Best distribution to deploy on - And getting reports out of failed scans
I have a deployment question.
I have installed Arachni on a fresh Kali 2017.1 instance, and the scanner is crashing either right from the start, or mid scan.
I have observed very odd behaviour (such as the scans completing a few seconds after start), and rebooting the server and relaunching the same steps 1 out of 2 times would then scan (work).
I have two questions:
Q1) What would be the ideal distribution to install for Arachni (what is your choice as the best to deploy on) ?
Q2) Is there a way to get a report out of Arachni when the scan has failed (I have scan that runs for two days and gathers a lot of significant results, but looses connection to the instance and fails, and I cannot really get the results out of the scanner, so I am cut and pasting details out.
Thanks for your help!
Keyboard shortcuts
Generic
? | Show this help |
---|---|
ESC | Blurs the current field |
Comment Form
r | Focus the comment reply box |
---|---|
^ + ↩ | Submit the comment |
You can use Command ⌘
instead of Control ^
on Mac
Support Staff 1 Posted by Tasos Laskos on 26 Aug, 2017 04:53 PM
1) Doesn't really matter so long as you use the official packages (not Kali's version) and the system meets the recommended resource requirements (you can find those at the bottom of the download page).
2) Sadly not, the full report isn't available until the end of the scan and that allows for the results to be exported into the various supported formats. Again, I'd advise that you make sure your system meets the necessary requirements. If it does but you're still getting crashed scans, then this requires further investigation.
2 Posted by eparent on 26 Aug, 2017 05:22 PM
Awesome, thanks!
I will redeploy on a fresh Ubuntu and give that a try.
Eric
Support Staff 3 Posted by Tasos Laskos on 26 Aug, 2017 05:41 PM
No problem.
About the scans that crash right away? What exactly is going on?
Arachni doesn't generally crash, if a scan dies it's usually because the system doesn't have enough resources and the kernel kills it, or it kills the system, but even so it would require some time to get to this point.
4 Posted by eparent on 29 Aug, 2017 03:01 PM
It looks like a open file limit is being reached.
I have reconfigured the OS from 1024 open files to 65535 and will retest on the scan that kept failing.
I did notice after an aborted scan (another scan that had been running for over 24 hours), the ruby process was stuck at 100% even hours after a successful abort. But that is another issue. I will gather an appropriate level of detail after I retest and advise you if this behaviour is still observed.