=)
-T3(Resp=Y%DF=N%W=FFFF%ACK=S++%Flags=AS%Ops=MNW)
-T4(DF=N%W=0%ACK=O%Flags=R%Ops=)
-T5(DF=N%W=0%ACK=S++%Flags=AR%Ops=)
-T6(DF=N%W=0%ACK=O%Flags=R%Ops=)
-T7(DF=N%W=0%ACK=S++%Flags=AR%Ops=)
-PU(DF=N%TOS=0%IPLEN=B0%RIPTL=148%RID=E%RIPCK=E%UCK=E%ULEN=134%DAT=E)
-
 # windows XP Pro SP2 and latest updates as of 3/7/05
 # Microsoft Windows XP version 5.1 600.xpsp_sp2_rtm.040803-2158 : service pack 2
 Fingerprint Microsoft Windows XP SP2
@@ -15862,34 +15722,6 @@ T6(DF=N%W=0%ACK=O%Flags=R%Ops=)
 T7(DF=N%W=0%ACK=S++%Flags=AR%Ops=)
 PU(DF=N%TOS=0%IPLEN=B0%RIPTL=148%RID=E%RIPCK=E%UCK=E%ULEN=134%DAT=E)
 
-# Microsoft Windows 2003 Enterprise Server patches as of 3 May 2003  - NO SP1
-# Microsoft windows Server 2003 Standard Edition (Corp. build) - Version 5.2 (Build+3790.srv03_gdr.040410-1234)
-Fingerprint Microsoft Windows XP SP2 or 2003 Server
-Class Microsoft | Windows | NT/2K/XP | general purpose
-TSeq(Class=TR%gcd=<6%IPID=I)
-T1(DF=Y%W=402E%ACK=S++%Flags=AS%Ops=MNWNNT)
-T2(Resp=Y%DF=N%W=0%ACK=S%Flags=AR%Ops=)
-T3(Resp=N)
-T4(DF=N%W=0%ACK=O%Flags=R%Ops=)
-T5(DF=N%W=0%ACK=S++%Flags=AR%Ops=)
-T6(DF=N%W=0%ACK=O%Flags=R%Ops=)
-T7(DF=N%W=0%ACK=S++%Flags=AR%Ops=)
-PU(DF=N%TOS=0%IPLEN=B0%RIPTL=148%RID=E%RIPCK=E%UCK=E%ULEN=134%DAT=E)
-
-# Microsoft Windows XP Professional SP2 ( Build 2600.xpsp_sp2_rtm.040803-2158)
-# Microsoft WIndows XP Proffesional Version 2002 Service Pack 2
-Fingerprint Microsoft Windows XP Pro SP2
-Class Microsoft | Windows | NT/2K/XP | general purpose
-TSeq(Class=TR%gcd=<6%IPID=I)
-T1(DF=N%W=FFFF%ACK=S++|O%Flags=AS%Ops=MNWNNT)
-T2(Resp=Y%DF=N%W=0%ACK=S%Flags=AR%Ops=)
-T3(Resp=Y%DF=N%W=FFFF%ACK=S++|O%Flags=AS%Ops=MNWNNT)
-T4(DF=N%W=0%ACK=O%Flags=R%Ops=)
-T5(DF=N%W=0%ACK=S++%Flags=AR%Ops=)
-T6(DF=N%W=0%ACK=O%Flags=R%Ops=)
-T7(DF=N%W=0%ACK=S++%Flags=AR%Ops=)
-PU(DF=N%TOS=0%IPLEN=B0%RIPTL=148%RID=E|F%RIPCK=E%UCK=E%ULEN=134%DAT=E)
-
 # Microsoft Windows XP Home (English) w/SP2 build 2600.xpsp_sp2_rtm.040803-2158
 # Microsoft Windows XP Home (English) w/SP2 build 2600.xpsp_sp2_rtm.040803-2158
 # Microsoft Windows XP Pro with SP2 (Version 5.1 Build 2600.xpsp_sp2_rtm.040803-2158 : Service Pack 2)
@@ -15908,19 +15740,162 @@ T6(DF=N%W=0%ACK=O%Flags=R%Ops=)
 T7(Resp=N)
 PU(DF=N%TOS=0%IPLEN=B0%RIPTL=148%RID=E%RIPCK=E%UCK=E%ULEN=134%DAT=E)
 
-# Windows XP Pro SP2: Version 5.1 (Build 2600.xpsp_sp2_rtm.040803-2158: Service Pack 2 (firewall disabled)
-Fingerprint Microsoft Windows XP Pro SP2 (firewall disabled)
+# Microsoft Windows XP Pro Build 2600.xpsp_sp2_rtm.040803-2158 : Service Pack 2
+# Microsoft Windows XP Professional w/SP2 build 2600.xpsp_sp2_rtm.040803-2158
+# Microsoft Windows XP Professional w/SP2 and latest Windows Updates patches as of Dec 15, 2004
+# Windows Version 5.1 (Build 2600.xpsp_sp2_rtm.040803-2158 : Service Pack 2)
+# Microsoft Windows XP Professional (Build 2600.xpsp_sp2_rtm.040803-2158 : Service Pack 2)
+# Microsoft Windows XP Professional (Spanish) w/SP2 build 2600.xpsp_sp2_trm.040803-2158
+# Windows Server 2003 Standard edition, Microsoft windows vers.5.2 build 3790.srv03_rtm.030324-2048
+# Microsoft Windows XP Professional Version 2002 Service Pack 2
+# Windows 2003 Server Standard Edition germany
+# Microsoft Windows Server 2003 EE Version 5.2 (Build 3790.srv03_gdr.040410-1234)
+# Microsoft Windows XP home (hebrew) with SP2
+Fingerprint Microsoft Windows XP SP2 or 2003 Server
 Class Microsoft | Windows | NT/2K/XP | general purpose
-SInfo(V=3.75%P=i386-unknown-openbsd3.6%D=11/16%Tm=419AC185%O=135%C=1%M=0080C6)
-TSeq(Class=TR%IPID=I%TS=0)
-T1(Resp=Y%DF=Y%W=FC94%ACK=S++%Flags=AS%Ops=MNWNNT)
+Class Microsoft | Windows | 2003/.NET | general purpose
+TSeq(Class=TR%gcd=<6%IPID=I)
+T1(DF=Y%W=FFFF%ACK=S++%Flags=AS%Ops=MNWNNT)
+T2(Resp=N)
+T3(Resp=Y%DF=Y%W=FFFF%ACK=S++%Flags=AS%Ops=MNWNNT)
+T4(DF=N%W=0%ACK=O%Flags=R%Ops=)
+T5(DF=N%W=0%ACK=S++%Flags=AR%Ops=)
+T6(DF=N%W=0%ACK=O%Flags=R%Ops=)
+T7(DF=N%W=0%ACK=S++%Flags=AR%Ops=)
+PU(DF=N%TOS=0%IPLEN=B0%RIPTL=148%RID=E%RIPCK=E%UCK=E%ULEN=134%DAT=E)
+
+# Microsoft Windows 2003 Enterprise Server patches as of 3 May 2003  - NO SP1
+# Microsoft windows Server 2003 Standard Edition (Corp. build) - Version 5.2 (Build+3790.srv03_gdr.040410-1234)
+Fingerprint Microsoft Windows XP SP2 or 2003 Server
+Class Microsoft | Windows | NT/2K/XP | general purpose
+TSeq(Class=TR%gcd=<6%IPID=I)
+T1(DF=Y%W=402E%ACK=S++%Flags=AS%Ops=MNWNNT)
+T2(Resp=Y%DF=N%W=0%ACK=S%Flags=AR%Ops=)
+T3(Resp=N)
+T4(DF=N%W=0%ACK=O%Flags=R%Ops=)
+T5(DF=N%W=0%ACK=S++%Flags=AR%Ops=)
+T6(DF=N%W=0%ACK=O%Flags=R%Ops=)
+T7(DF=N%W=0%ACK=S++%Flags=AR%Ops=)
+PU(DF=N%TOS=0%IPLEN=B0%RIPTL=148%RID=E%RIPCK=E%UCK=E%ULEN=134%DAT=E)
+
+# Micrososoft Windows Version 5.1 (Build 2600.XPSP_SP2_GDR.050301-1519 : Service Pack 2)
+Fingerprint Micrososoft Windows XP SP2
+Class Microsoft | Windows | NT/2K/XP | general purpose
+TSeq(Class=TR%gcd=<6%IPID=I)
+T1(DF=Y%W=402E%ACK=S++%Flags=AS%Ops=MNWNNT)
+T2(Resp=Y%DF=N%W=0%ACK=S%Flags=AR%Ops=)
+T3(Resp=Y%DF=Y%W=402E%ACK=S++%Flags=AS%Ops=MNWNNT)
+T4(DF=N%W=0%ACK=O%Flags=R%Ops=)
+T5(DF=Y%W=402E%ACK=S++%Flags=AS%Ops=MNWNNT)
+T6(DF=N%W=0%ACK=O%Flags=R%Ops=)
+T7(DF=N%W=0%ACK=S++%Flags=AR%Ops=)
+PU(DF=N%TOS=0%IPLEN=B0%RIPTL=148%RID=E%RIPCK=E%UCK=E%ULEN=134%DAT=E)
+
+# Microsoft Windows Version 5.1 Build 2600.xpsp2.030825-2117: Service Pack 1
+# Microsoft Windows XP Pro SP1 build 2600, latest windows updates (march 27, 2005)
+Fingerprint MS Windows XP Pro SP1
+Class Microsoft | Windows | NT/2K/XP | general purpose
+TSeq(Class=RI%gcd=<6%SI=<1B1AC&>29E%IPID=I%TS=U)
+T1(DF=N%W=2000|4000%ACK=S++%Flags=AS%Ops=M)
 T2(Resp=N)
 T3(Resp=N)
-T4(Resp=Y%DF=N%W=0%ACK=O%Flags=R%Ops=)
-T5(Resp=Y%DF=N%W=0%ACK=S++%Flags=AR%Ops=)
-T6(Resp=Y%DF=N%W=0%ACK=O%Flags=R%Ops=)
+T4(DF=N%W=0%ACK=O%Flags=R%Ops=)
+T5(DF=N%W=0%ACK=S++%Flags=AR%Ops=)
+T6(DF=N%W=0%ACK=O%Flags=R%Ops=)
 T7(Resp=N)
-PU(Resp=Y%DF=N%TOS=0%IPLEN=B0%RIPTL=148%RID=E%RIPCK=E%UCK=E%ULEN=134%DAT=E)
+PU(DF=N%TOS=0%IPLEN=38%RIPTL=148%RID=E%RIPCK=E%UCK=E%ULEN=134%DAT=E)
+
+# Windows 2000 Advanced Server Version 5.0 (Build 2195: Service Pack 4)
+Fingerprint Microsoft Windows 2000 AS SP4
+Class Microsoft | Windows | NT/2K/XP | general purpose
+TSeq(Class=TR%gcd=<6%IPID=I)
+T1(DF=Y%W=402E%ACK=S++%Flags=AS%Ops=MNWNNT)
+T2(Resp=Y%DF=N%W=800|400%ACK=S%Flags=AR%Ops=WNMETL)
+T3(Resp=Y%DF=N%W=C00|800%ACK=S++%Flags=AR%Ops=WNMETL)
+T4(DF=N%W=C00%ACK=S%Flags=AR%Ops=WNMETL)
+T5(DF=N%W=0%ACK=S++%Flags=AR%Ops=)
+T6(DF=N%W=400|800|C00%ACK=S%Flags=AR%Ops=WNMETL)
+T7(DF=N%W=1000|C00%ACK=S++%Flags=AR%Ops=WNMETL)
+PU(DF=N%TOS=0%IPLEN=38%RIPTL=148%RID=E%RIPCK=E%UCK=F%ULEN=134%DAT=E)
+
+# Windows 2000 server SP4 with all current patches april 9th 2005
+Fingerprint Microsoft Windows 2000 server SP4
+Class Microsoft | Windows | NT/2K/XP | general purpose
+TSeq(Class=RI%gcd=<6%SI=<1C3B8&>157%IPID=I)
+T1(DF=Y%W=FFFF%ACK=S++%Flags=AS%Ops=MNWNNT)
+T2(Resp=Y%DF=N%W=0%ACK=S%Flags=AR%Ops=)
+T3(Resp=Y%DF=N%W=0%ACK=S++%Flags=AR%Ops=)
+T4(DF=N%W=0%ACK=S%Flags=R%Ops=)
+T5(DF=N%W=0%ACK=S++%Flags=AR%Ops=)
+T6(DF=N%W=0%ACK=S%Flags=R%Ops=)
+T7(DF=N%W=0%ACK=S++%Flags=AR%Ops=)
+PU(DF=N%TOS=0%IPLEN=38%RIPTL=148%RID=E%RIPCK=E%UCK=E%ULEN=134%DAT=E)
+
+# Fingerprint Windows 2000 build 5.00.2195 SP4
+Fingerprint Microsoft Windows 2000 SP4
+Class Microsoft | Windows | NT/2K/XP | general purpose
+TSeq(Class=RI%gcd=<8%SI=<78816&>95%IPID=I)
+T1(DF=Y%W=FFFF%ACK=S++%Flags=AS%Ops=MNWNNT)
+T2(Resp=N)
+T3(Resp=Y%DF=Y%W=FFFF%ACK=S++%Flags=AS%Ops=MNWNNT)
+T4(DF=N%W=0%ACK=O%Flags=R%Ops=)
+T5(DF=Y%W=0%ACK=S++%Flags=AR%Ops=)
+T6(Resp=N)
+T7(Resp=N)
+PU(DF=N%TOS=C0%IPLEN=164%RIPTL=148%RID=E%RIPCK=E%UCK=E%ULEN=134%DAT=E)
+
+# Windows 2000 Version 5.0 Build 2195 SP 4 X86
+Fingerprint Microsoft Windows 2000 SP4
+Class Microsoft | Windows | NT/2K/XP | general purpose
+TSeq(Class=TR%gcd=<6%IPID=I)
+T1(DF=Y%W=4204|FFAF%ACK=S++%Flags=AS%Ops=MNWNNT)
+T2(Resp=Y%DF=N%W=0%ACK=S%Flags=AR%Ops=)
+T3(Resp=Y%DF=Y%W=4204|FFAF%ACK=S++%Flags=AS%Ops=MNWNNT)
+T4(DF=N%W=0%ACK=O%Flags=R%Ops=)
+T5(DF=N%W=0%ACK=S++%Flags=AR%Ops=)
+T6(DF=N%W=0%ACK=O%Flags=R%Ops=)
+T7(DF=N%W=0%ACK=S++%Flags=AR%Ops=)
+PU(DF=N%TOS=0%IPLEN=38%RIPTL=148%RID=E%RIPCK=E%UCK=E%ULEN=134%DAT=E)
+
+# Windows Version 5.0 build 2195 SP 4
+Fingerprint Microsoft Windows 2000 SP4
+Class Microsoft | Windows | NT/2K/XP | general purpose
+TSeq(Class=TR%gcd=<6%IPID=I)
+T1(DF=Y%W=7FFF|832C|FA00%ACK=S++%Flags=AS%Ops=MNWNNT)
+T2(Resp=Y%DF=N%W=0%ACK=S%Flags=AR%Ops=)
+T3(Resp=Y%DF=Y%W=7FFF|832C|FA00%ACK=S++|O%Flags=AS|A%Ops=MNWNNT|NNT)
+T4(DF=N%W=0%ACK=O%Flags=R%Ops=)
+T5(DF=N%W=0%ACK=S++%Flags=AR%Ops=)
+T6(DF=N%W=0%ACK=O%Flags=R%Ops=)
+T7(DF=N%W=0%ACK=S++%Flags=AR%Ops=)
+PU(DF=N%TOS=0%IPLEN=38%RIPTL=148%RID=E%RIPCK=E%UCK=E%ULEN=134%DAT=E)
+
+# Windows NT 4.0 Service pack 6 w/exchange 5.5
+# Microsoft Windows NT 4.0 service pack 6 (English)
+Fingerprint Microsoft Windows NT 4.0 SP6
+Class Microsoft | Windows | NT/2K/XP | general purpose
+TSeq(Class=RI%gcd=<8%SI=<1F9C8&>FA%IPID=BI|RPI|RD%TS=U)
+T1(DF=Y%W=2017%ACK=S++%Flags=AS%Ops=M)
+T2(Resp=N)
+T3(Resp=N)
+T4(DF=N%W=0%ACK=O%Flags=R%Ops=)
+T5(DF=N%W=0%ACK=S++%Flags=AR%Ops=)
+T6(DF=N%W=0%ACK=O%Flags=R%Ops=)
+T7(Resp=N)
+PU(DF=N%TOS=0%IPLEN=38%RIPTL=148%RID=E%RIPCK=E%UCK=E%ULEN=134%DAT=E)
+
+# Windows XP Professionnel (5.1) Service Pack 2
+Fingerprint Microsoft Windows XP Pro SP 2
+Class Microsoft | Windows | NT/2K/XP | general purpose
+TSeq(Class=TR%gcd=<6%IPID=I)
+T1(DF=Y%W=FFFF%ACK=S++%Flags=AS%Ops=MNWNNT)
+T2(Resp=Y%DF=N%W=C00|800|400%ACK=S%Flags=AR%Ops=WNMETL)
+T3(Resp=Y%DF=N%W=C00|800|400%ACK=S++%Flags=AR%Ops=WNMETL)
+T4(DF=N%W=400|1000%ACK=S%Flags=AR%Ops=WNMETL)
+T5(DF=N%W=C00%ACK=S++%Flags=AR%Ops=WNMETL)
+T6(DF=N%W=800|400%ACK=S%Flags=AR%Ops=WNMETL)
+T7(DF=N%W=400|800%ACK=S++%Flags=AR%Ops=WNMETL)
+PU(Resp=N)
 
 # HP Jornada running Windows CE 2.11 (Handheld/PC Pro 3.0) running on StrongARM 1100
 Fingerprint HP Jornada running Microsoft Windows CE 2.11 (Handheld/PC Pro 3.0 PDA)
@@ -16012,6 +15987,18 @@ T6(DF=Y%W=0%ACK=O%Flags=R%Ops=)
 T7(DF=Y%W=0%ACK=S++%Flags=AR%Ops=)
 PU(DF=N%TOS=0%IPLEN=164%RIPTL=148%RID=E|F%RIPCK=E%UCK=E%ULEN=134%DAT=E)
 
+Fingerprint MS Windows 2000 Server SP3
+Class Microsoft | Windows || general purpose
+TSeq(Class=RI%gcd=<6%SI=<30714&>2A7%IPID=I)
+T1(DF=Y%W=2DA0%ACK=S++%Flags=AS%Ops=MNWNNT)
+T2(Resp=Y%DF=N%W=0%ACK=S%Flags=AR%Ops=)
+T3(Resp=Y%DF=Y%W=2DA0%ACK=S++%Flags=AS%Ops=MNWNNT)
+T4(DF=N%W=0%ACK=O%Flags=R%Ops=)
+T5(DF=N%W=0%ACK=S++%Flags=AR%Ops=)
+T6(DF=N%W=0%ACK=O%Flags=R%Ops=)
+T7(DF=N%W=0%ACK=S++%Flags=AR%Ops=)
+PU(DF=N%TOS=0%IPLEN=38%RIPTL=148%RID=E%RIPCK=E%UCK=E%ULEN=134%DAT=E)
+
 Fingerprint MikroTik RouterOS 2.7.20
 Class MikroTik | RouterOS || software router
 TSeq(Class=RI%gcd=<6%SI=<1B9B36E&>46A4A%IPID=Z%TS=100HZ)
@@ -16058,6 +16045,18 @@ T6(Resp=N)
 T7(DF=N%W=2000%ACK=S++%Flags=AR%Ops=)
 PU(DF=N%TOS=0%IPLEN=38%RIPTL=148%RID=E%RIPCK=E%UCK=E%ULEN=134%DAT=E)
 
+Fingerprint Konica-Minolta Di3010 photocopier/printer/scanner
+Class Minolta | embedded || printer
+TSeq(Class=64K%IPID=I%TS=2HZ)
+T1(DF=N%W=FFFF%ACK=S++%Flags=AS%Ops=MNWNNT)
+T2(Resp=N)
+T3(Resp=Y%DF=N%W=FFFF%ACK=O%Flags=A%Ops=NNT)
+T4(DF=N%W=0%ACK=O%Flags=R%Ops=)
+T5(DF=N%W=0%ACK=S++%Flags=AR%Ops=)
+T6(DF=N%W=0%ACK=O%Flags=R%Ops=)
+T7(DF=N%W=0%ACK=S%Flags=AR%Ops=)
+PU(DF=N%TOS=0%IPLEN=38%RIPTL=148%RID=E%RIPCK=0%UCK=0%ULEN=134%DAT=E)
+
 # Minolta Di183 printer/copy machine ROM Version 1.52
 Fingerprint Minolta Di183 printer/copier
 Class Minolta | embedded || printer
@@ -16071,18 +16070,6 @@ T6(DF=N%W=0%ACK=O%Flags=R%Ops=)
 T7(DF=N%W=0%ACK=S%Flags=AR%Ops=)
 PU(DF=N%TOS=0%IPLEN=38%RIPTL=148%RID=E%RIPCK=0%UCK=0%ULEN=134%DAT=E)
 
-Fingerprint Konica-Minolta Di3010 photocopier/printer/scanner
-Class Minolta | embedded || printer
-TSeq(Class=64K%IPID=I%TS=2HZ)
-T1(DF=N%W=FFFF%ACK=S++%Flags=AS%Ops=MNWNNT)
-T2(Resp=N)
-T3(Resp=Y%DF=N%W=FFFF%ACK=O%Flags=A%Ops=NNT)
-T4(DF=N%W=0%ACK=O%Flags=R%Ops=)
-T5(DF=N%W=0%ACK=S++%Flags=AR%Ops=)
-T6(DF=N%W=0%ACK=O%Flags=R%Ops=)
-T7(DF=N%W=0%ACK=S%Flags=AR%Ops=)
-PU(DF=N%TOS=0%IPLEN=38%RIPTL=148%RID=E%RIPCK=0%UCK=0%ULEN=134%DAT=E)
-
 # VxWorks (for Destiny D8405 Pass 2 (Firmware build for Pass 1)) version 5.4.2.
 Fingerprint Minolta QMS Printer running VxWorks 5.4.2
 Class Minolta | VxWorks || printer
@@ -16120,18 +16107,6 @@ T6(DF=N%W=0%ACK=O%Flags=R%Ops=)
 T7(DF=N%W=0%ACK=S%Flags=AR%Ops=)
 PU(DF=Y%TOS=0%IPLEN=38%RIPTL=148%RID=E|F%RIPCK=F%UCK=0%ULEN=134%DAT=E)
 
-Fingerprint Motorola System V/68 version R3V7 on a 68030
-Class Motorola | BSD-misc || general purpose
-TSeq(Class=RI%gcd=<14%SI=<52F8&>C0)
-T1(DF=N%W=0%ACK=S++%Flags=AS%Ops=M)
-T2(Resp=N)
-T3(Resp=Y%DF=N%W=0%ACK=S++%Flags=AS%Ops=M)
-T4(DF=N%W=0%ACK=O%Flags=R%Ops=)
-T5(DF=N%W=0%ACK=S++%Flags=AR%Ops=)
-T6(DF=N%W=0%ACK=O%Flags=R%Ops=)
-T7(DF=N%W=0%ACK=S++%Flags=AR%Ops=)
-PU(Resp=N)
-
 # Motorola BSR 1000R(tm) version 1.1.19.PRR
 Fingerprint Motorola BSR 1000R
 Class Motorola | BSD-misc || general purpose
@@ -16145,6 +16120,18 @@ T6(DF=N%W=0%ACK=O%Flags=R%Ops=)
 T7(DF=N%W=0%ACK=O%Flags=AR%Ops=)
 PU(DF=N%TOS=0%IPLEN=38%RIPTL=134%RID=E%RIPCK=0%UCK=0%ULEN=134%DAT=E)
 
+Fingerprint Motorola System V/68 version R3V7 on a 68030
+Class Motorola | BSD-misc || general purpose
+TSeq(Class=RI%gcd=<14%SI=<52F8&>C0)
+T1(DF=N%W=0%ACK=S++%Flags=AS%Ops=M)
+T2(Resp=N)
+T3(Resp=Y%DF=N%W=0%ACK=S++%Flags=AS%Ops=M)
+T4(DF=N%W=0%ACK=O%Flags=R%Ops=)
+T5(DF=N%W=0%ACK=S++%Flags=AR%Ops=)
+T6(DF=N%W=0%ACK=O%Flags=R%Ops=)
+T7(DF=N%W=0%ACK=S++%Flags=AR%Ops=)
+PU(Resp=N)
+
 # Motorola Surfboard SB5100e VxWorks Version: 5.4
 # Motorola CG4500E Communication Gateway (cable modem)
 # Thomson TCM390 cable modem; Software Version:  ST33.07.00; Software Model:   A801; Bootloader:  2.1.4c
@@ -16163,19 +16150,6 @@ T6(DF=N%W=0%ACK=O%Flags=R%Ops=)
 T7(DF=N%W=0%ACK=S%Flags=AR%Ops=)
 PU(DF=N%TOS=0%IPLEN=38%RIPTL=148%RID=E%RIPCK=F%UCK=0%ULEN=134%DAT=E)
 
-# Motorola Surfboard SB5100 running Software version SB5100-2.3.1.6-SCM01-NOSH
-Fingerprint Motorola Surfboard SB5100 cable modem
-Class Motorola | VxWorks || broadband router
-TSeq(Class=RI%gcd=<6%SI=<FCB886&>286BF%IPID=I%TS=U)
-T1(DF=N%W=16D0%ACK=S++%Flags=AS%Ops=MNW)
-T2(Resp=N)
-T3(Resp=Y%DF=N|Y%W=16D0%ACK=S++|O%Flags=AS|A%Ops=MNW|)
-T4(DF=Y%W=0%ACK=O%Flags=R%Ops=)
-T5(DF=N%W=0%ACK=S++%Flags=AR%Ops=)
-T6(DF=N%W=0%ACK=O%Flags=R%Ops=)
-T7(DF=N%W=0%ACK=S%Flags=AR%Ops=)
-PU(DF=N%TOS=0%IPLEN=38%RIPTL=148%RID=E%RIPCK=F%UCK=0%ULEN=134%DAT=E)
-
 # Motorola SurfBoard 4401 provided by adelphia
 Fingerprint Motorola SurfBoard 4401 cable modem
 Class Motorola | VxWorks || broadband router
@@ -16202,6 +16176,19 @@ T6(DF=N%W=0%ACK=O%Flags=R%Ops=)
 T7(Resp=N)
 PU(DF=N%TOS=0%IPLEN=38%RIPTL=148%RID=E|F%RIPCK=0%UCK=0%ULEN=134%DAT=E)
 
+# Motorola Surfboard SB5100 running Software version SB5100-2.3.1.6-SCM01-NOSH
+Fingerprint Motorola Surfboard SB5100 cable modem
+Class Motorola | VxWorks || broadband router
+TSeq(Class=RI%gcd=<6%SI=<FCB886&>286BF%IPID=I%TS=U)
+T1(DF=N%W=16D0%ACK=S++%Flags=AS%Ops=MNW)
+T2(Resp=N)
+T3(Resp=Y%DF=N|Y%W=16D0%ACK=S++|O%Flags=AS|A%Ops=MNW|)
+T4(DF=Y%W=0%ACK=O%Flags=R%Ops=)
+T5(DF=N%W=0%ACK=S++%Flags=AR%Ops=)
+T6(DF=N%W=0%ACK=O%Flags=R%Ops=)
+T7(DF=N%W=0%ACK=S%Flags=AR%Ops=)
+PU(DF=N%TOS=0%IPLEN=38%RIPTL=148%RID=E%RIPCK=F%UCK=0%ULEN=134%DAT=E)
+
 # Motorola SURFboard SBG1000-0.1.3.0-SCM05-NOSH
 Fingerprint Motorola SURFboard SBG1000 broadband router
 Class Motorola | VxWorks || broadband router
@@ -16451,6 +16438,25 @@ T6(DF=N%W=0%ACK=O%Flags=R%Ops=)
 T7(DF=N%W=0%ACK=S%Flags=AR%Ops=)
 PU(DF=N%TOS=0%IPLEN=38%RIPTL=3415%RID=E%RIPCK=F%UCK=E%ULEN=134%DAT=E)
 
+# NetApp Release 6.5.2R1: Wed Sep  8 17:00:29 PDT 2004
+# NetApp Filer F820 running Ontap Release 6.5.2R1
+# NetApp NetCache 5.6
+# Network Appliance DataOnTap v6.5.2 "NetApp Release 6.5.2: Sun Jul 25 10:56:02 PDT 2004"
+# NetApp NetCache Release 5.6.2
+# NetCache OS 6.0.1
+Fingerprint NetApp Filer (Data OnTap 6.5.2) or NetCache (NetApp 5.6 - 6.0.1)
+Class NetApp | Data ONTAP || fileserver
+Class NetApp | embedded || web proxy
+TSeq(Class=TR%gcd=<6%IPID=BI%TS=100HZ)
+T1(DF=Y%W=2017%ACK=S++%Flags=AS%Ops=MNWNNT)
+T2(Resp=N)
+T3(Resp=Y%DF=N%W=0%ACK=S++%Flags=AR%Ops=)
+T4(DF=N%W=0%ACK=O%Flags=R%Ops=)
+T5(DF=N%W=0%ACK=S++%Flags=AR%Ops=)
+T6(DF=N%W=0%ACK=O%Flags=R%Ops=)
+T7(DF=N%W=0%ACK=S%Flags=AR%Ops=)
+PU(DF=N%TOS=0%IPLEN=38%RIPTL=148%RID=E%RIPCK=E%UCK=E%ULEN=134%DAT=E)
+
 Fingerprint NetApp ONTAP Release 6.3.3
 Class NetApp | Data ONTAP || fileserver
 TSeq(Class=RI%gcd=<6%SI=<7128C&>B45%IPID=BI%TS=100HZ)
@@ -16475,25 +16481,6 @@ T6(DF=N%W=0%ACK=O%Flags=R%Ops=)
 T7(DF=N%W=0%ACK=S%Flags=AR%Ops=)
 PU(DF=N%TOS=0%IPLEN=38%RIPTL=148%RID=E%RIPCK=E%UCK=E%ULEN=134%DAT=E)
 
-# NetApp Release 6.5.2R1: Wed Sep  8 17:00:29 PDT 2004
-# NetApp Filer F820 running Ontap Release 6.5.2R1
-# NetApp NetCache 5.6
-# Network Appliance DataOnTap v6.5.2 "NetApp Release 6.5.2: Sun Jul 25 10:56:02 PDT 2004"
-# NetApp NetCache Release 5.6.2
-# NetCache OS 6.0.1
-Fingerprint NetApp Filer (Data OnTap 6.5.2) or NetCache (NetApp 5.6 - 6.0.1)
-Class NetApp | Data ONTAP || fileserver
-Class NetApp | embedded || web proxy
-TSeq(Class=TR%gcd=<6%IPID=BI%TS=100HZ)
-T1(DF=Y%W=2017%ACK=S++%Flags=AS%Ops=MNWNNT)
-T2(Resp=N)
-T3(Resp=Y%DF=N%W=0%ACK=S++%Flags=AR%Ops=)
-T4(DF=N%W=0%ACK=O%Flags=R%Ops=)
-T5(DF=N%W=0%ACK=S++%Flags=AR%Ops=)
-T6(DF=N%W=0%ACK=O%Flags=R%Ops=)
-T7(DF=N%W=0%ACK=S%Flags=AR%Ops=)
-PU(DF=N%TOS=0%IPLEN=38%RIPTL=148%RID=E%RIPCK=E%UCK=E%ULEN=134%DAT=E)
-
 # NetCache 5.1D4 on a NetApp C1100 Box
 Fingerprint NetApp NetCache C1100 (NetApp 5.1D4)
 Class NetApp | embedded || web proxy
@@ -16734,6 +16721,18 @@ T6(DF=N%W=0%ACK=O%Flags=R%Ops=)
 T7(DF=N%W=0%ACK=S%Flags=AR%Ops=)
 PU(DF=N%TOS=0%IPLEN=38%RIPTL=148%RID=E%RIPCK=F%UCK=F%ULEN=134%DAT=E)
 
+Fingerprint NetBSD 1.6 - 1.6.1 (Alpha)
+Class NetBSD | NetBSD || general purpose
+TSeq(Class=RI|TR%gcd=<6%SI=<656F846%IPID=I)
+T1(DF=N%W=4000%ACK=S++%Flags=AS%Ops=MNWNNT)
+T2(Resp=N)
+T3(Resp=Y%DF=N%W=4000%ACK=S++%Flags=AS%Ops=MNWNNT)
+T4(DF=N%W=0%ACK=O%Flags=R%Ops=)
+T5(DF=N%W=0%ACK=S++%Flags=AR%Ops=)
+T6(DF=N%W=0%ACK=O%Flags=R%Ops=)
+T7(DF=N%W=0%ACK=S%Flags=AR%Ops=)
+PU(DF=N%TOS=0%IPLEN=38%RIPTL=148%RID=E%RIPCK=E%UCK=E%ULEN=134%DAT=E)
+
 Fingerprint NetBSD 1.6 BETA 4 i386 (20020630 snapshot)
 Class NetBSD | NetBSD || general purpose
 TSeq(Class=RI%gcd=<6%SI=<76BC4C8&>A6C26%IPID=I)
@@ -16746,12 +16745,11 @@ T6(DF=N%W=0%ACK=O%Flags=R%Ops=)
 T7(DF=N%W=0%ACK=S++%Flags=AR%Ops=)
 PU(DF=N%TOS=0%IPLEN=38%RIPTL=4801%RID=E%RIPCK=F%UCK=E%ULEN=134%DAT=E)
 
-Fingerprint NetBSD 1.6 - 1.6.1 (Alpha)
+Fingerprint NetBSD 1.6.2 (alpha)
 Class NetBSD | NetBSD || general purpose
-TSeq(Class=RI|TR%gcd=<6%SI=<656F846%IPID=I)
-T1(DF=N%W=4000%ACK=S++%Flags=AS%Ops=MNWNNT)
-T2(Resp=N)
-T3(Resp=Y%DF=N%W=4000%ACK=S++%Flags=AS%Ops=MNWNNT)
+T1(DF=Y%W=8000%ACK=S++%Flags=AS%Ops=MNWNNT)
+T2(Resp=Y%DF=N%W=0%ACK=S%Flags=AR%Ops=)
+T3(Resp=N)
 T4(DF=N%W=0%ACK=O%Flags=R%Ops=)
 T5(DF=N%W=0%ACK=S++%Flags=AR%Ops=)
 T6(DF=N%W=0%ACK=O%Flags=R%Ops=)
@@ -16771,17 +16769,6 @@ T6(DF=N%W=0%ACK=O%Flags=R%Ops=)
 T7(DF=N%W=0%ACK=S%Flags=AR%Ops=)
 PU(DF=N%TOS=0%IPLEN=38%RIPTL=148%RID=E%RIPCK=E%UCK=E%ULEN=134%DAT=E)
 
-Fingerprint NetBSD 1.6.2 (alpha)
-Class NetBSD | NetBSD || general purpose
-T1(DF=Y%W=8000%ACK=S++%Flags=AS%Ops=MNWNNT)
-T2(Resp=Y%DF=N%W=0%ACK=S%Flags=AR%Ops=)
-T3(Resp=N)
-T4(DF=N%W=0%ACK=O%Flags=R%Ops=)
-T5(DF=N%W=0%ACK=S++%Flags=AR%Ops=)
-T6(DF=N%W=0%ACK=O%Flags=R%Ops=)
-T7(DF=N%W=0%ACK=S%Flags=AR%Ops=)
-PU(DF=N%TOS=0%IPLEN=38%RIPTL=148%RID=E%RIPCK=E%UCK=E%ULEN=134%DAT=E)
-
 # NetBSD 1.6.2 on X86
 # Avocent Switchview net KVM switch - this is a embedded device that makes a regular KVM accessible over IP.
 # NetBSD 2.0_BETA i386
@@ -16842,18 +16829,6 @@ T6(DF=N%W=0%ACK=O%Flags=R%Ops=)
 T7(DF=N%W=0%ACK=S%Flags=AR%Ops=)
 PU(DF=N%TOS=0%IPLEN=38%RIPTL=148%RID=E%RIPCK=E%UCK=E%ULEN=134%DAT=E)
 
-Fingerprint NetBSD/Alpha 1.5.2 on a DEC 000/300 LX
-Class NetBSD | NetBSD || general purpose
-TSeq(Class=RI%gcd=<6%SI=<736B300&>106DED%IPID=I%TS=2HZ)
-T1(DF=N%W=4000%ACK=S++%Flags=AS%Ops=MNWNNT)
-T2(Resp=Y%DF=N%W=0%ACK=S%Flags=AR%Ops=)
-T3(Resp=Y%DF=N%W=4000%ACK=S++%Flags=AS%Ops=MNWNNT)
-T4(DF=N%W=0%ACK=O%Flags=R%Ops=)
-T5(DF=N%W=0%ACK=S++%Flags=AR%Ops=)
-T6(DF=N%W=0%ACK=O%Flags=R%Ops=)
-T7(DF=N%W=0%ACK=S%Flags=AR%Ops=)
-PU(DF=N%TOS=0%IPLEN=38%RIPTL=148%RID=E%RIPCK=F%UCK=F%ULEN=134%DAT=E)
-
 # NetBSD 2.0 (GENERIC) i386
 Fingerprint NetBSD 2.0
 Class NetBSD | NetBSD || general purpose
@@ -16880,6 +16855,18 @@ T6(DF=N%W=0%ACK=O%Flags=R%Ops=)
 T7(DF=N%W=0%ACK=S%Flags=AR%Ops=)
 PU(DF=N%TOS=0%IPLEN=38%RIPTL=148%RID=E%RIPCK=E%UCK=E%ULEN=134%DAT=E)
 
+Fingerprint NetBSD/Alpha 1.5.2 on a DEC 000/300 LX
+Class NetBSD | NetBSD || general purpose
+TSeq(Class=RI%gcd=<6%SI=<736B300&>106DED%IPID=I%TS=2HZ)
+T1(DF=N%W=4000%ACK=S++%Flags=AS%Ops=MNWNNT)
+T2(Resp=Y%DF=N%W=0%ACK=S%Flags=AR%Ops=)
+T3(Resp=Y%DF=N%W=4000%ACK=S++%Flags=AS%Ops=MNWNNT)
+T4(DF=N%W=0%ACK=O%Flags=R%Ops=)
+T5(DF=N%W=0%ACK=S++%Flags=AR%Ops=)
+T6(DF=N%W=0%ACK=O%Flags=R%Ops=)
+T7(DF=N%W=0%ACK=S%Flags=AR%Ops=)
+PU(DF=N%TOS=0%IPLEN=38%RIPTL=148%RID=E%RIPCK=F%UCK=F%ULEN=134%DAT=E)
+
 Fingerprint Netburner Model 5282 Embedded Ethernet Microcontroller
 Class Netburner | embedded || specialized
 TSeq(Class=RI|TD%gcd=<6%SI=<45498%IPID=I%TS=U)
@@ -16905,12 +16892,10 @@ T6(DF=N%W=0%ACK=S%Flags=R%Ops=)
 T7(DF=N%W=0%ACK=S++%Flags=AR%Ops=)
 PU(Resp=N)
 
-# Netgear FM114P ProSafe Wireless Firewall with Print Server
-# netgear wgr614 v4 wireless router
-# REPOTEC IP515H Cable Router / Print Server
-Fingerprint Netgear wireless router or Netgear FM114P/REPOTEC IP515H Router & Print Server
+# NETGEAR FVL238 Firmware Version  Version 1.5 Release 09
+Fingerprint Netgear FVL238 vpn/firewall/router
 Class Netgear | embedded || broadband router
-TSeq(Class=TD%gcd=<404%SI=<1E%IPID=I%TS=U)
+TSeq(Class=RI%gcd=<6%SI=<2E7205A&>76E53%IPID=I%TS=U)
 T1(DF=N%W=C00%ACK=S++%Flags=AS%Ops=M)
 T2(Resp=Y%DF=N%W=0%ACK=S%Flags=AR%Ops=)
 T3(Resp=Y%DF=N%W=C00%ACK=S++%Flags=AS%Ops=M)
@@ -16920,6 +16905,17 @@ T6(DF=N%W=0%ACK=S%Flags=R%Ops=)
 T7(DF=N%W=0%ACK=S++%Flags=AR%Ops=)
 PU(Resp=N)
 
+Fingerprint Netgear FVL328 vpn/firewall/router
+Class Netgear | embedded || broadband router
+T1(DF=N%W=C00%ACK=S++%Flags=AS%Ops=M)
+T2(Resp=N)
+T3(Resp=Y%DF=N%W=C00%ACK=S++%Flags=AS%Ops=M)
+T4(DF=N%W=0%ACK=S%Flags=R%Ops=)
+T5(DF=N%W=0%ACK=S++%Flags=AR%Ops=)
+T6(DF=N%W=0%ACK=O%Flags=R%Ops=)
+T7(Resp=N)
+PU(Resp=N)
+
 Fingerprint Netgear WGR614 wireless router
 Class Netgear | embedded || broadband router
 TSeq(Class=TR%gcd=<6%IPID=I%TS=U)
@@ -16932,21 +16928,12 @@ T6(DF=N%W=0%ACK=O%Flags=R%Ops=)
 T7(DF=N%W=0%ACK=S%Flags=AR%Ops=)
 PU(DF=N%TOS=0%IPLEN=38%RIPTL=148%RID=E%RIPCK=E%UCK=F%ULEN=134%DAT=E)
 
-Fingerprint Netgear FVL328 vpn/firewall/router
+# Netgear FM114P ProSafe Wireless Firewall with Print Server
+# netgear wgr614 v4 wireless router
+# REPOTEC IP515H Cable Router / Print Server
+Fingerprint Netgear wireless router or Netgear FM114P/REPOTEC IP515H Router & Print Server
 Class Netgear | embedded || broadband router
-T1(DF=N%W=C00%ACK=S++%Flags=AS%Ops=M)
-T2(Resp=N)
-T3(Resp=Y%DF=N%W=C00%ACK=S++%Flags=AS%Ops=M)
-T4(DF=N%W=0%ACK=S%Flags=R%Ops=)
-T5(DF=N%W=0%ACK=S++%Flags=AR%Ops=)
-T6(DF=N%W=0%ACK=O%Flags=R%Ops=)
-T7(Resp=N)
-PU(Resp=N)
-
-# NETGEAR FVL238 Firmware Version  Version 1.5 Release 09
-Fingerprint Netgear FVL238 vpn/firewall/router
-Class Netgear | embedded || broadband router
-TSeq(Class=RI%gcd=<6%SI=<2E7205A&>76E53%IPID=I%TS=U)
+TSeq(Class=TD%gcd=<404%SI=<1E%IPID=I%TS=U)
 T1(DF=N%W=C00%ACK=S++%Flags=AS%Ops=M)
 T2(Resp=Y%DF=N%W=0%ACK=S%Flags=AR%Ops=)
 T3(Resp=Y%DF=N%W=C00%ACK=S++%Flags=AS%Ops=M)
@@ -17046,6 +17033,19 @@ T6(DF=N%W=0%ACK=O%Flags=R%Ops=)
 T7(DF=N%W=0%ACK=S++%Flags=AR%Ops=)
 PU(DF=N%TOS=0%IPLEN=38%RIPTL=148%RID=E%RIPCK=E%UCK=E%ULEN=134%DAT=E)
 
+# Netopia Cayman 3341-ENT firmware v8.3.1r0
+Fingerprint Netopia Cayman 3341-ENT ADSL Router
+Class Netopia | embedded || broadband router
+TSeq(Class=TR%gcd=<6%IPID=I%TS=U)
+T1(DF=N%W=400%ACK=S++%Flags=AS%Ops=M)
+T2(Resp=N)
+T3(Resp=Y%DF=N%W=400%ACK=S++%Flags=AS%Ops=M)
+T4(DF=N%W=0%ACK=O%Flags=R%Ops=)
+T5(DF=N%W=0%ACK=S++%Flags=AR%Ops=)
+T6(DF=N%W=0%ACK=O%Flags=R%Ops=)
+T7(DF=N%W=0%ACK=S++%Flags=AR%Ops=)
+PU(Resp=N)
+
 Fingerprint Netopia DSL router
 Class Netopia | embedded || broadband router
 TSeq(Class=TR)
@@ -17072,19 +17072,6 @@ T6(Resp=N)
 T7(Resp=N)
 PU(DF=N%TOS=0%IPLEN=38%RIPTL=148%RID=E%RIPCK=E%UCK=E%ULEN=134%DAT=E)
 
-# Netopia R9100 v4.8.2
-Fingerprint Netopia R9100 DSL Router
-Class Netopia | embedded || broadband router
-TSeq(Class=TD%gcd=<FDEC%SI=<1E%IPID=I%TS=U)
-T1(DF=N%W=400%ACK=S++%Flags=AS%Ops=M)
-T2(Resp=N)
-T3(Resp=N)
-T4(Resp=N)
-T5(DF=N%W=0%ACK=S++%Flags=AR%Ops=)
-T6(Resp=N)
-T7(Resp=N)
-PU(DF=N%TOS=0%IPLEN=38%RIPTL=148%RID=E%RIPCK=F%UCK=F%ULEN=134%DAT=E)
-
 # Netopia R7100-C v4.11
 # Netopia R5300 router; firmware v4.11
 # Netopia R9171 v4.10
@@ -17114,6 +17101,19 @@ T6(Resp=N)
 T7(Resp=N)
 PU(DF=N%TOS=0%IPLEN=38%RIPTL=148%RID=E%RIPCK=E%UCK=F%ULEN=134%DAT=E)
 
+# Netopia R9100 v4.8.2
+Fingerprint Netopia R9100 DSL Router
+Class Netopia | embedded || broadband router
+TSeq(Class=TD%gcd=<FDEC%SI=<1E%IPID=I%TS=U)
+T1(DF=N%W=400%ACK=S++%Flags=AS%Ops=M)
+T2(Resp=N)
+T3(Resp=N)
+T4(Resp=N)
+T5(DF=N%W=0%ACK=S++%Flags=AR%Ops=)
+T6(Resp=N)
+T7(Resp=N)
+PU(DF=N%TOS=0%IPLEN=38%RIPTL=148%RID=E%RIPCK=F%UCK=F%ULEN=134%DAT=E)
+
 # Netopia Cayman 3341 DSL router
 # Radware Web Server Director NP with SynApps v8.10.02
 # Cayman Model 3347W Wireless DSL Ethernet Switch
@@ -17167,18 +17167,6 @@ T6(Resp=N)
 T7(Resp=N)
 PU(Resp=N)
 
-Fingerprint NetScreen-100
-Class NetScreen | ScreenOS || firewall
-TSeq(Class=RI%gcd=<6%SI=<276A&>50)
-T1(DF=N%W=400%ACK=S++%Flags=AS%Ops=M)
-T2(Resp=N)
-T3(Resp=N)
-T4(Resp=N)
-T5(DF=N%W=1000%ACK=S%Flags=AR%Ops=)
-T6(DF=N%W=1000%ACK=S%Flags=AR%Ops=)
-T7(Resp=N)
-PU(Resp=N)
-
 # NetScreen NS-204 Firewall (Version: 5.2.0r1.0)
 Fingerprint NetScreen NS-204 Firewall
 Class NetScreen | ScreenOS || firewall
@@ -17192,6 +17180,18 @@ T6(DF=N%W=0%ACK=S%Flags=R%Ops=)
 T7(DF=N%W=0%ACK=S++%Flags=AR%Ops=)
 PU(Resp=N)
 
+Fingerprint NetScreen-100
+Class NetScreen | ScreenOS || firewall
+TSeq(Class=RI%gcd=<6%SI=<276A&>50)
+T1(DF=N%W=400%ACK=S++%Flags=AS%Ops=M)
+T2(Resp=N)
+T3(Resp=N)
+T4(Resp=N)
+T5(DF=N%W=1000%ACK=S%Flags=AR%Ops=)
+T6(DF=N%W=1000%ACK=S%Flags=AR%Ops=)
+T7(Resp=N)
+PU(Resp=N)
+
 Fingerprint NetSilicon NetARM running ThreadX 2.0
 Class NetSilicon | ThreadX || specialized
 TSeq(Class=TD%gcd=<1F502%SI=<14%IPID=I%TS=U)
@@ -17365,19 +17365,6 @@ T6(DF=N%W=0%ACK=O%Flags=R%Ops=)
 T7(DF=N%W=0%ACK=S%Flags=AR%Ops=)
 PU(Resp=N)
 
-# Northern Telecom Supernode - Nortel Micronode telephone switch running OS version GSM15
-Fingerprint Nortel Micronode telephone switch running OS version GSM15
-Class Nortel | embedded || telecom-misc
-TSeq(Class=TD%gcd=<120004%SI=<14%IPID=Z%TS=U)
-T1(DF=N%W=1000%ACK=S++%Flags=AS%Ops=M)
-T2(Resp=Y%DF=N%W=0%ACK=S%Flags=AR%Ops=)
-T3(Resp=Y%DF=N%W=0%ACK=S++%Flags=AR%Ops=)
-T4(DF=N%W=0%ACK=O%Flags=R%Ops=)
-T5(DF=N%W=0%ACK=S++%Flags=AR%Ops=)
-T6(DF=N%W=0%ACK=O%Flags=R%Ops=)
-T7(DF=N%W=0%ACK=S%Flags=AR%Ops=)
-PU(Resp=N)
-
 # Nortel Networks BayStack 450-24T Versions: HW:RevL  FW:V1.48 SW:v4.2.0.16 ISVN:2
 Fingerprint Nortel Networks BayStack switch
 Class Nortel | embedded || switch
@@ -17438,6 +17425,19 @@ T5(DF=N%W=0%ACK=S++%Flags=AR%Ops=)
 T6(DF=N%W=0%ACK=O%Flags=R%Ops=)
 T7(DF=N%W=0%ACK=S%Flags=AR%Ops=)
 
+# Northern Telecom Supernode - Nortel Micronode telephone switch running OS version GSM15
+Fingerprint Nortel Micronode telephone switch running OS version GSM15
+Class Nortel | embedded || telecom-misc
+TSeq(Class=TD%gcd=<120004%SI=<14%IPID=Z%TS=U)
+T1(DF=N%W=1000%ACK=S++%Flags=AS%Ops=M)
+T2(Resp=Y%DF=N%W=0%ACK=S%Flags=AR%Ops=)
+T3(Resp=Y%DF=N%W=0%ACK=S++%Flags=AR%Ops=)
+T4(DF=N%W=0%ACK=O%Flags=R%Ops=)
+T5(DF=N%W=0%ACK=S++%Flags=AR%Ops=)
+T6(DF=N%W=0%ACK=O%Flags=R%Ops=)
+T7(DF=N%W=0%ACK=S%Flags=AR%Ops=)
+PU(Resp=N)
+
 # Nortel Passport 4400 Series - Release 4.0.3
 Fingerprint Nortel Passport 4400 Series multiservice access switch
 Class Nortel | embedded || telecom-misc
@@ -17489,18 +17489,6 @@ T6(DF=N%W=0%ACK=O%Flags=R%Ops=)
 T7(DF=N%W=0%ACK=S++%Flags=AR%Ops=)
 PU(DF=N%TOS=0%IPLEN=38%RIPTL=148%RID=E%RIPCK=E%UCK=E%ULEN=134%DAT=E)
 
-Fingerprint novell netware 4.11
-Class Novell | NetWare | 4.X | general purpose
-TSeq(Class=TR%gcd=<6%IPID=RPI%TS=U)
-T1(DF=Y%W=1800%ACK=S++%Flags=AS%Ops=MWN)
-T2(Resp=N)
-T3(Resp=Y%DF=Y%W=0%ACK=O%Flags=AR%Ops=)
-T4(DF=Y%W=0%ACK=O%Flags=R%Ops=)
-T5(DF=Y%W=0%ACK=S++%Flags=AR%Ops=)
-T6(DF=Y%W=0%ACK=O%Flags=R%Ops=)
-T7(DF=Y%W=0%ACK=S++%Flags=AR%Ops=)
-PU(Resp=N)
-
 Fingerprint NetWare 4.11 SP7- 5 SP3A BorderManager 3.5
 Class Novell | NetWare | 4.X | general purpose
 TSeq(Class=RI%gcd=<6%SI=<1843D74&>3E1D0)
@@ -17525,6 +17513,18 @@ T6(DF=Y%W=0%ACK=O%Flags=R%Ops=)
 T7(DF=Y%W=0%ACK=S++%Flags=AR%Ops=)
 PU(DF=N%TOS=0%IPLEN=38%RIPTL=148%RID=E%RIPCK=E%UCK=E%ULEN=134%DAT=E)
 
+Fingerprint novell netware 4.11
+Class Novell | NetWare | 4.X | general purpose
+TSeq(Class=TR%gcd=<6%IPID=RPI%TS=U)
+T1(DF=Y%W=1800%ACK=S++%Flags=AS%Ops=MWN)
+T2(Resp=N)
+T3(Resp=Y%DF=Y%W=0%ACK=O%Flags=AR%Ops=)
+T4(DF=Y%W=0%ACK=O%Flags=R%Ops=)
+T5(DF=Y%W=0%ACK=S++%Flags=AR%Ops=)
+T6(DF=Y%W=0%ACK=O%Flags=R%Ops=)
+T7(DF=Y%W=0%ACK=S++%Flags=AR%Ops=)
+PU(Resp=N)
+
 Fingerprint Novell NetWare 4.11-5.0SP5
 Class Novell | NetWare | 4.X | general purpose
 Class Novell | NetWare | 5.X | general purpose
@@ -17612,6 +17612,23 @@ T6(DF=N%W=0%ACK=O%Flags=R%Ops=)
 T7(DF=N%W=0%ACK=S++%Flags=AR%Ops=)
 PU(DF=N%TOS=0%IPLEN=38%RIPTL=148%RID=E%RIPCK=E%UCK=E%ULEN=134%DAT=E)
 
+# Novell NetWare 5.1 SP8
+# Novell NetWare 6.5 SP3
+# Novell Open Enterprise Server, NetWare 6.5 Support Pack Revision 03
+# Novell NetWare Open Enterprise Server (OES) (English, First Customer Shipping version) installed with everything on it, X86
+Fingerprint Novell NetWare 5.1 SP8 or 6.5 SP3
+Class Novell | NetWare | 5.X | general purpose
+Class Novell | NetWare | 6.X | general purpose
+TSeq(Class=TR%gcd=<6%IPID=BI|RPI%TS=U)
+T1(DF=N|Y%W=17FF%ACK=S++%Flags=AS%Ops=MEWN)
+T2(Resp=Y%DF=N|Y%W=0%ACK=S%Flags=AR%Ops=)
+T3(Resp=Y%DF=N|Y%W=0%ACK=O%Flags=AR%Ops=)
+T4(DF=N|Y%W=0%ACK=O%Flags=R%Ops=)
+T5(DF=N|Y%W=0%ACK=S++%Flags=AR%Ops=)
+T6(DF=N|Y%W=0%ACK=O%Flags=R%Ops=)
+T7(DF=N|Y%W=0%ACK=S++%Flags=AR%Ops=)
+PU(DF=N%TOS=0%IPLEN=38%RIPTL=148%RID=E%RIPCK=E%UCK=E%ULEN=134%DAT=E)
+
 Fingerprint Novell NetWare 5.1-6.0
 Class Novell | NetWare | 5.X | general purpose
 Class Novell | NetWare | 6.X | general purpose
@@ -17663,18 +17680,6 @@ T6(DF=Y%W=0%ACK=O%Flags=R%Ops=)
 T7(DF=Y%W=0%ACK=S++%Flags=AR%Ops=)
 PU(DF=N%TOS=0%IPLEN=38%RIPTL=148%RID=E%RIPCK=E%UCK=F%ULEN=134%DAT=E)
 
-Fingerprint Novell Netware 6 (no service packs)
-Class Novell | NetWare | 6.X | general purpose
-TSeq(Class=RI%gcd=<6%SI=<3B034FE&>24038%IPID=BI%TS=U)
-T1(DF=Y%W=1800%ACK=S++%Flags=AS%Ops=MEWN)
-T2(Resp=N)
-T3(Resp=N)
-T4(DF=Y%W=0%ACK=O%Flags=R%Ops=)
-T5(DF=Y%W=0%ACK=S++%Flags=AR%Ops=)
-T6(DF=Y%W=0%ACK=O%Flags=R%Ops=)
-T7(Resp=N)
-PU(DF=N%TOS=0%IPLEN=38%RIPTL=148%RID=E%RIPCK=E%UCK=E%ULEN=134%DAT=E)
-
 # NetWare 6.5 SP2 (running on a Compaq Proliant ML370)
 Fingerprint NetWare 6.5 SP2
 Class Novell | NetWare | 6.X | general purpose
@@ -17688,6 +17693,18 @@ T6(DF=Y%W=0%ACK=O%Flags=R%Ops=)
 T7(DF=Y%W=0%ACK=S++%Flags=AR%Ops=)
 PU(DF=N%TOS=0%IPLEN=38%RIPTL=148%RID=E%RIPCK=F%UCK=F%ULEN=134%DAT=E)
 
+Fingerprint Novell Netware 6 (no service packs)
+Class Novell | NetWare | 6.X | general purpose
+TSeq(Class=RI%gcd=<6%SI=<3B034FE&>24038%IPID=BI%TS=U)
+T1(DF=Y%W=1800%ACK=S++%Flags=AS%Ops=MEWN)
+T2(Resp=N)
+T3(Resp=N)
+T4(DF=Y%W=0%ACK=O%Flags=R%Ops=)
+T5(DF=Y%W=0%ACK=S++%Flags=AR%Ops=)
+T6(DF=Y%W=0%ACK=O%Flags=R%Ops=)
+T7(Resp=N)
+PU(DF=N%TOS=0%IPLEN=38%RIPTL=148%RID=E%RIPCK=E%UCK=E%ULEN=134%DAT=E)
+
 Fingerprint Novell NetWare 6 SP1
 Class Novell | NetWare | 6.X | general purpose
 TSeq(Class=TR%gcd=<6%IPID=RD|RPI%TS=U)
@@ -17749,23 +17766,6 @@ T6(DF=Y%W=0%ACK=O%Flags=R%Ops=)
 T7(DF=Y%W=0%ACK=S++%Flags=AR%Ops=)
 PU(DF=N%TOS=0%IPLEN=38%RIPTL=148%RID=E%RIPCK=E%UCK=F%ULEN=134%DAT=E)
 
-# Novell NetWare 5.1 SP8
-# Novell NetWare 6.5 SP3
-# Novell Open Enterprise Server, NetWare 6.5 Support Pack Revision 03
-# Novell NetWare Open Enterprise Server (OES) (English, First Customer Shipping version) installed with everything on it, X86
-Fingerprint Novell NetWare 5.1 SP8 or 6.5 SP3
-Class Novell | NetWare | 5.X | general purpose
-Class Novell | NetWare | 6.X | general purpose
-TSeq(Class=TR%gcd=<6%IPID=BI|RPI%TS=U)
-T1(DF=N|Y%W=17FF%ACK=S++%Flags=AS%Ops=MEWN)
-T2(Resp=Y%DF=N|Y%W=0%ACK=S%Flags=AR%Ops=)
-T3(Resp=Y%DF=N|Y%W=0%ACK=O%Flags=AR%Ops=)
-T4(DF=N|Y%W=0%ACK=O%Flags=R%Ops=)
-T5(DF=N|Y%W=0%ACK=S++%Flags=AR%Ops=)
-T6(DF=N|Y%W=0%ACK=O%Flags=R%Ops=)
-T7(DF=N|Y%W=0%ACK=S++%Flags=AR%Ops=)
-PU(DF=N%TOS=0%IPLEN=38%RIPTL=148%RID=E%RIPCK=E%UCK=E%ULEN=134%DAT=E)
-
 # NSG 500 router. OS version 7.6.1 (http://www.nsg.ru)
 # NSG-520/Network Systems Group, running Version 7.6.1
 # NX-300/3wl/1e1/Network Systems Group running Version 7.6.3
@@ -17827,6 +17827,18 @@ T6(DF=N%W=0%ACK=S%Flags=AR%Ops=)
 T7(DF=N%W=0%ACK=S%Flags=AR%Ops=)
 PU(Resp=N)
 
+Fingerprint Open Network 501r or 531r (ADSL Router)
+Class Open Networks | embedded || broadband router
+TSeq(Class=TD%gcd=<2C%SI=<1E%IPID=I%TS=U)
+T1(DF=N%W=800%ACK=S++%Flags=AS%Ops=M)
+T2(Resp=N)
+T3(Resp=Y%DF=N%W=800%ACK=S++%Flags=AS%Ops=M)
+T4(DF=N%W=0%ACK=O%Flags=R%Ops=)
+T5(DF=N%W=0%ACK=S++%Flags=AR%Ops=)
+T6(DF=N%W=0%ACK=O%Flags=R%Ops=)
+T7(DF=N%W=0%ACK=S++%Flags=AR%Ops=)
+PU(DF=N%TOS=0%IPLEN=38%RIPTL=148%RID=E%RIPCK=E%UCK=E%ULEN=134%DAT=E)
+
 Fingerprint OpenBSD 2.7/SPARC or NFR IDS Appliance ( 12/10/00 )
 Class OpenBSD | OpenBSD | 2.7 | general purpose
 TSeq(Class=RI%gcd=<6%SI=<8FC28&>16EC)
@@ -18096,6 +18108,19 @@ T6(DF=Y%W=0%ACK=O%Flags=R%Ops=)
 T7(Resp=N)
 PU(DF=N%TOS=0|20%IPLEN=38%RIPTL=148%RID=E%RIPCK=E%UCK=E|F%ULEN=134%DAT=E)
 
+# OpenBSD 3.4 GENERIC#18 i386
+Fingerprint OpenBSD 3.4
+Class OpenBSD | OpenBSD | 3.X | general purpose
+TSeq(Class=TR%gcd=<6%IPID=RD%TS=2HZ)
+T1(DF=Y%W=403D%ACK=S++%Flags=AS%Ops=MNWNNT)
+T2(Resp=N)
+T3(Resp=N)
+T4(DF=Y%W=0%ACK=S%Flags=AR%Ops=)
+T5(DF=Y%W=0%ACK=S++%Flags=AR%Ops=)
+T6(DF=Y%W=0%ACK=S%Flags=AR%Ops=)
+T7(Resp=N)
+PU(DF=N%TOS=0%IPLEN=38%RIPTL=148%RID=E%RIPCK=E%UCK=E%ULEN=134%DAT=E)
+
 # OpenBSD 3.4 GENERIC#18 i386
 Fingerprint OpenBSD 3.4 (X86)
 Class OpenBSD | OpenBSD | 3.X | general purpose
@@ -18158,19 +18183,6 @@ T6(DF=N%W=0%ACK=O%Flags=R%Ops=)
 T7(Resp=N)
 PU(DF=N%TOS=0%IPLEN=38%RIPTL=148%RID=F%RIPCK=F%UCK=E%ULEN=134%DAT=E)
 
-# OpenBSD 3.4 GENERIC#18 i386
-Fingerprint OpenBSD 3.4
-Class OpenBSD | OpenBSD | 3.X | general purpose
-TSeq(Class=TR%gcd=<6%IPID=RD%TS=2HZ)
-T1(DF=Y%W=403D%ACK=S++%Flags=AS%Ops=MNWNNT)
-T2(Resp=N)
-T3(Resp=N)
-T4(DF=Y%W=0%ACK=S%Flags=AR%Ops=)
-T5(DF=Y%W=0%ACK=S++%Flags=AR%Ops=)
-T6(DF=Y%W=0%ACK=S%Flags=AR%Ops=)
-T7(Resp=N)
-PU(DF=N%TOS=0%IPLEN=38%RIPTL=148%RID=E%RIPCK=E%UCK=E%ULEN=134%DAT=E)
-
 # OpenBSD 3.5 (GENERIC#34 i386)
 # OpenBSD 3.5 GENERIC#34 i386
 # OpenBSD 3.6 GENERIC#59 i386
@@ -18275,30 +18287,6 @@ T6(DF=Y%W=0%ACK=O%Flags=R%Ops=)
 T7(DF=Y%W=0%ACK=S%Flags=AR%Ops=)
 PU(DF=N%TOS=0%IPLEN=38%RIPTL=148%RID=E%RIPCK=E%UCK=E%ULEN=134%DAT=E)
 
-# OpenBSD fwall.xxx.xx 3.6 GENERIC#42 i386
-Fingerprint OpenBSD 3.6 x86 with pf "scrub in all"
-Class OpenBSD | OpenBSD | 3.X | general purpose
-T1(DF=Y%W=E000%ACK=S++%Flags=AS%Ops=MNWNNT)
-T2(Resp=N)
-T3(Resp=N)
-T4(DF=N%W=0%ACK=O%Flags=R%Ops=)
-T5(DF=Y%W=0%ACK=S++%Flags=AR%Ops=)
-T6(DF=Y%W=0%ACK=O%Flags=R%Ops=)
-T7(Resp=N)
-PU(DF=N%TOS=0%IPLEN=38%RIPTL=148%RID=E%RIPCK=E%UCK=E%ULEN=134%DAT=E)
-
-Fingerprint OpenBSD 3.6 (i386)
-Class OpenBSD | OpenBSD | 3.X | general purpose
-TSeq(Class=TR%gcd=<6%IPID=RD%TS=2HZ)
-T1(DF=N%W=4000%ACK=S++%Flags=AS%Ops=MNWNNT)
-T2(Resp=N)
-T3(Resp=N)
-T4(DF=N%W=0%ACK=O%Flags=R%Ops=)
-T5(DF=N%W=0%ACK=S++%Flags=AR%Ops=)
-T6(DF=N%W=0%ACK=O%Flags=R%Ops=)
-T7(Resp=N)
-PU(DF=N%TOS=0%IPLEN=38%RIPTL=148%RID=E%RIPCK=E%UCK=E%ULEN=134%DAT=E)
-
 # OpenBSD 3.6 on a Sparc 20
 Fingerprint OpenBSD 3.6
 Class OpenBSD | OpenBSD | 3.X | general purpose
@@ -18338,6 +18326,30 @@ T6(DF=Y%W=0%ACK=S%Flags=AR%Ops=)
 T7(Resp=N)
 PU(DF=N%TOS=60%IPLEN=38%RIPTL=148%RID=F%RIPCK=E%UCK=F%ULEN=134%DAT=E)
 
+Fingerprint OpenBSD 3.6 (i386)
+Class OpenBSD | OpenBSD | 3.X | general purpose
+TSeq(Class=TR%gcd=<6%IPID=RD%TS=2HZ)
+T1(DF=N%W=4000%ACK=S++%Flags=AS%Ops=MNWNNT)
+T2(Resp=N)
+T3(Resp=N)
+T4(DF=N%W=0%ACK=O%Flags=R%Ops=)
+T5(DF=N%W=0%ACK=S++%Flags=AR%Ops=)
+T6(DF=N%W=0%ACK=O%Flags=R%Ops=)
+T7(Resp=N)
+PU(DF=N%TOS=0%IPLEN=38%RIPTL=148%RID=E%RIPCK=E%UCK=E%ULEN=134%DAT=E)
+
+# OpenBSD fwall.xxx.xx 3.6 GENERIC#42 i386
+Fingerprint OpenBSD 3.6 x86 with pf "scrub in all"
+Class OpenBSD | OpenBSD | 3.X | general purpose
+T1(DF=Y%W=E000%ACK=S++%Flags=AS%Ops=MNWNNT)
+T2(Resp=N)
+T3(Resp=N)
+T4(DF=N%W=0%ACK=O%Flags=R%Ops=)
+T5(DF=Y%W=0%ACK=S++%Flags=AR%Ops=)
+T6(DF=Y%W=0%ACK=O%Flags=R%Ops=)
+T7(Resp=N)
+PU(DF=N%TOS=0%IPLEN=38%RIPTL=148%RID=E%RIPCK=E%UCK=E%ULEN=134%DAT=E)
+
 Fingerprint OpenBSD 3.7
 Class OpenBSD | OpenBSD | 3.X | general purpose
 TSeq(Class=TR%gcd=<6%IPID=RD)
@@ -18350,18 +18362,6 @@ T6(DF=Y%W=0%ACK=O%Flags=R%Ops=)
 T7(Resp=N)
 PU(DF=N%TOS=0%IPLEN=38%RIPTL=148%RID=E%RIPCK=E%UCK=F%ULEN=134%DAT=E)
 
-Fingerprint Open Network 501r or 531r (ADSL Router)
-Class Open Networks | embedded || broadband router
-TSeq(Class=TD%gcd=<2C%SI=<1E%IPID=I%TS=U)
-T1(DF=N%W=800%ACK=S++%Flags=AS%Ops=M)
-T2(Resp=N)
-T3(Resp=Y%DF=N%W=800%ACK=S++%Flags=AS%Ops=M)
-T4(DF=N%W=0%ACK=O%Flags=R%Ops=)
-T5(DF=N%W=0%ACK=S++%Flags=AR%Ops=)
-T6(DF=N%W=0%ACK=O%Flags=R%Ops=)
-T7(DF=N%W=0%ACK=S++%Flags=AR%Ops=)
-PU(DF=N%TOS=0%IPLEN=38%RIPTL=148%RID=E%RIPCK=E%UCK=E%ULEN=134%DAT=E)
-
 Fingerprint Pace digital cable TV receiver
 Class Pace | embedded || media device
 TSeq(Class=RI%gcd=<6%SI=<2C3AB3E&>62A0A%IPID=Z%TS=100HZ)
@@ -18386,6 +18386,19 @@ T6(DF=N%W=0%ACK=O%Flags=R%Ops=)
 T7(DF=N%W=0%ACK=S%Flags=AR%Ops=)
 PU(DF=N%TOS=0%IPLEN=38%RIPTL=148%RID=E%RIPCK=E%UCK=E%ULEN=134%DAT=E)
 
+# Packet8 BPA410 Broadband Phone Adapter
+Fingerprint Packet8 BPA410 Broadband Phone Adapter
+Class Packet8 | embedded || VoIP adapter
+TSeq(Class=TR%gcd=<6%IPID=I%TS=U)
+T1(DF=Y%W=578%ACK=S++%Flags=AS%Ops=)
+T2(Resp=N)
+T3(Resp=N)
+T4(DF=Y%W=578%ACK=O%Flags=R%Ops=)
+T5(DF=Y%W=578%ACK=S++%Flags=AR%Ops=)
+T6(DF=Y%W=578%ACK=O%Flags=R%Ops=)
+T7(Resp=N)
+PU(DF=Y%TOS=0%IPLEN=148%RIPTL=148%RID=E%RIPCK=E%UCK=E%ULEN=134%DAT=F)
+
 Fingerprint Packet8 DTA310 VoIP/POTS gateway
 Class Packet8 | embedded || VoIP adapter
 TSeq(Class=TD%gcd=<200034%SI=<1E%TS=U)
@@ -18412,19 +18425,6 @@ T6(DF=Y%W=578%ACK=O%Flags=R%Ops=)
 T7(DF=Y%W=578%ACK=S++%Flags=AR%Ops=)
 PU(DF=Y%TOS=0%IPLEN=148%RIPTL=148%RID=E%RIPCK=E%UCK=E%ULEN=134%DAT=F)
 
-# Packet8 BPA410 Broadband Phone Adapter
-Fingerprint Packet8 BPA410 Broadband Phone Adapter
-Class Packet8 | embedded || VoIP adapter
-TSeq(Class=TR%gcd=<6%IPID=I%TS=U)
-T1(DF=Y%W=578%ACK=S++%Flags=AS%Ops=)
-T2(Resp=N)
-T3(Resp=N)
-T4(DF=Y%W=578%ACK=O%Flags=R%Ops=)
-T5(DF=Y%W=578%ACK=S++%Flags=AR%Ops=)
-T6(DF=Y%W=578%ACK=O%Flags=R%Ops=)
-T7(Resp=N)
-PU(DF=Y%TOS=0%IPLEN=148%RIPTL=148%RID=E%RIPCK=E%UCK=E%ULEN=134%DAT=F)
-
 Fingerprint Packeteer PacketShaper 4000 v4.1.3b2 2000-04-05
 Class Packeteer | pSOS || load balancer
 TSeq(Class=64K)
@@ -18549,18 +18549,6 @@ T6(DF=N%W=B4%ACK=S%Flags=R%Ops=)
 T7(DF=N%W=B4%ACK=S%Flags=R%Ops=)
 PU(Resp=N)
 
-Fingerprint Perle JetStream 8500 Serial/Access Server, v 2.6.0
-Class Perle | embedded || terminal server
-TSeq(Class=64K%IPID=I%TS=U)
-T1(DF=N%W=800%ACK=S++%Flags=AS%Ops=M)
-T2(Resp=N)
-T3(Resp=Y%DF=N%W=7FC%ACK=O%Flags=A%Ops=)
-T4(DF=N%W=0%ACK=O%Flags=R%Ops=)
-T5(DF=N%W=0%ACK=S++%Flags=AR%Ops=)
-T6(DF=N%W=0%ACK=O%Flags=R%Ops=)
-T7(DF=N%W=0%ACK=S%Flags=AR%Ops=)
-PU(DF=N%TOS=0%IPLEN=38%RIPTL=148%RID=F%RIPCK=0%UCK=0%ULEN=134%DAT=E)
-
 # Perle 594e Network Controller
 Fingerprint Perle 594e Network Controller
 Class Perle | embedded || remote management
@@ -18573,6 +18561,18 @@ T6(DF=Y%W=100%ACK=O%Flags=R%Ops=)
 T7(DF=Y%W=100%ACK=S%Flags=AR%Ops=)
 PU(DF=N%TOS=0%IPLEN=38%RIPTL=148%RID=E%RIPCK=E%UCK=E%ULEN=134%DAT=E)
 
+Fingerprint Perle JetStream 8500 Serial/Access Server, v 2.6.0
+Class Perle | embedded || terminal server
+TSeq(Class=64K%IPID=I%TS=U)
+T1(DF=N%W=800%ACK=S++%Flags=AS%Ops=M)
+T2(Resp=N)
+T3(Resp=Y%DF=N%W=7FC%ACK=O%Flags=A%Ops=)
+T4(DF=N%W=0%ACK=O%Flags=R%Ops=)
+T5(DF=N%W=0%ACK=S++%Flags=AR%Ops=)
+T6(DF=N%W=0%ACK=O%Flags=R%Ops=)
+T7(DF=N%W=0%ACK=S%Flags=AR%Ops=)
+PU(DF=N%TOS=0%IPLEN=38%RIPTL=148%RID=F%RIPCK=0%UCK=0%ULEN=134%DAT=E)
+
 Fingerprint Phillips ReplayTV 5000 DVR
 Class Phillips | embedded || media device
 TSeq(Class=64K%IPID=I%TS=2HZ)
@@ -18624,18 +18624,6 @@ T6(DF=N%W=0%ACK=S%Flags=AR%Ops=)
 T7(DF=N%W=0%ACK=S%Flags=AR%Ops=)
 PU(DF=N%TOS=0%IPLEN=164%RIPTL=148%RID=E%RIPCK=E%UCK=E%ULEN=134%DAT=E)
 
-Fingerprint Planet WAP 1950 Wireless Access Point
-Class Planet | embedded || WAP
-TSeq(Class=TD%gcd=<1C%SI=<14%IPID=I%TS=U)
-T1(DF=Y%W=800%ACK=S++%Flags=AS%Ops=ME)
-T2(Resp=N)
-T3(Resp=Y%DF=Y%W=800%ACK=S++%Flags=AS%Ops=ME)
-T4(DF=N%W=0%ACK=O%Flags=R%Ops=)
-T5(DF=N%W=0%ACK=S++%Flags=AR%Ops=)
-T6(DF=N%W=0%ACK=O%Flags=R%Ops=)
-T7(DF=N%W=0%ACK=S++%Flags=AR%Ops=)
-PU(DF=N%TOS=0%IPLEN=38%RIPTL=148%RID=E%RIPCK=E%UCK=E%ULEN=134%DAT=E)
-
 # switch planet-fgsw-2620vs http://www.planet.com.tw/news/productnews/FGSW-2620VS.htm
 Fingerprint Planet FGSW-2620VS switch
 Class Planet | embedded || switch
@@ -18649,6 +18637,30 @@ T6(DF=N%W=400%ACK=S++%Flags=AR%Ops=)
 T7(DF=N%W=400%ACK=S++%Flags=AR%Ops=)
 PU(Resp=N)
 
+Fingerprint Planet WAP 1950 Wireless Access Point
+Class Planet | embedded || WAP
+TSeq(Class=TD%gcd=<1C%SI=<14%IPID=I%TS=U)
+T1(DF=Y%W=800%ACK=S++%Flags=AS%Ops=ME)
+T2(Resp=N)
+T3(Resp=Y%DF=Y%W=800%ACK=S++%Flags=AS%Ops=ME)
+T4(DF=N%W=0%ACK=O%Flags=R%Ops=)
+T5(DF=N%W=0%ACK=S++%Flags=AR%Ops=)
+T6(DF=N%W=0%ACK=O%Flags=R%Ops=)
+T7(DF=N%W=0%ACK=S++%Flags=AR%Ops=)
+PU(DF=N%TOS=0%IPLEN=38%RIPTL=148%RID=E%RIPCK=E%UCK=E%ULEN=134%DAT=E)
+
+Fingerprint Polycom Video Conference node
+Class Polycom | embedded || webcam
+TSeq(Class=C%Val=8B6A000%IPID=I%TS=U)
+T1(DF=N%W=5B40%ACK=S++%Flags=AS%Ops=M)
+T2(Resp=N)
+T3(Resp=N)
+T4(DF=N%W=0%ACK=O%Flags=R%Ops=)
+T5(DF=N%W=0%ACK=S++%Flags=AR%Ops=)
+T6(DF=N%W=0%ACK=O%Flags=R%Ops=)
+T7(Resp=N)
+PU(DF=N%TOS=0%IPLEN=70%RIPTL=148%RID=E%RIPCK=E%UCK=E%ULEN=134%DAT=E)
+
 Fingerprint Polycom ViewStation
 Class Polycom | embedded || webcam
 TSeq(Class=C)
@@ -18685,18 +18697,6 @@ T6(Resp=N)
 T7(Resp=N)
 PU(DF=N%TOS=0%IPLEN=70%RIPTL=148%RID=E%RIPCK=E%UCK=F%ULEN=134%DAT=E)
 
-Fingerprint Polycom Video Conference node
-Class Polycom | embedded || webcam
-TSeq(Class=C%Val=8B6A000%IPID=I%TS=U)
-T1(DF=N%W=5B40%ACK=S++%Flags=AS%Ops=M)
-T2(Resp=N)
-T3(Resp=N)
-T4(DF=N%W=0%ACK=O%Flags=R%Ops=)
-T5(DF=N%W=0%ACK=S++%Flags=AR%Ops=)
-T6(DF=N%W=0%ACK=O%Flags=R%Ops=)
-T7(Resp=N)
-PU(DF=N%TOS=0%IPLEN=70%RIPTL=148%RID=E%RIPCK=E%UCK=E%ULEN=134%DAT=E)
-
 Fingerprint PowerShow NetworKam webcam
 Class PowerShow | embedded || webcam
 TSeq(Class=TD%gcd=<194%SI=<14%IPID=I%TS=U)
@@ -18783,7 +18783,7 @@ T7(DF=N%W=C00%ACK=S++%Flags=AR%Ops=WNMETL)
 PU(Resp=N)
 
 # QNX 6.00 2000/10/17-14:59:25edt x86pc x86
-Fingerprint QNX 6.00 realtime embedded OS (x86) 
+Fingerprint QNX 6.00 realtime embedded OS (x86)
 Class QNX | QNX || general purpose
 TSeq(Class=TD%gcd=<4AB54%SI=<82%IPID=I%TS=U)
 T1(DF=N%W=1000|800%ACK=S++%Flags=AR%Ops=WNMETL)
@@ -19944,6 +19944,20 @@ T6(DF=N%W=400|800|C00|1000%ACK=S++%Flags=AR%Ops=)
 T7(DF=N%W=400|800|C00|1000%ACK=S++%Flags=AR%Ops=)
 PU(Resp=N)
 
+# base on msg 2615
+# PRO 3060 Standard SonicOS Standard 3.1.0.1-60s
+Fingerprint SonicWall PRO 3060 firewall
+Class SonicWall | SonicOS || firewall
+TSeq(Class=64K%IPID=I%TS=U)
+T1(DF=N%W=4000%ACK=S++%Flags=AS%Ops=MNW)
+T2(Resp=N)
+T3(Resp=N)
+T4(DF=N%W=4000%ACK=O%Flags=R%Ops=)
+T5(DF=N%W=0%ACK=S++%Flags=AR%Ops=)
+T6(DF=N%W=0%ACK=O%Flags=R%Ops=)
+T7(DF=N%W=0%ACK=S%Flags=AR%Ops=)
+PU(DF=N%TOS=0%IPLEN=38%RIPTL=148%RID=F%RIPCK=0%UCK=0%ULEN=134%DAT=E)
+
 # Cisco 350 Access Point, software rev 12.02T1
 # Accelerated Networks VoDSL - But what sort of device?
 Fingerprint SonicWall SOHO firewall, Enterasys Matrix E1, or Accelerated Networks VoDSL, or Cisco 350 Access Point
@@ -19960,35 +19974,6 @@ T6(DF=N%W=0%ACK=O%Flags=R%Ops=)
 T7(DF=N%W=0%ACK=S%Flags=AR%Ops=)
 PU(DF=N%TOS=0%IPLEN=38%RIPTL=148%RID=E%RIPCK=0%UCK=0%ULEN=134%DAT=E)
 
-# base on msg 2615
-# PRO 3060 Standard SonicOS Standard 3.1.0.1-60s
-Fingerprint SonicWall PRO 3060 firewall
-Class SonicWall | SonicOS || firewall
-TSeq(Class=64K%IPID=I%TS=U)
-T1(DF=N%W=4000%ACK=S++%Flags=AS%Ops=MNW)
-T2(Resp=N)
-T3(Resp=N)
-T4(DF=N%W=4000%ACK=O%Flags=R%Ops=)
-T5(DF=N%W=0%ACK=S++%Flags=AR%Ops=)
-T6(DF=N%W=0%ACK=O%Flags=R%Ops=)
-T7(DF=N%W=0%ACK=S%Flags=AR%Ops=)
-PU(DF=N%TOS=0%IPLEN=38%RIPTL=148%RID=F%RIPCK=0%UCK=0%ULEN=134%DAT=E)
-
-# SonicWALL TZ170 Firewall with SonicOS
-# SonicWall FZ170 Unrestricted (firewall/VPN appliances)  with SonicOS 2.6
-# SonicOS 3.0.0.4-41s on SonicWALL TZ 170
-Fingerprint SonicWALL TZ170 Firewall
-Class SonicWall | SonicOS || firewall
-TSeq(Class=64K%IPID=I%TS=2HZ)
-T1(DF=N%W=4000%ACK=S++%Flags=AS%Ops=MNWNNT)
-T2(Resp=N)
-T3(Resp=N)
-T4(DF=N%W=4000%ACK=O%Flags=R%Ops=)
-T5(DF=N%W=0%ACK=S++%Flags=AR%Ops=)
-T6(DF=N%W=0%ACK=O%Flags=R%Ops=)
-T7(DF=N%W=0%ACK=S%Flags=AR%Ops=)
-PU(DF=N%TOS=0%IPLEN=38%RIPTL=148%RID=E|F%RIPCK=0%UCK=0%ULEN=134%DAT=E)
-
 Fingerprint SonicWall SOHO-3 firewall
 Class SonicWall | SonicOS || firewall
 T1(DF=N%W=1000%ACK=S++%Flags=AR%Ops=)
@@ -20025,6 +20010,46 @@ T6(DF=N%W=0%ACK=O%Flags=R%Ops=)
 T7(DF=N%W=0%ACK=S%Flags=AR%Ops=)
 PU(DF=N%TOS=0%IPLEN=38%RIPTL=148%RID=E%RIPCK=0%UCK=0%ULEN=134%DAT=E)
 
+# SonicWall TZ 170 SonicOS 2.5.0.2 Enhanced
+Fingerprint SonicWall TZ 170
+Class SonicWall | SonicOS || firewall
+TSeq(Class=TR%gcd=<6%IPID=I%TS=2HZ)
+T1(DF=N%W=4000%ACK=S++%Flags=AS%Ops=MNWNNT)
+T2(Resp=Y%DF=N%W=C00|400%ACK=S++%Flags=AR%Ops=)
+T3(Resp=N)
+T4(DF=N%W=400|C00%ACK=S++%Flags=AR%Ops=)
+T5(DF=N%W=800|1000|C00%ACK=S++%Flags=AR%Ops=)
+T6(DF=N%W=800|1000|C00%ACK=S++%Flags=AR%Ops=)
+T7(DF=N%W=1000|800|C00%ACK=S++%Flags=AR%Ops=)
+PU(Resp=N)
+
+Fingerprint SonicWall TZ 170 Firewall
+Class SonicWall | SonicOS || firewall
+TSeq(Class=TR%gcd=<6%IPID=Z%TS=100HZ)
+T1(DF=Y%W=16A0%ACK=S++%Flags=AS%Ops=MNNTNW)
+T2(Resp=Y%DF=N%W=C00|400|1000%ACK=S++%Flags=AR%Ops=)
+T3(Resp=N)
+T4(DF=N%W=1000|800%ACK=S++%Flags=AR%Ops=)
+T5(DF=N%W=1000|800|400%ACK=S++%Flags=AR%Ops=)
+T6(DF=N%W=1000|800%ACK=S++%Flags=AR%Ops=)
+T7(DF=N%W=1000|C00%ACK=S++%Flags=AR%Ops=)
+PU(Resp=N)
+
+# SonicWALL TZ170 Firewall with SonicOS
+# SonicWall FZ170 Unrestricted (firewall/VPN appliances)  with SonicOS 2.6
+# SonicOS 3.0.0.4-41s on SonicWALL TZ 170
+Fingerprint SonicWALL TZ170 Firewall
+Class SonicWall | SonicOS || firewall
+TSeq(Class=64K%IPID=I%TS=2HZ)
+T1(DF=N%W=4000%ACK=S++%Flags=AS%Ops=MNWNNT)
+T2(Resp=N)
+T3(Resp=N)
+T4(DF=N%W=4000%ACK=O%Flags=R%Ops=)
+T5(DF=N%W=0%ACK=S++%Flags=AR%Ops=)
+T6(DF=N%W=0%ACK=O%Flags=R%Ops=)
+T7(DF=N%W=0%ACK=S%Flags=AR%Ops=)
+PU(DF=N%TOS=0%IPLEN=38%RIPTL=148%RID=E|F%RIPCK=0%UCK=0%ULEN=134%DAT=E)
+
 Fingerprint SonicWall/10 firewall
 Class SonicWall | SonicOS || firewall
 TSeq(Class=TR)
@@ -20049,31 +20074,6 @@ T6(Resp=Y%DF=N%W=400%ACK=S++%Flags=AR%Ops=)
 T7(Resp=Y%DF=N%W=400%ACK=S++%Flags=AR%Ops=)
 PU(Resp=N)
 
-Fingerprint SonicWall TZ 170 Firewall
-Class SonicWall | SonicOS || firewall
-TSeq(Class=TR%gcd=<6%IPID=Z%TS=100HZ)
-T1(DF=Y%W=16A0%ACK=S++%Flags=AS%Ops=MNNTNW)
-T2(Resp=Y%DF=N%W=C00|400|1000%ACK=S++%Flags=AR%Ops=)
-T3(Resp=N)
-T4(DF=N%W=1000|800%ACK=S++%Flags=AR%Ops=)
-T5(DF=N%W=1000|800|400%ACK=S++%Flags=AR%Ops=)
-T6(DF=N%W=1000|800%ACK=S++%Flags=AR%Ops=)
-T7(DF=N%W=1000|C00%ACK=S++%Flags=AR%Ops=)
-PU(Resp=N)
-
-# SonicWall TZ 170 SonicOS 2.5.0.2 Enhanced
-Fingerprint SonicWall TZ 170
-Class SonicWall | SonicOS || firewall
-TSeq(Class=TR%gcd=<6%IPID=I%TS=2HZ)
-T1(DF=N%W=4000%ACK=S++%Flags=AS%Ops=MNWNNT)
-T2(Resp=Y%DF=N%W=C00|400%ACK=S++%Flags=AR%Ops=)
-T3(Resp=N)
-T4(DF=N%W=400|C00%ACK=S++%Flags=AR%Ops=)
-T5(DF=N%W=800|1000|C00%ACK=S++%Flags=AR%Ops=)
-T6(DF=N%W=800|1000|C00%ACK=S++%Flags=AR%Ops=)
-T7(DF=N%W=1000|800|C00%ACK=S++%Flags=AR%Ops=)
-PU(Resp=N)
-
 Fingerprint SONY AIBO ERS-7 running AIBO MInd 2
 Class Sony | embedded || robotic pet
 TSeq(Class=TR|TD%gcd=<186A4%SI=<64%IPID=I%TS=U)
@@ -20219,6 +20219,44 @@ T6(DF=N%W=0%ACK=O%Flags=R%Ops=)
 T7(DF=N%W=0%ACK=S%Flags=AR%Ops=)
 PU(DF=Y%TOS=0%IPLEN=38%RIPTL=148%RID=E%RIPCK=0%UCK=E%ULEN=134%DAT=E)
 
+Fingerprint Sun Solaris 5.10.1
+Class Sun | Solaris | 10 | general purpose
+TSeq(Class=RI%gcd=<6%SI=<1C36BAC&>4838E%IPID=RPI%TS=U)
+T1(DF=Y%W=C0B7%ACK=O|S++%Flags=A|AS%Ops=NNT|NNTMNW)
+T2(Resp=N)
+T3(Resp=N)
+T4(DF=Y%W=0%ACK=O%Flags=R%Ops=)
+T5(DF=Y%W=0%ACK=S++%Flags=AR%Ops=)
+T6(DF=Y%W=0%ACK=O%Flags=R%Ops=)
+T7(Resp=N)
+PU(DF=Y%TOS=0%IPLEN=70%RIPTL=148%RID=E%RIPCK=E%UCK=E%ULEN=134%DAT=E)
+
+# SunOS 5.10 Generic sun4u sparc SUNW,Sun-Fire-V250
+Fingerprint SunOS 5.10 (sparc)
+Class Sun | Solaris | 10 | general purpose
+TSeq(Class=TR%gcd=<6%IPID=I%TS=100HZ)
+T1(DF=Y%W=C0B7%ACK=S++%Flags=AS%Ops=NNTMNW)
+T2(Resp=Y%DF=Y%W=0%ACK=S%Flags=AR%Ops=)
+T3(Resp=Y%DF=Y%W=0%ACK=S++%Flags=AR%Ops=)
+T4(DF=Y%W=0%ACK=O%Flags=R%Ops=)
+T5(DF=Y%W=0%ACK=S++%Flags=AR%Ops=)
+T6(DF=Y%W=0%ACK=O%Flags=R%Ops=)
+T7(DF=Y%W=0%ACK=S++%Flags=AR%Ops=)
+PU(DF=Y%TOS=0%IPLEN=38%RIPTL=148%RID=E%RIPCK=E%UCK=E%ULEN=134%DAT=E)
+
+# SunOS webbox 5.10 Generic i86pc i386 i86pc
+Fingerprint SunOS webbox 5.10 Generic
+Class Sun | Solaris | 10 | general purpose
+TSeq(Class=RI%gcd=<6%SI=<BE528&>D98%IPID=I%TS=100HZ)
+T1(DF=Y%W=C0B7%ACK=S++%Flags=AS%Ops=NNTMNW)
+T2(Resp=N)
+T3(Resp=N)
+T4(DF=Y%W=0%ACK=O%Flags=R%Ops=)
+T5(DF=Y%W=0%ACK=S++%Flags=AR%Ops=)
+T6(DF=Y%W=0%ACK=O%Flags=R%Ops=)
+T7(DF=Y%W=0%ACK=S++%Flags=AR%Ops=)
+PU(DF=N%TOS=C%IPLEN=164%RIPTL=148%RID=E%RIPCK=E%UCK=E%ULEN=134%DAT=E)
+
 Fingerprint Sun Solaris 2.3 - 2.4
 Class Sun | Solaris | 2.X | general purpose
 TSeq(Class=64K)
@@ -20333,31 +20371,6 @@ T6(DF=Y|N%W=0%ACK=O|S%Flags=AR|R%Ops=|WNMETL)
 T7(DF=Y|N%W=0%ACK=S|O%Flags=AR|R%Ops=|WNMETL)
 PU(DF=Y|N%TOS=0%IPLEN=70%RIPTL=148%RID=E%RIPCK=E|F%UCK=F|E%ULEN=134%DAT=E)
 
-# SunOS 5.10 Generic sun4u sparc SUNW,Sun-Fire-V250
-Fingerprint SunOS 5.10 (sparc)
-Class Sun | Solaris | 10 | general purpose
-TSeq(Class=TR%gcd=<6%IPID=I%TS=100HZ)
-T1(DF=Y%W=C0B7%ACK=S++%Flags=AS%Ops=NNTMNW)
-T2(Resp=Y%DF=Y%W=0%ACK=S%Flags=AR%Ops=)
-T3(Resp=Y%DF=Y%W=0%ACK=S++%Flags=AR%Ops=)
-T4(DF=Y%W=0%ACK=O%Flags=R%Ops=)
-T5(DF=Y%W=0%ACK=S++%Flags=AR%Ops=)
-T6(DF=Y%W=0%ACK=O%Flags=R%Ops=)
-T7(DF=Y%W=0%ACK=S++%Flags=AR%Ops=)
-PU(DF=Y%TOS=0%IPLEN=38%RIPTL=148%RID=E%RIPCK=E%UCK=E%ULEN=134%DAT=E)
-
-Fingerprint Sun Solaris 5.10.1
-Class Sun | Solaris | 10 | general purpose
-TSeq(Class=RI%gcd=<6%SI=<1C36BAC&>4838E%IPID=RPI%TS=U)
-T1(DF=Y%W=C0B7%ACK=O|S++%Flags=A|AS%Ops=NNT|NNTMNW)
-T2(Resp=N)
-T3(Resp=N)
-T4(DF=Y%W=0%ACK=O%Flags=R%Ops=)
-T5(DF=Y%W=0%ACK=S++%Flags=AR%Ops=)
-T6(DF=Y%W=0%ACK=O%Flags=R%Ops=)
-T7(Resp=N)
-PU(DF=Y%TOS=0%IPLEN=70%RIPTL=148%RID=E%RIPCK=E%UCK=E%ULEN=134%DAT=E)
-
 # Sun Solaris 8 // Sun Fire 80080
 Fingerprint Sun Solaris 8
 Class Sun | Solaris | 8 | general purpose
@@ -20449,36 +20462,6 @@ T6(DF=Y%W=0%ACK=O%Flags=R%Ops=)
 T7(DF=Y%W=0%ACK=S%Flags=AR%Ops=)
 PU(DF=Y%TOS=0%IPLEN=138%RIPTL=148%RID=E%RIPCK=E%UCK=E%ULEN=134%DAT=E)
 
-# Sun Solaris 9 Beta through Release on SPARC
-# solaris 9 i386
-# Solaris 9 4/04 version (SPARC)
-# Solaris 10
-Fingerprint Sun Solaris 9 or 10
-Class Sun | Solaris | 9 | general purpose
-Class Sun | Solaris | 10 | general purpose
-TSeq(Class=RI%gcd=<6%SI=<A927C&>116A%IPID=I%TS=100HZ)
-T1(DF=Y%W=5B4|C0B7|801B|807A%ACK=S++%Flags=AS%Ops=NNTMNW)
-T2(Resp=N)
-T3(Resp=N)
-T4(DF=Y%W=0%ACK=O%Flags=R%Ops=)
-T5(DF=Y%W=0%ACK=S++%Flags=AR%Ops=)
-T6(DF=Y%W=0%ACK=O%Flags=R%Ops=)
-T7(DF=Y%W=0%ACK=S%Flags=AR%Ops=)
-PU(DF=Y%TOS=0%IPLEN=70%RIPTL=148%RID=E%RIPCK=E|F%UCK=E|F%ULEN=134%DAT=E)
-
-# SunOS webbox 5.10 Generic i86pc i386 i86pc
-Fingerprint SunOS webbox 5.10 Generic
-Class Sun | Solaris | 10 | general purpose
-TSeq(Class=RI%gcd=<6%SI=<BE528&>D98%IPID=I%TS=100HZ)
-T1(DF=Y%W=C0B7%ACK=S++%Flags=AS%Ops=NNTMNW)
-T2(Resp=N)
-T3(Resp=N)
-T4(DF=Y%W=0%ACK=O%Flags=R%Ops=)
-T5(DF=Y%W=0%ACK=S++%Flags=AR%Ops=)
-T6(DF=Y%W=0%ACK=O%Flags=R%Ops=)
-T7(DF=Y%W=0%ACK=S++%Flags=AR%Ops=)
-PU(DF=N%TOS=C%IPLEN=164%RIPTL=148%RID=E%RIPCK=E%UCK=E%ULEN=134%DAT=E)
-
 # SunOS 5.9 Generic_117171-11 sun4u sparc SUNW,Sun-Fire-480R
 Fingerprint Sun Solaris 9
 Class Sun | Solaris | 9 | general purpose
@@ -20519,6 +20502,23 @@ T6(DF=N%W=1000|400%ACK=S%Flags=AR%Ops=WNMETL)
 T7(DF=N%W=800|C00|1000%ACK=S++%Flags=AR%Ops=WNMETL)
 PU(DF=Y%TOS=0%IPLEN=70%RIPTL=148%RID=E%RIPCK=E%UCK=F%ULEN=134%DAT=E)
 
+# Sun Solaris 9 Beta through Release on SPARC
+# solaris 9 i386
+# Solaris 9 4/04 version (SPARC)
+# Solaris 10
+Fingerprint Sun Solaris 9 or 10
+Class Sun | Solaris | 9 | general purpose
+Class Sun | Solaris | 10 | general purpose
+TSeq(Class=RI%gcd=<6%SI=<A927C&>116A%IPID=I%TS=100HZ)
+T1(DF=Y%W=5B4|C0B7|801B|807A%ACK=S++%Flags=AS%Ops=NNTMNW)
+T2(Resp=N)
+T3(Resp=N)
+T4(DF=Y%W=0%ACK=O%Flags=R%Ops=)
+T5(DF=Y%W=0%ACK=S++%Flags=AR%Ops=)
+T6(DF=Y%W=0%ACK=O%Flags=R%Ops=)
+T7(DF=Y%W=0%ACK=S%Flags=AR%Ops=)
+PU(DF=Y%TOS=0%IPLEN=70%RIPTL=148%RID=E%RIPCK=E|F%UCK=E|F%ULEN=134%DAT=E)
+
 Fingerprint Sun Solaris 9 with TCP_STRONG_ISS set to 2
 Class Sun | Solaris | 9 | general purpose
 TSeq(Class=TR%gcd=<6%IPID=I%TS=100HZ)
@@ -20954,18 +20954,6 @@ T6(DF=N%W=0%ACK=O%Flags=RF%Ops=)
 T7(DF=N%W=0%ACK=S%Flags=ARF%Ops=)
 PU(Resp=N)
 
-Fingerprint Thomson THG 520 Cable Modem
-Class Thomson | embedded || broadband router
-TSeq(Class=TR%gcd=<6%IPID=I%TS=100HZ)
-T1(DF=Y%W=403D%ACK=S++%Flags=AS%Ops=MNWNNT)
-T2(Resp=N)
-T3(Resp=N)
-T4(DF=N%W=0%ACK=O%Flags=R%Ops=)
-T5(DF=N%W=0%ACK=S++%Flags=AR%Ops=)
-T6(DF=N%W=0%ACK=O%Flags=R%Ops=)
-T7(Resp=N)
-PU(DF=N%TOS=0%IPLEN=38%RIPTL=148%RID=E%RIPCK=E%UCK=0%ULEN=134%DAT=E)
-
 # Speed touch 500 Series ADSL Router(Linux embeded)
 # Thomson SpeedTouch 510 Broadband Router, with firmware 4.2.7.16.0
 # Thomson SpeedTouch 510 DSL Router: 0344EGGNP  4.2.3.0.0  LLT6AA4.230
@@ -20984,6 +20972,18 @@ T6(DF=N%W=0%ACK=O%Flags=R%Ops=)
 T7(DF=N%W=0%ACK=S%Flags=AR%Ops=)
 PU(DF=N%TOS=0%IPLEN=38%RIPTL=148%RID=E%RIPCK=E|F%UCK=E|F%ULEN=134%DAT=E)
 
+Fingerprint Thomson THG 520 Cable Modem
+Class Thomson | embedded || broadband router
+TSeq(Class=TR%gcd=<6%IPID=I%TS=100HZ)
+T1(DF=Y%W=403D%ACK=S++%Flags=AS%Ops=MNWNNT)
+T2(Resp=N)
+T3(Resp=N)
+T4(DF=N%W=0%ACK=O%Flags=R%Ops=)
+T5(DF=N%W=0%ACK=S++%Flags=AR%Ops=)
+T6(DF=N%W=0%ACK=O%Flags=R%Ops=)
+T7(Resp=N)
+PU(DF=N%TOS=0%IPLEN=38%RIPTL=148%RID=E%RIPCK=E%UCK=0%ULEN=134%DAT=E)
+
 # Toshiba DOCSIS Cable Modem: HW_REV: 7.1; SW_REV: 1.8.017
 Fingerprint Toshiba DOCSIS Cable Modem
 Class Toshiba | embedded || broadband router
@@ -21099,19 +21099,6 @@ T6(DF=N%W=800%ACK=S%Flags=AR%Ops=)
 T7(DF=N%W=800%ACK=S++%Flags=AR%Ops=)
 PU(DF=N%TOS=0%IPLEN=38%RIPTL=148%RID=E%RIPCK=E%UCK=E%ULEN=134%DAT=E)
 
-# US Robotics USR8000 Broadband router, firmware 1.27 patched
-Fingerprint US Robotics USR8000 Broadband router
-Class 3Com | embedded || broadband router
-TSeq(Class=RI%gcd=<68%SI=<726%IPID=BI%TS=U)
-T1(DF=N%W=800|C00%ACK=S++%Flags=AR%Ops=)
-T2(Resp=Y%DF=N%W=400|1000%ACK=S%Flags=AR%Ops=)
-T3(Resp=Y%DF=N%W=1000|400%ACK=S++%Flags=AR%Ops=)
-T4(DF=N%W=800|C00|400%ACK=S%Flags=AR%Ops=)
-T5(DF=N%W=400|800|1000%ACK=S++%Flags=AR%Ops=)
-T6(DF=N%W=1000|400|800%ACK=S%Flags=AR%Ops=)
-T7(DF=N%W=C00|1000%ACK=S++%Flags=AR%Ops=)
-PU(DF=N%TOS=0%IPLEN=38%RIPTL=148%RID=E%RIPCK=E%UCK=E%ULEN=134%DAT=E)
-
 Fingerprint US Robotics USR8022 broadband wireless router (WAP)
 Class US Robotics | embedded || WAP
 TSeq(Class=TD|RI%gcd=<68%SI=<636%IPID=I%TS=U)
@@ -21124,6 +21111,19 @@ T6(DF=N%W=1000|C00|800%ACK=S%Flags=AR%Ops=)
 T7(DF=N%W=1000|400%ACK=S++%Flags=AR%Ops=)
 PU(DF=N%TOS=0%IPLEN=38%RIPTL=148%RID=E%RIPCK=E%UCK=E%ULEN=134%DAT=E)
 
+# UTStarcom F1000 wifi voip phone Phone OS: VxWorks (for Hornet VoWifi, ARM946ES (LE) Factory Firmware) version 5.5.1.: Kernel: WIND version 2.6. : Made on Apr  5 2005, 14:49:39.
+Fingerprint UTStarcom F1000 wifi voip phone
+Class UTStarcom | embedded || VoIP phone
+TSeq(Class=TR%gcd=<6%IPID=I)
+T1(DF=Y%W=4000%ACK=S++%Flags=AS%Ops=MNWNNT)
+T2(Resp=N)
+T3(Resp=Y%DF=Y%W=4000%ACK=S++%Flags=AS%Ops=MNWNNT)
+T4(DF=N%W=0%ACK=O%Flags=R%Ops=)
+T5(DF=N%W=0%ACK=S++%Flags=AR%Ops=)
+T6(DF=N%W=0%ACK=O%Flags=R%Ops=)
+T7(DF=N%W=0%ACK=S%Flags=AR%Ops=)
+PU(DF=N%TOS=0%IPLEN=70%RIPTL=148%RID=E%RIPCK=E%UCK=0%ULEN=134%DAT=E)
+
 Fingerprint MOTOROLA VANGUARD 320 IP router running OS version 5.4
 Class Vanguard | embedded || router
 TSeq(Class=TD%gcd=<6%SI=<1E)
@@ -21211,19 +21211,6 @@ T6(Resp=N)
 T7(Resp=N)
 PU(DF=N%TOS=0%IPLEN=38%RIPTL=148%RID=E%RIPCK=E%UCK=E|F%ULEN=134%DAT=E)
 
-# Watchguard SoHo 6 TC Firewall (inside)
-Fingerprint WatchGuard Firebox SOHO V.5-V.6 firewall
-Class WatchGuard | embedded || firewall
-TSeq(Class=TR%gcd=<6%IPID=RD%TS=U)
-T1(DF=N%W=16D0%ACK=S++%Flags=AS%Ops=M)
-T2(Resp=Y%DF=N%W=400|800|C00|1000%ACK=S%Flags=AR%Ops=)
-T3(Resp=Y%DF=N%W=400|800|C00|1000%ACK=S++%Flags=AR%Ops=)
-T4(DF=N%W=400|800|C00|1000%ACK=S%Flags=AR%Ops=)
-T5(DF=N%W=400|800|C00|1000%ACK=S++%Flags=AR%Ops=)
-T6(DF=N%W=400|800|C00|1000%ACK=S%Flags=AR%Ops=)
-T7(DF=N%W=400|800|C00|1000%ACK=S++%Flags=AR%Ops=)
-PU(DF=N%TOS=0%IPLEN=38%RIPTL=148%RID=E%RIPCK=E%UCK=E%ULEN=134%DAT=E)
-
 # Watchguard SOHO 6tc, Firewall 6.3.2 Feb 27 2004 build 1, Boot ROM 5.6
 Fingerprint Watchguard Firebox SOHO 6tc firewall
 Class WatchGuard | embedded || firewall
@@ -21237,6 +21224,19 @@ T6(DF=N%W=1000|800%ACK=S%Flags=AR%Ops=)
 T7(Resp=N)
 PU(DF=N%TOS=0%IPLEN=38%RIPTL=148%RID=E|F%RIPCK=E%UCK=E%ULEN=134%DAT=E)
 
+# Watchguard SoHo 6 TC Firewall (inside)
+Fingerprint WatchGuard Firebox SOHO V.5-V.6 firewall
+Class WatchGuard | embedded || firewall
+TSeq(Class=TR%gcd=<6%IPID=RD%TS=U)
+T1(DF=N%W=16D0%ACK=S++%Flags=AS%Ops=M)
+T2(Resp=Y%DF=N%W=400|800|C00|1000%ACK=S%Flags=AR%Ops=)
+T3(Resp=Y%DF=N%W=400|800|C00|1000%ACK=S++%Flags=AR%Ops=)
+T4(DF=N%W=400|800|C00|1000%ACK=S%Flags=AR%Ops=)
+T5(DF=N%W=400|800|C00|1000%ACK=S++%Flags=AR%Ops=)
+T6(DF=N%W=400|800|C00|1000%ACK=S%Flags=AR%Ops=)
+T7(DF=N%W=400|800|C00|1000%ACK=S++%Flags=AR%Ops=)
+PU(DF=N%TOS=0%IPLEN=38%RIPTL=148%RID=E%RIPCK=E%UCK=E%ULEN=134%DAT=E)
+
 Fingerprint Watchguard Firebox X700
 Class WatchGuard | embedded || firewall
 TSeq(Class=RI|TR%gcd=<6%SI=<2FFF7A6%IPID=Z|I%TS=100HZ|U)
@@ -21334,6 +21334,18 @@ T6(DF=N%W=0%ACK=S%Flags=R%Ops=)
 T7(Resp=N)
 PU(DF=N%TOS=0%IPLEN=38%RIPTL=148%RID=E%RIPCK=F%UCK=E%ULEN=134%DAT=E)
 
+Fingerprint Dell Laser Printer 5100cn
+Class Xerox | embedded || printer
+TSeq(Class=64K%IPID=I%TS=U)
+T1(DF=N%W=3000%ACK=S++%Flags=AS%Ops=)
+T2(Resp=N)
+T3(Resp=Y%DF=N%W=3000%ACK=O%Flags=A%Ops=)
+T4(DF=N%W=3000%ACK=O%Flags=R%Ops=)
+T5(DF=N%W=0%ACK=S++%Flags=AR%Ops=)
+T6(DF=N%W=0%ACK=O%Flags=R%Ops=)
+T7(DF=N%W=0%ACK=S%Flags=AR%Ops=)
+PU(DF=N%TOS=0%IPLEN=38%RIPTL=4E4%RID=E%RIPCK=F%UCK=E%ULEN=134%DAT=E)
+
 Fingerprint Xerox 8830 Plotter
 Class Xerox | embedded || printer
 TSeq(Class=TD%gcd=1000%SI=1)
@@ -21382,18 +21394,6 @@ T6(Resp=Y%DF=N%W=0%ACK=O%Flags=R%Ops=)
 T7(Resp=Y%DF=N%W=0%ACK=O%Flags=R%Ops=)
 PU(Resp=N)
 
-Fingerprint Dell Laser Printer 5100cn
-Class Xerox | embedded || printer
-TSeq(Class=64K%IPID=I%TS=U)
-T1(DF=N%W=3000%ACK=S++%Flags=AS%Ops=)
-T2(Resp=N)
-T3(Resp=Y%DF=N%W=3000%ACK=O%Flags=A%Ops=)
-T4(DF=N%W=3000%ACK=O%Flags=R%Ops=)
-T5(DF=N%W=0%ACK=S++%Flags=AR%Ops=)
-T6(DF=N%W=0%ACK=O%Flags=R%Ops=)
-T7(DF=N%W=0%ACK=S%Flags=AR%Ops=)
-PU(DF=N%TOS=0%IPLEN=38%RIPTL=4E4%RID=E%RIPCK=F%UCK=E%ULEN=134%DAT=E)
-
 Fingerprint Xerox Docuprint N2125 network printer
 Class Xerox | embedded || printer
 TSeq(Class=64K%IPID=I%TS=U)
@@ -21649,14 +21649,9 @@ T6(DF=N%W=0%ACK=O%Flags=R%Ops=)
 T7(DF=N%W=0%ACK=S%Flags=AR%Ops=)
 PU(DF=N%TOS=0%IPLEN=38%RIPTL=148%RID=E%RIPCK=E%UCK=E%ULEN=134%DAT=E)
 
-# Zyxel P128imh or P480 router (ZyNOS)
-# ZyNOS F/W Version: V2.50(AJ.7) | 2/28/2002
-# Zyxel Prestige 645-R11 adsl router
-# Intel Express 8100 Router ISDN
-Fingerprint Zyxel ZyNOS based broadband router (ZyNOS) or Intel Express ISDN router
+Fingerprint ZyXEL Prestige 791R
 Class Zyxel | ZyNOS || broadband router
-Class Intel | embedded || broadband router
-TSeq(Class=TD%gcd=1000|2000|5000|4000|6000|8000|A000|78000|1A4000%SI=<FF%IPID=I%TS=U)
+TSeq(Class=i800%IPID=I%TS=U)
 T1(DF=N%W=400%ACK=S++%Flags=AS%Ops=M)
 T2(Resp=Y%DF=N%W=0%ACK=S%Flags=AR%Ops=)
 T3(Resp=Y%DF=N%W=0%ACK=S++%Flags=AR%Ops=)
@@ -21666,9 +21661,14 @@ T6(DF=N%W=0%ACK=O%Flags=R%Ops=)
 T7(DF=N%W=0%ACK=S%Flags=AR%Ops=)
 PU(DF=N%TOS=0%IPLEN=38%RIPTL=148%RID=E%RIPCK=E%UCK=E%ULEN=134%DAT=E)
 
-Fingerprint ZyXEL Prestige 791R
+# Zyxel P128imh or P480 router (ZyNOS)
+# ZyNOS F/W Version: V2.50(AJ.7) | 2/28/2002
+# Zyxel Prestige 645-R11 adsl router
+# Intel Express 8100 Router ISDN
+Fingerprint Zyxel ZyNOS based broadband router (ZyNOS) or Intel Express ISDN router
 Class Zyxel | ZyNOS || broadband router
-TSeq(Class=i800%IPID=I%TS=U)
+Class Intel | embedded || broadband router
+TSeq(Class=TD%gcd=1000|2000|5000|4000|6000|8000|A000|78000|1A4000%SI=<FF%IPID=I%TS=U)
 T1(DF=N%W=400%ACK=S++%Flags=AS%Ops=M)
 T2(Resp=Y%DF=N%W=0%ACK=S%Flags=AR%Ops=)
 T3(Resp=Y%DF=N%W=0%ACK=S++%Flags=AR%Ops=)