Scans and Network Errors

Initial Checks at the start of a Target Scan

The Acunetix scanner performs some initial checks before starting a scan. One such check is simply an attempt to connect to the Target's web server.

If any of the critical initial checks do not pass, the scan fails immediately.

How are Network Errors Counted?

If a running scan encounters 25 consecutive network errors, the scan is aborted. The network errors need to be consecutive, meaning that if the Acunetix scanner encounters 21 consecutive errors, and the 22nd request is successful, then the network error counter is reset to zero and the counting starts again.

Below we discuss some of the finer points of what is counted as a Network Error, and what is NOT counted as a Network Error.

Not Counted: HTTP Error Response Codes

In particular, HTTP Error response codes received from a Target are NOT considered to be Network Errors; any 4xx and 5xx error responses will simply be processed according to the scanner's rules and the scan will proceed as normal. You should keep in mind that the scanner makes a number of requests to the target using awkwardly built requests (payloads) to make sure the web application is able to correctly process such malformed requests correctly, and it is commonplace for a web application to respond with a 4xx or 5xx message to badly-formed requests.

Not Counted: AcuMonitor Missed Responses

Some vulnerability checks require out-of-band communication with the AcuMonitor service. Network errors resulting from requests to the AcuMonitor service during the scan are NOT counted and will not cause the scan to be aborted.

Not Counted: Special Checks where Failure is the Expected Result

Some vulnerability checks will, by design, not successfully connect (or will not receive a response) if the vulnerability is not present. Therefore, such connection failures or missed responses are also NOT considered Network Errors.

Counted: Critical Network Errors

Some types of Network Error are considered critical for the scan, and therefore such errors are counted.

The most common types of such Network Errors are Connection Resets, and Socket or SSL Errors.

Counted: Connection Timeouts

Another critical error scenario is a Connection timeout; if the scanner's network layer sends a request to a Target, and a response is not received inside of 30 seconds, then the network request "times out", and such an event is counted.

๐Ÿ” Pre-Scan Checks to avoid unnecessary Network Errors

To ensure that the Network Errors encountered by the scan are not caused by configuration issues, check the following before starting a scan:

  • check that the web server is started on the Target
  • check that the Target web service is reachable from the Acunetix machine by navigating to the Target's URL from the Acunetix machine; for Acunetix Online, you can confirm this by editing the Target and temporarily launching the Login Sequence Recorder
  • whitelist the IP Address of your Acunetix machine in the Target's firewall (*)
  • whitelist the IP Address of your Acunetix machine in any Web Application Firewall you may be using (*)

* if you are using Acunetix Online, you will need to whitelist scanners.acunetix.com

 

ยซ Back to the Acunetix Support Page