Guidlines how to reduce the scan consumption time

 

Requirement:

Apply two VM

Based to GS and GC two environment,the best way is to apply two VM and scan concurrently

 

System Requirements:

CPU - 1GHz and above

RAM - 2GB and above

Free Disk Space- 3-4GB

 

Large Sites Scan and Testing

The best way is to split the explore phase or test phase.If not,Rational AppScan Standard will eventually run out of resources

 

Rules:

Large number of visited links - greater than 10,000

Normal number of visited links but a large number of potential vulnerabilities

More than 100,000 potential vulnerabilities but no more then 500-1,000 visited links; this can be an indication of a large number of form. fields in the session.

Memory consumption of more than 500MB

 

 

Reduce Time Technote

Parameter,Cookies:Separate the path from parameters.Check the application data exclude the URL

Explore method:keep explore operation not redundant,duplication operation will generate large explored and visited URLs

Template Using:when you want to kick off a new scan,please import the template, which can save many configuration time

 

Crash

This point is most of consumpation scan time, how to aviod frequently crash,of cause some crash you can not aviod this version 7.8.0.2,you can refer to checkpoint like below

 

 

 

PK64834: AppScan crashes in explore phase if a specific response is received

 

Problem summary

This crash occurs when AppScan receives a very specific

response, so it is probably very rare.

The response should follow the following conditions:

It should contain two strings that matched by the Credit

Card detection pattern and a null byte appears between them.

Such response causes the Global Detection function that

detects credit card patterns in responses to crash.

 

Problem conclusion

A bug that caused the crash was fixed in the following

function:

DetectionFunction::DetResponseMatchLUHNSum

 

 

PK82534: AppScan crashing when JSX turned on explore phase

Error description

 

A specific js file the customer is trying to scan contains endle

ss recursive function that is causing AppScan to get stuck in an endless loop.

 

 

Problem summary

AppScan with JSX enables crashed with stack overflow because

recursive call in the customer javascript.

 

Problem conclusion

The workaround is exclude the recursive calls.

 

 

PK81128: AppScan crashes/freezes when using long custome parameters

Problem summary

This doesn't have to be related to long regular

expressions,but it is related to custom parameters found

during the explore phase. The problem will happen if the

pattern overlap.

 

Problem conclusion

The problem was easy reproducible with the given scan, the

overlapping check was fixed.

 

PM01545: Invalid characters in the automatic form. filler may cause AppScan to crash

 

Problem summary

If a manual explore discovers certain unusual characters and

populates the automatic form. filler with them, AppScan may

crash if paused during automatic scan.

 

Problem conclusion

Handle unusual characters in the Form. Filler correctly, to

avoid crashing.

 

This has been fixed in IBM Rational AppScan Standard Edition

version 7.9.0.1

 

 

 

PM11875: Scan crashes with non-critical thread error message due to CompressScan option

 

Problem summary

Scan crashes with a non-critical thread error message due to

CompressScan option

 

Performing a manual explore, saving the file, and then

performing a manual explore again - with the CompressScan

option enabled - will cause AppScan Standard to crash with a

non-critical thread error.

 

Problem conclusion

Advance Option CompressScan changed to

ScanReductionThreshold

and some improvements made to it.

 

Fixed in Rational AppScan (Standard) version 7.9.0.2.

Download instructions can be found at

 

 

 

PK99687: AppScan crash due to a huge amount of requests recorded in the Multi-step

 

Error description

Huge amount of requests in the multistep operation sequence can

cause AppScan to crash when opening the internal browser when pe

rforming manual explore or recorded login.

 

Local fix

Problem summary

AppScan did not free memory correctly between loading scans

or creating new scans

 

Problem conclusion

Add some collection function to free memory after loading

scan or creating regular scan.

 

 

PM13279: AppScan crashes in analysis-engine due to response missing.

Problem summary

The scan was corrupted, and when AppScan looked in the

Explore results for responses to analyze, there were IDs

with no related response. When trying to analyze these IDs

AppScan crashes.

 

Problem conclusion

Avoid crashing by ignoring IDs with no related response.

 

Fixed in Rational AppScan (Standard) version 7.9.0.3.

Download instructions can be found at