Ibm Appscan Communication Error
Contents |
Technote appscan has detected that it is out of session and is trying to re login (troubleshooting) Problem(Abstract) Attempts to start scanning with
Appscan In-session Detection Pattern
IBM Security AppScan Standard version 9.0.x result in "Communication Error", even if
Failed Due To Communication Error Appscan
the application is accessible. Cause The issue could be that the application responses to the AppScan system down checks took
Appscan Failed Due To Communication Error, Connection Timed Out
a some time, and AppScan declared "Communication error" even if AppScan could communicate with the application. Resolving the problem Workaround: Disable the server down check by setting to False the following two options: Scan Configuration -> Advanced Configuration -> Server-down appscan suspended (failed to login to the application) detection: Check for "server down" in Explore Scan Configuration -> Advanced Configuration -> Server-down detection: Check for "server down" in Test Note: Disabling the server-down function will not have any critical impact on the scan. The only impact is that if there is a communication problem, AppScan will take a longer time to report it, or it may report it a form of another error message. Document information More support for: IBM Security AppScan Standard Site Coverage: Communication/Network Software version: 9.0, 9.0.0.1 Operating system(s): Windows Reference #: 1686215 Modified date: 2014-10-09 Site availability Site assistance Contact and feedback Need support? Submit feedback to IBM Support 1-800-IBM-7378 (USA) Directory of worldwide contacts Contact Privacy Terms of use Accessibility
refreshed; Session Identifier value refreshed; Windows File; Unix File; Windows File Parameter Alteration; Parameter Alteration Technote (troubleshooting) Problem(Abstract) At the end of appscan login management a scan, IBM Security AppScan Standard displays a "Test File Parameter Alteration ibm appscan tutorial failed due to communication error" message. Symptom The ScanLog.log file includes several sequences such as these: Test xxx out of session definition (Windows File Parameter Alteration ) failed due to communication error: ... Test xxx (Windows File Parameter Alteration ) is negative on: ... Session Identifier value refreshed; ... Session Identifier value http://www-01.ibm.com/support/docview.wss?uid=swg21686215 refreshed; ... Session Identifier value refreshed; ... Session Identifier value refreshed; ... ... or Test xxx (Unix File Parameter Alteration ) failed due to communication error: ... Test xxx (Unix File Parameter Alteration ) is negative on: ... Session Identifier value refreshed; ... Session Identifier value refreshed; ... Session Identifier value refreshed; ... Session Identifier value refreshed; ... ... Cause The http://www-01.ibm.com/support/docview.wss?uid=swg21505524 target application server does not respond to the "Windows File Parameter Alteration" or "Unix File Parameter Alteration" tests, and AppScan tries to rerun the tests after 180 seconds. The test "XPath Injection" can result in the same error. Diagnosing the problem Although these three tests: Windows file parameter alteration Unix file parameter alteration XPath Injection are classified as non-invasive, they do attempt to access system directories on the target web server and can sometimes cause the target server to stop responding. Resolving the problem Disable the three tests and rerun the scan to avoid the issue: Open Scan Configuration > Test Policy Find these tests (for example, enter File Parameter in the find/search field and press Enter) - and then disable them: Windows File Parameter Alteration Unix File Parameter Alteration XPath Injection Press OK when done. After changing the Test Policy, rerun the explore phase by completing one of these actions: Scan > Re-Scan > Re-Scan (Full) Scan > Re-Scan > Re-Explore Document information More support for: IBM Security AppScan Standard Scan: Performance Software version: 8.7, 8.7.0.1 Operating sy
out-of-session and is trying to re-login" 1283302; AppScan; In-session; detection; login sequence; login; login management; In-SessionDetection; In-Session-Detection; In-Session_Detection; InSession Detection; In_Session Detection; In Session Detection; appscan standard; login expert; expert; 00003357 http://www.ibm.com/support/docview.wss?uid=swg21283302 Technote (troubleshooting) Problem(Abstract) Running a scan results with IBM Security AppScan Standard results in error "AppScan Standard has detected it is out-of-session and is trying to re-login" Symptom Running a scan, the following notification is displayed http://www-01.ibm.com/support/docview.wss?uid=swg21283297 in the UI followed by a 90 second countdown: "AppScan Standard has detected it is out-of-session and is trying to re-login" During this time, the Scan Log will display multiple login requests until the scan communication error eventually stops with this log entry: Stopping scan due to out of session detection Cause As the error message says, AppScan Standard detects it is out-of-session and it is not able to login into the target application. Resolving the problem Consult Login methods in AppScan Standard. There are several possibilities why this can occur: Server stopped responding: AppScan Standard may not be able to get a response in a timely manner out of session from the application due to it being overloaded or temporarily down. During the login steps, the system down checks are disabled, and AppScan is not detecting communication errors. To confirm if this is a communication error, uncheck Configuration > Logim Management > Activate Session Detection and scan again. If the scan stop, this time due to communication error, consult Scanning results in "Communication error". Issues with session cookies/parameters This applies to the Request-based login. Some session cookies or session parameters are missing or tracking is set incorrectly on them. When recording, AppScan will automatically try to detect cookies or parameters in the login sequence that it believes to be related to the session state (i.e. "ASP.NET_SessionId", "JSESSIONID"), and AppScan determines if the cookies/parameters should be tracked or not. These will be listed on the Configuration > Login Management > Session IDs tab. There is a check box to set tracking. If there are session identifiers that have not detected by AppScan, add them to the Session IDs list and try continuing the scan. Also check the tracking option for the cookies/parameters. The rule of thumb is to try setting anything that appears to have a dynamic value (usually a random alpha-numeric string) to be tracked and anything with a static value (a
1283297; proxy; firewall; internet; blocked; AppScan; update; installshield; install sheild; user-agent; user; agent; registry; regedit; WCCP; issch.exe; agent.exe; ISDM.exe; proxy server; 1469017 Technote (FAQ) Question How do you troubleshoot IBM Security AppScan Standard when problems are encountered while updating if Proxy Servers or Firewalls are preventing access to the updates server? Answer This technote gives some troubleshooting tips for issues with the update function. To see how the update process works, consult technote How the Update function works in AppScan Standard. Does the Update function use HTTP or HTTPS? The AppScan Standard updates connect using HTTP and HTTPS. InstallShield Windows Processes: AppScan Standard performs its updates using InstallShield. When AppScan Standard checks for updates, the following InstallShield processes are running in the background sending information to AppScanUpdates.exe: issch.exe (InstallShield Update Service Scheduler) agent.exe (InstallShield Update Service Agent) ISDM.exe (InstallShield Update Service Download Manager) These programs are located in the C:\ProgramData\FLEXnet\Connect\11 folder. If a personal firewall is present on the machine, these processes need to be allowed access to the Internet. Program Updates Applet using the Control Panel: If the Auto-Update process fails, one of the first steps to try is to navigate to the Windows Control Panel > Program Updates applet and attempt to download the AppScan Standard updates this way. That will show if AppScan Standard is not able to communicate with the update service properly or if the cause of the problem is the InstallShield service itself. AppScan Standard Update Servers: The first server contacted by the InstallShield Service is updates.installshield.com. The update service will download an XML file with the list of updates, the description and the location of the update files. After the list of updates is downloaded, InstallShield prompts for download confirmation. If confirmation is received, the agent.exe process launches the InstallShield Update Service Download Manager (ISDM.exe), which will connect to the IBM download server at download4.boulder.ibm.com and down