AnsweredAssumed Answered

How Does OS Fingerprinting Affect Scan Results?

Question asked by Bryan Fish on Sep 13, 2018
Latest reply on Sep 13, 2018 by Martin Walker

In our environment, QualysGuard is incorrectly identifying some operating systems via TCP/IP fingerprinting.  I have a pretty good idea why it's happening - we have network devices (including firewalls) between the scanner and the target that are likely causing the issue.  We can't do anything to change that.  We also can't implement authenticated scans.

My question, though, is this - what is the impact on scan results for an asset with an incorrect OS?  Specifically, I am curious about 2 things:

1. Will the incorrect OS affect the QIDs the scanner tests (in other words, does the scanner selectively choose which QIDs to test based on the OS detected)?

2. Will the incorrect OS affect the accuracy of the test results for any QIDs?