Intruder's Smart Recon algorithm is designed to help you save on licensing costs, by only scanning live systems which are exposed to the internet. Occasionally, you might try to run a scan and will be shown a notification that says your scan finished soon after it started, with the following message:
This can occur for a number of reasons, so we'll go into some of the technical detail below, to help you debug the issue and find out why.
Whenever you start an Intruder scan, the first step for our scanners is to run a Smart Recon scan to discover which of the targets in the scan are responsive, and which aren't. If none of the target systems in the scan respond to our probes then the scan will finish, since there's nothing exposed which can be scanned for vulnerabilities.
The most common reasons for this to occur are:
- The scanner is being blocked by your firewall, IPS or WAF. Please see our article on whitelisting, with details on how you can resolve this.
- The targets in the scan do not expose any ports or services to the internet, and they also do not respond to ping
If you don't think either of the scenarios above apply to you, please contact us via the chat bubble and let us know which targets you expect to be responsive, and let us know which ports/services you expect to be exposed and responding to discovery probes.