Guidlines how to reduce the scan consumption time
Requirement:
Apply two VM
Based to GS and GC two environment,the best way is to apply two VM and scan concurrently
System Requirements:
CPU - 1GHz and above
RAM - 2GB and above
Free Disk Space- 3-4GB
Large Sites Scan and Testing
The best way is to split the explore phase or test phase.If not,Rational AppScan Standard will eventually run out of resources
Rules:
Large number of visited links - greater than 10,000
Normal number of visited links but a large number of potential vulnerabilities
More than 100,000 potential vulnerabilities but no more then 500-1,000 visited links; this can be an indication of a large number of form. fields in the session.
Memory consumption of more than 500MB
Reduce Time Technote
Parameter,Cookies:Separate the path from parameters.Check the application data exclude the URL
Explore method:keep explore operation not redundant,duplication operation will generate large explored and visited URLs
Template Using:when you want to kick off a new scan,please import the template, which can save many configuration time
Crash
This point is most of consumpation scan time, how to aviod frequently crash,of cause some crash you can not aviod this version 7.8.0.2,you can refer to checkpoint like below
PK64834: AppScan crashes in explore phase if a specific response is received
Problem summary
This crash occurs when AppScan receives a very specific
response, so it is probably very rare.
The response should follow the following conditions:
It should contain two strings that matched by the Credit
Card detection pattern and a null byte appears between them.
Such response causes the Global Detection function that
detects credit card patterns in responses to crash.
Problem conclusion
A bug that caused the crash was fixed in the following
function:
DetectionFunction::DetResponseMatchLUHNSum
PK82534: AppScan crashing when JSX turned on explore phase
Error description
A specific js file the customer is trying to scan contains endle
ss recursive function that is causing AppScan to get stuck in an endless loop.
Problem summary
AppScan with JSX enables crashed with stack overflow because
recursive call in the customer javascript.
Problem conclusion
The workaround is exclude the recursive calls.
PK81128: AppScan crashes/freezes when using long custome parameters
Problem summary
This doesn't have to be related to long regular
expressions,but it is related to custom parameters found
during the explore phase. The problem will happen if the
pattern overlap.
Problem conclusion
The problem was easy reproducible with the given scan, the
overlapping check was fixed.
PM01545: Invalid characters in the automatic form. filler may cause AppScan to crash
Problem summary
If a manual explore discovers certain unusual characters and
populates the automatic form. filler with them, AppScan may
crash if paused during automatic scan.
Problem conclusion
Handle unusual characters in the Form. Filler correctly, to
avoid crashing.
This has been fixed in IBM Rational AppScan Standard Edition
version 7.9.0.1
PM11875: Scan crashes with non-critical thread error message due to CompressScan option
Problem summary
Scan crashes with a non-critical thread error message due to
CompressScan option
Performing a manual explore, saving the file, and then
performing a manual explore again - with the CompressScan
option enabled - will cause AppScan Standard to crash with a
non-critical thread error.
Problem conclusion
Advance Option CompressScan changed to
ScanReductionThreshold
and some improvements made to it.
Fixed in Rational AppScan (Standard) version 7.9.0.2.
Download instructions can be found at
PK99687: AppScan crash due to a huge amount of requests recorded in the Multi-step
Error description
Huge amount of requests in the multistep operation sequence can
cause AppScan to crash when opening the internal browser when pe
rforming manual explore or recorded login.
Local fix
Problem summary
AppScan did not free memory correctly between loading scans
or creating new scans
Problem conclusion
Add some collection function to free memory after loading
scan or creating regular scan.
PM13279: AppScan crashes in analysis-engine due to response missing.
Problem summary
The scan was corrupted, and when AppScan looked in the
Explore results for responses to analyze, there were IDs
with no related response. When trying to analyze these IDs
AppScan crashes.
Problem conclusion
Avoid crashing by ignoring IDs with no related response.
Fixed in Rational AppScan (Standard) version 7.9.0.3.
Download instructions can be found at