###V:13#P:5.2#M:Please send in triggers for databases other stuff!##DO NOT EDIT THIS LINE!
#
# This is the responses file "appdefs.resp" for amap
#
# Responses have the following format:
#
# NAME:[TRIGGER,[TRIGGER,...]]:[IP_PROTOCOL]:[MIN_LENGTH,MAX_LENGTH]:RESPONSE_REGEX
#
# NAME -	the name that is printed from amap if the definition matches
#		the received reply from the service
# TRIGGER -	(optional) requires that the received reply data was
#		triggered by a trigger with that name in appdefs.trig
#		As many triggers can be defined here as you wish, seperated
#		by a comma.
# IP_PROTOCOL -	(optional) requires that the received reply comes in via
#		tcp or udp protocol. default is both.
#		Valid values: empty, "both", "tcp", "udp" (in any case)
# LENGTH - 	(optional) the minimum and maximum length of the reply
#		received, seperated by a comma, e.g. ":5,10:", or a single
#		number for an exact match. So: :5,5:" equals ":5:"
# RESPONSE -	This is a Perl regular expression (man perlre) which will be
#		tried on the reply data
#
# A match is reported if the reponse matches the reply data and *all*
# specified optional specifications.
#
# Examples:
#  rlogin::tcp::rlogind:	Any response coming in via TCP and where the
#	reply data contains the text "rlogind:"
#
#  time:::4:.	This matches anything which has an exact length of four bytes.
#	The "." matches any one character (as it is defined with Perl regex)
#	and is just there so that the response string is not empty.
#	Otherwise amap would bail.
#
#  ftp:ftp:tcp::^220.*\n331	This matches any reply received via TCP,
#  	which was generated from a trigger (in appdefs.trig). The perl regex
#	defines that the reply must start ("^") with the text "220", then
#	anything can follow (".*") up until a line feed ("\n") is received
#	and directly followed by the text "331" 
#
# If you add new responses, please send them as well to amap-dev@thc.org
# so we can add these for the next release! Thank you very much!
#

# neither change name, position or value of these ones
echo:http-get:::^GET / HTTP/1.0
echo:http-head:::^HEAD / HTTP/1.0
echo::::^\x00\x00\x10\x00\x00\x00\x00\x00\x00\x00\x00\x00

#
# ENTER YOUR OWN RESPONSES HERE
# (and send them to amap-dev@thc.org so they get included)
#



#
# CURRENT RESPONSE DATABASE
#
acap::::^\* acap 
adsgone::::adsgone blocked html ad
aix-netinstall::::netinst
amanda-index::tcp::AMANDA index
amsn::tcp::^Syntaxfout : 
amsn::tcp::^Error de sintaxis : 
apache-tomcat-connector_ajp12::tcp::^\x01\x00\x08\x00\x00\x00\x0a
apple-darwin-streaming-server::tcp::^RTSP/1.0 .*\nServer: DSS/
arkeia::tcp::\x00\x05\x00\x00\x00\x00\x00\x00
atos:ms-remote-desktop-protocol:tcp:7:\x00
auth::tcp:: : ERROR : 
auth::tcp::^Group id is
auth::tcp:: : USERID :
backdoor-fxsvc::tcp::^500 Not Loged in
backdoor-shell::::GET: command
backdoor-shell::::sh: GET:
bachdoor-shell::::[a-z]*sh: .* command not found
backdoor-shell::::^bash[$#]
backdoor-shell::::^sh[$#]
backdoor-cmd::::^Microsoft Windows .* Copyright .*>
bittorrent::::BitTorrent prot
blackboard-learning-system::tcp::,blackboard.collab.
bzflag-server::tcp::^BZFS
chargen::::@ABCDEFGHIJKLMNOPQRSTUVWXYZ
chargen::::\+,-./0123456789
checkpoint-fw1::tcp::^\x00\x00\x00\x09
checkpoint-fw1::tcp::^\x51\x00\x00
checkpoint-fw1-authentication::::FireWall-1 Client Authen
checkpoint-fw1-policy-server::tcp::^\x15\x12\x00\x00\x02\x02
checkpoint-fw1-telnet-server::tcp::^Check Point .* Telnet
cisco-hips-mc::tcp::^\x00\x00\x00.\x00\x00\x00.URI
citrix::tcp::^\x31\x00\x00\x00\x81\x00\x00\x00
citrix-ica:::: ICA 
citrix-ica::::\x7f\x7f\x49\x43\x41
CCProOSMSServer::tcp::ContactPro OSMS Server
CCProOSMSServer::tcp::ContactPro DOS Server
conexant-adsl-router::tcp::^\x1b\x5b.*CONEXANT .* ADSL
cvs::tcp::^cvs
cvs::tcp::cvs [pserver aborted]:
dameware remote control::tcp::^\x30\x11\x00\x00
dante::tcp:2:\x05\x02
dantz-retrospect::::^\x00\xca\x00
daytime-unix:::26:^[A-Z].* [A-Z].* [0-3].* [0-9][0-9]:[0-9][0-9]:[0-9][0-9] 200.\r\n
daytime-windows:::26-50:^[A-Z][a-z]+, [A-Z][a-z]+ [0-9]+, 200[0-9] [0-9]+:[0-9]+:[0-9]+\x0a\x00
daytime-windows:::25:^[A-Z][a-z] [A-Z][a-z]+ [0-9]+ [0-9][0-9]:[0-9][0-9]:[0-9][0-9] 200[0-9]
daytime-unix:::20-36:^[A-Z][a-z]+ [A-Z][a-z]+ [0-9 ][0-9] [0-9]+:[0-9]+:[0-9]+ 200[0-9]\x0d\x0a
daytime-unix:::26:^[0-3][0-9] [A-Z]* 200[0-9] [0-2][0-9]:[0-5][0-9]:[0-5][0-9] 
daytime:::25-30:^[0-9][0-9] [A-Z][A-Z][A-Z] 200[0-9] [0-9][0-9]:[0-9][0-9]:[0-9][0-9] .*
daytime:::26-45:^[A-Z][a-z][a-z]*, [A-Z][a-z][a-z]* [0-9]+, 200
db2::tcp::.*SQLDB2RA
db2jds:jrmi:tcp::^N\x00
dc++::tcp::^\x24\x4c\x6f\x63\x6b
dhcp3d-isc::tcp:8:^\x00\x00\x00\x64\x00\x00\x00\x18
dell-openmanage:jrmi:tcp::^\x4e\x00\x0d
dicom::::^\x07\x00\x00\x00\x00\x04
dictd::tcp::^220 .* dictd 
DistributedObjectSwitch::tcp::I\x00n\x00v\x00a\x00l\x00i\x00d\x00 \x00T\x00r\x00a\x00n\x00s\x00a\x00c\x00t\x00i\x00o\x00n
dns::::\x80\x81\x00
dns::::^\x00\x00\x90
dns::::^\x00\x0c\x00\x00\x90
dns::::^\x03\x9b\xe1
#dns::::^\x03\x9b\xe1\xc4\x00\x00
dns::::^\x30\x82\x80\xa1\x00\x00
dns::::^\x80\x00\x80\x01\x00\x00
dns::::^\x80\x00\x80\xa1\x00\x00
dns::::^\xcb\x00\x80\xf1\x00\x00
dns-bind:dns:udp::^\x00\x00\x90\x01
dns-bind:netbios-session:udp::^\x79\x08\x80\x82\x00\x01\x00\x00\x00\x00\x00\x00
dns-bind9:dns-bind:udp::^...[\x00-\x7e]..........................\xc0
dns-bind8:dns-bind:udp::^...[\x00-\x7e]..........................[^\xc0]
dns-djb:dns-bind:udp::^...[\x80-\x83].*version.bind
dns-djb::udp::^\x79\x08\x80\x80\x00\x01\x00\x00\x00\x0d
dns-ms:dns:udp::^\x00\x00\x90\x04
dns-ms:netbios-session:udp::^\x79\x08.*a.root-servers.net\x00
dns-ozyman:netbios-session:udp:50:^\x79\x08\x84\x03\x00\x01\x00\x00\x00\x00\x00\x20\x43\x4b\x41\x41*\x00\x00\x21\x00\x01
dns-pdnsd:dns::2:^\x00\x0c
dtspcd::tcp::.*SPC_
duff-pubro-backdoor::tcp::DuFFxP
duff-pubro-backdoor::tcp::Duf-Pubstro
edonkey-client::tcp::^\xe3....\x4c
eggdropp::tcp::\(Eggdrop 
eggdropp::tcp::\r\nYou don't have access\r\n
finger::tcp:1:\x66
finger::tcp::^\r\n    Line      User
finger::tcp::Line     User
finger::tcp::Login name: 
finger::tcp::Login.*Name.*TTY.*Idle
finger::tcp::^No one logged on
finger::tcp::^\r\nWelcome
finger::tcp::^finger:
finger::tcp::^must provide username
finger::tcp::finger: GET: 
flexlm:ssl:tcp::^W\xea-
ftp:ftp:tcp::^220.*\n331
ftp:ftp:tcp::^220.*\n530
ftp::tcp::^220.*FTP
ftp::tcp::^220 .* Microsoft .* FTP
ftp-darwin::tcp::^220 Inactivity timer
ftp-usergate::tcp::^220 .* UserGate
giop::::^giop
glftp::tcp::^220.*SSH
glftp::tcp::^220.*SSH.*\n500
gnu::::^gnudoit:
gopher::::^\x00.*error.host
gopher::::^\x03.* item is 
gopher::::gopher
gkrellmd::tcp::^<error>\nBad connect string
hddtemp::tcp::^\|\/dev\/.*\|
hp-io-backend-daemon::tcp::^msg=MessageError
hp-openview-storage-protect::::hp openview storage protect
hp-openview-storage-protect::tcp::\x00\x20INET\x00\x20
hp-openview-storage-protect::tcp::^H.P. .O.p.e.n.v.i.e.w..*P.r.o.t.e.c.t
hp-openview-omniback2::tcp::^H.P. .O.p.e.n.v.i.e.w. .O.m.n.i
http:http-get:tcp:1:H
http:http-head:tcp:1:H
http::tcp::^HTTP/0.
http::tcp::^HTTP/1.
http::tcp::<HEAD>.*<BODY>
http::tcp::<HTML>
http::tcp::^Invalid requested URL 
http::tcp::.*<?xml
http-apache-1::tcp::^HTTP/.*\nServer: Apache/1
http-apache-2::tcp::^HTTP/.*\nServer: Apache/2
http-iis::tcp::.*Microsoft-IIS
http-compaqinsightmanager::tcp:6:^HTTP/1
http-cups::tcp::^HTTP/.*\nServer: CUPS/
http-daap::tcp::^HTTP/.*\nDAAP-Server:
http-gnutella::tcp::^HTTP/.*\n.*gnutella
http-hp-jet-direct::tcp::^HTTP/.*<title>Not supported</title>
http-iis::tcp::^HTTP/.*\nServer: Microsoft-IIS
http-iis::tcp::^HTTP/.*Cookie.*ASPSESSIONID
http-iis::tcp:34:^<h1>Bad Request .Invalid URL.</h1>
http-iplanet::tcp::^HTTP/.*Cookie.*iPlanetUserId
http-daap-itunes::tcp::^HTTP/.*\nDAAP-Server: iTunes/
http-jrun::tcp::^HTTP/.*Cookie.*JSESSIONID
http-jserv::tcp::^HTTP/.*Cookie.*JServSessionId
http-limewire::tcp::^HTTP/.*limewire
http-lotus-domino::tcp::.*Lotus-Domino
http-ncacn::tcp::ncacn_http/1.
http-net.commerce::tcp::^HTTP/.*cookie.*SESSION_ID
http-nettracker::tcp::^HTTP/.*Cookie.*SaneID
http-openadstream::tcp::^HTTP/.*Cookie.*RMID
http-mirapoint::tcp::^HTTP/.*\nServer: Mirapoint
http-proxy::tcp::^HTTP/.*proxy-connection: 
http-proxy::tcp::^HTTP/.*via: 
#http-proxy::tcp::^HTTP/.*cache.*bad request
http-proxy-clearswift-websweeper::tcp::^HTTP/.*Clearswift Web
http-roxen::tcp::^HTTP/.*Cookie.*RoxenUserID
http-storyserver::tcp::^HTTP/.*Cookie.*ssuid
http-tomcat::tcp::^HTTP/.*Cookie.*JSESSIONID
http-weblogic::tcp::^HTTP/.*Cookie.*WebLogicSession
http-vnc::tcp::^HTTP/.*VNC desktop
http-vnc::tcp::^HTTP/.*RealVNC/
hylafax::tcp::^220 .*hylafax
imap::tcp::^\* OK
iplanet-ens::tcp::gap service ready
#ircd::udp::AAAAAAAAAAAAAAAAAAAAAAAAAA
ircd::tcp::/ircd.conf
ircd::tcp:::End of MOTD command.
ircd::tcp:::This server was created
ircd::tcp::Internet Relay Network
ircd::tcp::^:.* NOTICE AUTH 
ircd::tcp::^ERROR Closing Link 
ircd-hybrid::tcp::^NOTICE AUTH
iss-realsecure::tcp::iss ecnra
iss-realsecure::tcp::^\x00\x00\x00.\x08\x01\x04\x01\x00
jabber::tcp::^<stream:
jboss-namingservice::tcp::org.jnp.server.NamingServer_Stub
jinilookupservice::tcp::.*jini\.core\.lookup
#jrmi::tcp::^N
kde-artsd::::^MCOP\x00.*aRts/MCOP
kerberos-remsh::tcp::krshd: 
ksysguard::tcp::^ksysguardd
ldap::tcp::^\x30\x0c\x02\x01\x01\x61
ldap::tcp::^\x30\x32\x02\x01
ldap::tcp::^\x30\x33\x02\x01
ldap::tcp::^\x30\x38\x02\x01
ldap::tcp::^\x30\x84
ldap:ldap:tcp::^\x30\x45
linux-gnome-desktop::tcp::^\x00\x01\x00\x40
linux-gnome-session::tcp::\x02\x70\x70\x01
linuxconf::tcp::linuxconf
lisa::tcp::^0 succeeded
lisa::tcp::\x0a\x00succeeded\x0a\x00
lotus-notes:lotus-notes:tcp::/OU=
lotus-notes::tcp::^\x7c\x00\x00\x00\x71
lpd::tcp::^Invalid protocol request
lpd::tcp::lpd:
lpd::tcp::lpsched
lpd::tcp::no connect permissions
lyskom::tcp::%%lyskom unsupported protocol
magellan-osp::tcp::^010100
mailhurdle::udp:10:\x00\x08\x06\x9f\x7a\x06\x00\x00\x00\x00
mldonkey::tcp::donkeyserver
mldonkey::tcp::mldonkey
mldonkey::tcp:1:\x31
mldonkey-mlnet::tcp::ADDDOWNLOAD\([1-9]
mirapoint-admind::tcp::^\* OK .* admind .* server ready
mon-perl::tcp::^520 command could not be executed
mon-perl::tcp::^520 invalid command
ms-active-sync-manager_(WCESMgr)::::^\x16\x00\x01\x00
ms-distribution-transport::::\x0b\x00\x78\x01
ms-distribution-transport:::6:^..\x0a\x00
ms-distribution-transport:::6:^ERROR\x0a
ms-distribution-transport::tcp::^..\x0a\x00....\x0a\x00....\x0b\x00....\x0b\x00..
ms-distribution-transport::tcp:6:\xb8\xef\x0c\x73\x00\x00
ms-distribution-transport::tcp:6:\xc0\x52\x0d\x73\x60\x53
ms-ds:ms-ds:::\x00\x00\x00\x55\xff\x53\x4d\x42\x72\x00
ms-ds:ms-ds:::^.....SMB
ms-ds:ms-ds:::^\x00\x00\x00\x65
ms-dtc::tcp::^\x68\xfe\x0a\x00\x78\x01
ms-dtc::tcp::^\x78\x01\x07\x00
ms-dtc::tcp:6:^..\x0b\x00
ms-exchange-emsmta::::\x80\x07\x00\x7a
ms-location-service::::^\x04\x06
netmeeting-desktopsharing:ms-remote-desktop-protocol:tcp:4:^\x03\x00\x00\x11
ms-remote-desktop-protocol::::^\x03\x00\x00\x0b
ms-remote-desktop-protocol::::^\x03\x00\x00\x11
ms-rpc-proxy-endpoint::::^ncacn_http
ms-rpc::::^\x05\x00\x0d\x03\x10\x00\x00\x00\x18\x00\x00\x00\x00\x00
ms-sql::::^\x04\x01\x00\x25
ms-sql::::^\x05\x6e\x00
ms-sql::::;MSSQLSERVER;
ms-exchange::tcp::Microsoft Routing Server
msdtc:::3:..\n
mysql::tcp::^\x19\x00\x00\x00\x0a
mysql::tcp::^\x2c\x00\x00\x00\x0a
mysql::tcp::hhost '
mysql::tcp::khost '
mysql::tcp::mysqladmin
mysql::tcp::whost '
mysql-blocked::tcp::^\x28\x00\x00
mysql-secured::tcp::this MySQL
nagiosd::::Sorry, you \(.*are not among the allowed hosts...
nbd-server::tcp::^NBDMAGIC
nessus::tcp::< NTP 1.2 >\x0aUser:
netbios-name::::^\x79\x08.*BROWSE
netbios-name::::^\x79\x08.\x00\x00\x00\x00
netbios-session::::^\x05\x00\x0d\x03
netbios-session::::^\x83\x00
netbios-session::tcp::^\x82\x00\x00\x00
netbus::tcp::netbus
netop::udp::^\xd6\x81\x81
netop::tcp::^\xd6\x81\x81
netstat:::: LISTEN 
netstreamer::tcp::^READY Radio Server
nntp::tcp::/etc/vnews.conf
nntp::tcp::^200.* INN 
nntp::tcp::^200.*NNRP
nntp::tcp::^200.*NNTP
nntp::tcp::^200.*\n435
nntp::tcp::^200.*\n500
nntp::tcp::^502
nntp::tcp::^200.* you can post 
nntp-ms::tcp::^201 .* Microsoft .* News 
nntp-ms::tcp::^220.*Exchange Internet News Service
nntp-ms::tcp::^200.*Exchange Internet News Service
norman-njeeves::tcp::^\x0d\x0a\x07\x4e\x50\x45\x50
nsclient::tcp::^ERROR:Wrong
ntalk::udp::^\x01\x00\x05\x00\x00\x00
ntp::::^\x0c
ntp::::^\x34\x0b\x01\xef\x00\x00
ntp::::^\xcc\x00\x04\xef\x00\x00
ntp::::^\xdc\x00\x0a\xfa\x00\x00\x00\x00\x00
ntp-ms::::^\x3a\x02\x00\xf9\x00\x00\x00\x00\x00\x00\x00\x00
ntp-ms::::^....\x00\x00\x00\x00\x00\x00\x00\x00\xc0\x3d\x92\x75
ntp:ntp:udp:48:^....\x00\x00..\x00\x00
nuance-voice-recognition-client:oracle-tns-listener:tcp::^\x00\x18\x00\x00\x02\x00\x00\x00
nuance-manager-protocol::tcp::\x54\x00\x03\x01\x00\x54\x31\x03\x02\x00
openvpn::::^\x00\x2a\x40
openvpn::::^\x00\x0e\x40
oracle-tns-listener::tcp::\(ERROR_STACK=\(ERROR=\(CODE=
oracle-tns-listener::tcp::\(ADDRESS=\(PROTOCOL=
oracle-dbsnmp::tcp::^\x00\x0c\x00\x00\x04\x00\x00\x00\x00
oracle-https::tcp::^220- ora
oracle-rmi::tcp::\x00\x00\x00\x76\x49\x6e\x76\x61
oracle-rmi::tcp::^\x4e\x00\x09
pgp-keyserver-ldap::tcp::\x04\x0b\x50\x47\x50\x45\x72\x72\x6f\x72\x20
ph::::598:.*:command not recognized
pop2::tcp::^\+ 
pop3::tcp::^\+OK
pop3-passwd::tcp::^220.*poppassd
pop3-pw::tcp::500 Password
postgres::tcp::Invalid packet length
postgres::tcp::^EFATAL
psybnc::::Welcome!.*psyBNC
psybnc::::welcome!psybnc@
pyslsk::tcp::^.\x00\x00\x00\x09\x00\x00\x00
qotd:::5-1000:^"[A-Z].* .* .*[!?.]"\r\n[A-Za-z].*\r\n
raritan-console-system::tcp::<CSC/>
realserver::::realserver
realserver::::rmserver
remote-apple-events_eppc::tcp::\x79\x08\x00\x00\x00\x01\x00
remsh::tcp::rshd: 
remsh::tcp::^.remsh
remote-watch-xperience::tcp::^\x00\x00\x15\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00
rexec::tcp::^\x01\x4c\x6f\x67\x69\x6e
rexec::tcp::rexecd: 
rlogin::tcp::login: 
rlogin::tcp::rlogind: 
rlogin::tcp::^\x01\x50\x65\x72\x6d\x69\x73\x73\x69\x6f\x6e\x20\x64\x65\x6e\x69\x65\x64\x2e\x0a
rpc-nfs::::^\x02\x00\x00\x00\x00\x00\x00\x01\x00\x00\x00\x01\x00\x00\x00\x00
rpc::::\x01\x86\xa0
rpc::::\x03\x9b\x65\x42\x00\x00\x00\x01
rpc::::^\x80\x00\x00
rsync::tcp::^@RSYNCD:
saint-nprep::tcp::^nrpep - 
sap-r3::tcp::^\x00\x00\x06\xc6
sap-r3::tcp::^\x00\x00\x06\xf4
sap-r3::tcp::^\x00\x00\x07\x5e
sendlog::tcp::SendLog Server
shoutcast::::icy 200 ok
sieve::tcp::^.?IMPLEMENTATION
skype::udp::^\x79\x08\x37\x7f\x00\x00
slimserver:http-get:tcp::^GET %2F 
slp::tcp::^\x02\x05\x00
smtp::tcp::^220.*\n250
smtp::tcp::^220.*SMTP
smtp::tcp::^412 .*smtp
smtp::tcp::^554.*mail
smtp::tcp::^554.*smtp
smtp::tcp::^220 .*mail
smtp-trendmicro::tcp::^220.*InterScan
smtp-qmail::tcp::^214.*qmail
smtp-pix::tcp::^220.*\*\*\*\*\*\*\*\*
smtp-notesdomino::tcp::^220.*Lotus
smux::::^\x41\x01\x02\x00
snmp-public:snmp-public:udp::\x70\x75\x62\x6c\x69\x63\xa2
snmp::tcp:3:\x41\x01\x02
socks::::^\x05[\x00-\x08]\x00
solaris-management-console::tcp::.*Solaris Management
sophos-av-update::tcp::^IOR:[0-9][0-9][0-9][0-9][0-9][0-9][0-9][0-9][0-9][0-9]
sourcegear-sourceoffsite::::Database Aliases:[A-Za-z0-9]
spamd::tcp:1:\x32
spamassassin::tcp::^SPAMD/
squid::tcp::.*squid
svrloc::tcp::^\x02\x05\x00\x2e\x40\x00
ssh::tcp::^SSH-
ssh-openssh::tcp::^SSH-.*openssh
ssl::tcp::^\x15\x03
ssl::tcp::^\x16\x03
ssl::tcp::^\x82\xad
ssl::tcp::SSL.*GET_CLIENT_HELLO
ssl::tcp:1:\n
ssl::tcp::-ERR .*tls_start_servertls
streaming-server::tcp::^RTSP/1.0 [1-5]
sybase::tcp::^\x04\x01\x00
syntellect-vista::tcp::^89:[A-Za-z]+.*:\n
systat::::^USER   
systat:::: http://procps.sf.net/faq.html
tcpmux::::-service not available
teamspeak2::tcp::^\[TS\]
teamspeakserver::::^\x5b\x54\x53\x5d\x0d\x0a
telnet::tcp::^\xff\xfd
telnet::tcp::Telnet is disabled now
telnet-aix::tcp::^\xff\xfe
telnet-raptor-firewall::tcp::raptor
telnet-t-rex-proxy::tcp::^\xff\xfb
telnet-stonegate-firewall::tcp::^StoneGate firewall 
tftp::udp::^\x00[\x03\x05]\x00
timbuktu-pro::::^\x00\x25\xd1\x1f
time:::4:^\xc2
time:::4:^\xc3
time:::4:^\xc4
time:::4:^\xc5
time:::4:^\xc6
time:::4:^\xc7
time:::4:^\xc8
time:::4:^\xc9
timesync::tcp::TimeSync Server
tivoli_tsm-server::tcp::^\x00\x3b\x1e\xa5
tivoli_tsm-http-server::tcp::.*ADSM_HTTP
tomcat::tcp::.*Servlet-Engine
uucp::::^login: password: 
vmware-authd::tcp::^220 VMware Authentication
vnc::tcp::^RFB
vtun::::vtun server
webmin::tcp::.*MiniServ
webmin-miniserv::udp::^0\.0\.0\.0:.*:[0-9]
webseal::tcp::^\x80\x03\x00\x00
websm::tcp::Language received from client:.*Setlocale:
websphere-javaw::tcp::^\x15\x00\x00\x00\x02\x02\x0a
wins::tcp::^\x00\x00\x1e\xff
wins::tcp::^\x00\x00\x00\x1e\xff\x53\xad\x80
x-windows:x-windows:tcp::MIT-MAGIC-COOKIE
x-windows:x-windows:tcp::^\x01\x00\x0b\x00\x00
zannet::tcp::^ZanNet login:
zebra::tcp::this is zebra
9grid-9p::tcp::^cpu: authenticating: 
(response_of_many_applications)::tcp:1:\x01
echo:ssl:::^\x80\x80\x01\x03\x01\x00