Have you ever run a Nexpose scan and had the wrong operating system identified for an asset? Perhaps the incorrect TCP/IP stack fingerprint was used, or you scanned an embedded device we haven't seen before. The March 9th release of Nexpose (6.1.14) has a new feature that allows you easily report such fingerprinting errors to Rapid7 and helps us to improve fingerprinting accuracy. No need to open a support ticket!
A new feedback button (circled below), available on the Asset detail page next to the OS, will open a dialog with fields to correct the vendor, OS, and/or version:
The vendor and OS fields will autocomplete products we already know about, so once you begin typing you can choose a suggestion from the drop-down that appears:
We recommend that you use these suggestions if an appropriate one is shown. This will help reduce inconsistencies in submitted reports, allowing us to more effectively analyze them and correct Nexpose's fingerprinting behaviour.
Clicking "Send Now" will transfer the most recent scan log for the misfingerprinted asset to Rapid7 (for context), along with the corrections provided in the dialog. Feel free to close the dialog at any time after this; the information will continue to be sent in the background. If you want to be notified when the information has successfully been sent, keep the dialog open until the confirmation message is shown:
We strive to have the most accurate fingerprinting possible in Nexpose, so your reports are greatly appreciated!