Scan troubleshooting tips

Recommended first steps

Why did my scan crawl only one link?

What should I do if authentication fails?

QID 150024 Web Application Scan Time Limit Reached

How can I tell if the scan found the correct login form?

How can I find out where the scan stopped?

What can I do about the No Hosts Alive status?

How can I reduce the overall scan time?

QID 150018 Connection Error During Scan

 


Recommended first steps

You can troubleshoot most scan problems by viewing the QIDs in the scan results. Go to Scans > Scan List, click the scan you want to troubleshoot, then click the View Report button in the preview pane.

What should I do if authentication fails?

See if the scan used the correct authentication record(s). When you open QID 150008 Web Application Authentication Failed. You’ll find the authentication record(s) in the Results section. If a Selenium script was used for authentication, open QID 150095 to see the Selenium script. Tell me more about Selenium Scripts

How can tell if the scan found the correct login form?

View the scan results report. In the details of QID 150008 you'll see the URI where our service attempted to log in. Check your web application to see if this is the correct URI for the login form.

How do I do this?

What can I do about the No Hosts Alive status?

Take these steps to determine the cause:

1) Verify in a browser that the IP address or FQDN and the provided port loads the web application.

2) Verify that the web application, as defined in your account, has the correct IP/FQDN and port.

3) Check if the web server is connected to the network.

4) Check to be sure the web server is up and running.

5) Check with the network administrator to ensure that the web application has the necessary access (IP address and port) from outside (if using the External scanners) or from the IP address assigned to the Scanner Appliance (if using a scanner appliance).

Tell me about QID 150018 Connection Error Occurred During Scan

One of two things happened if your scan results report QID 150018 Connection Error Occurred During Scan. Either 1) your scan didn’t reach the maximum number of connection errors/timeouts and the scan was able to finish properly, or 2) your scan reached the maximum number of connection errors/timeouts and therefore did not finish the whole scan as expected. What can I do about it?

Tell me about QID 150024 Web Application Scan Time Limit Reached?

Here are some common causes:

- Slow network connections, such as scanning across a WAN link, can increase the time it takes to make each request.

- Slow responsiveness from the web application.

- Maximum crawl requests setting is too high in the option profile.

- Web application contains a lot of parameters (URIs and forms). The number of parameters directly affects the number of tests to be performed and, in turn, increases the overall scan time.

How can I find out where the scan stopped?

When a scan times out, you can determine where it stopped by reviewing QID 150021 Scan Diagnostics. Learn more

How can I reduce the overall scan time?

There are several ways to do this:

Reduce the number of vulnerability-related QIDs selected for the scan

Reduce the maximum number of links to crawl (in the option profile)

Block HTML form submissions (using a POST data Black List in web application settings)

Black list unnecessary sections of the web application

Why did my scan crawl only one link?

Here's a couple of things to check:

- Open QID 150009 Links Crawled and copy the URL into your browser to see if it's the starting URL of your site. If not you just need to edit the web application and update the Starting URL setting.

- Check your web application settings to be sure the starting URL is not black listed.