New procedure to submit OS fingerprints

Summary

Tenable is providing a new web-based method for customers to use when submitting OS fingerprinting signatures for misidentified assets.

Change

When Tenable Nessus is unable to positively identify a scan target’s operating system, a plugin will report the failure, along with response data collected from any successful sessions with listening services on the target. This data is aggregated into a fingerprint that Tenable can often use to develop a better profile for identification of unknown devices.

Customers have traditionally submitted this data to an email address listed in the plugin output. Tenable is updating the procedure, and customers can now submit this data using a web-based form at https://www.tenable.com/research/submitsignatures. The change is to help Tenable reduce the volume of invalid or incomplete submissions, and to ensure customers know the correct information to provide when submitting a fingerprint.

The email submission method will continue to function until December 31, 2024.

Impact

Customers will use a new procedure to submit OS fingerprint details to Tenable to improve detection when an asset cannot be positively identified.

Plugin

11936 - OS Identification

50350 - OS Identification Failed

Target Release Date

October 1, 2024