Error Messages
The following table lists the error messages that you may see while scanning in Tenable Nessus, and how Tenable recommends that you resolve each error. For more information about creating, modifying, and launching scans, see Scans.
| Warning | Description | Recommended Action |
|---|---|---|
| No valid targets in list | There were no valid targets in the scan's target list. |
Verify that the scan’s target list contains one or more targets in valid Tenable Nessus Scan Target format. Check your target rules file to determine whether the targets are prohibited. Adjust the scan’s target list to ensure at least one valid, permitted target is present and re-scan. |
| Can't resolve target [target name] | Tenable Nessus could not resolve the target IP address. | Verify the target name is correct, then verify that a DNS entry exists and is correct for the target. Once the target name and DNS entries are correct, re-scan. |
| Unparseable target [target name] | Tenable Nessus did not scan the target because the name did not match any valid target specification. | Correct the target name to conform to one of the valid Tenable Nessus Scan Target formats. |
| Restricted target [target name] | Tenable Nessus did not scan the target because the IP address is not scannable (for example, 0.0.0.0). | Remove the target from the scan’s target list. |
| Rejected attempt to scan [target], as it violates user-defined rules | Tenable Nessus cannot scan the target due to user-specified scanning restrictions. | Remove the target from the scan’s target list or adjust the target rules file. |
| The allowed number of live hosts scanned with Nessus Essentials has been reached - please contact Tenable to upgrade your license. | Tenable Nessus did not scan the target because the number of targets for a single scan exceeded the maximum allowed under the Tenable Nessus Essentials licensing terms. | Reduce the number of targets in the scan, or upgrade Tenable Nessus. |
| The licensed number of live hosts scanned has been reached - please contact Tenable to upgrade your license. | Tenable Nessus did not scan the target because the number of targets for a single scan exceeded the maximum allowed under the Tenable Nessus licensing terms. | Reduce the number of targets in the scan, or upgrade Tenable Nessus. |
| Your current Nessus scanner license limits your scans to [count] live IP addresses. You've now scanned over [count] different IP addresses over time, and Nessus will not let you scan any additional hosts. In order to increase this limit, please contact Tenable to upgrade your license. | Tenable Nessus did not scan the target because the cumulative number of unique targets across all scans exceeded the maximum allowed under the Tenable Nessus Essentials licensing terms. | Remove targets from the scan to conform to the licensing terms, or upgrade Tenable Nessus. |
| Your current Nessus scanner license limits your scans to [count] live IP addresses. You've now scanned over [count] different IP addresses over time, and Nessus will not let you scan any additional hosts. In order to increase this limit, please contact Tenable to upgrade your license. | Tenable Nessus did not scan the target because the cumulative number of unique targets across all scans exceeded the maximum allowed under the Tenable Nessus evaluation license terms. | Remove targets from the scan to conform to the licensing terms, or upgrade Tenable Nessus. |
| Your current Nessus scanner license limits your scans to [count] live IP addresses. You've now scanned over [count] different IP addresses, and Nessus will not let you scan any additional hosts. In order to increase this limit, please contact Tenable. | Tenable Nessus did not scan the target because the cumulative number of unique targets across all scans exceeded the maximum allowed under the Nessus license terms. | Remove targets from the scan to conform to the licensing terms, or upgrade Tenable Nessus. |
|
The network interface [interface] does not support packet forgery This prevents Nessus from determining whether some of the target hosts are alive and from performing a full port scan against them. |
Tenable Nessus attempted to establish a session for sending or receiving raw IP packets, but failed. |
Tenable recommends scanning over a different network interface. You may be able to resolve this problem by disabling the Ping the remote host scan setting and providing Tenable Nessus with credentials to the remote host to prevent a port scan from taking place. |
| VMware Fusion does not support packet forgery from the host OS to the target OSs. This prevents Nessus from determining whether some of the target hosts are alive and from performing a full port scan against them. If you want to scan your targets within VMware Fusion, either scan them from a different host or install Nessus in a Fusion VM and scan them from there. | The Tenable Nessus scanner was installed in an unsupported VMWare Fusion configuration. | Install Tenable Nessus on a different host. |
| The network interface [interface] was not always available for packet forgery, which may lead to incomplete results. This is likely to be a transient error due to a lack of resources on this host. To correct this error, reduce the number of scans and/or hosts scanned in parallel. | Packet forgery succeeded at least once on the reported interface, but a subsequent attempt to open a packet forgery session failed. |
Verify the current values of, and adjust, the Tenable Nessus Advanced Settings related to scanner performance. If the problem persists, report the issue to Tenable. Include the full contents of the scanner logs nessusd.messages and nessusd.dump in the report. |
| A packet with actual length of [length] bytes was truncated to [truncated length] bytes. The current snapshot length of [snapshot length] for interface [interface name] is too small. Consider either setting the pcap.snaplen preference to at least [%] or ensuring your network is configured so that packets received by the OS are not greater than the device's MTU | Tenable Nessus attempts to capture raw IP packets for analysis during a scan. This error can occur when the received packet is larger than expected and is truncated. In rare circumstances, this may affect the accuracy of scan results. | Verify the current values of, and adjust, the Tenable Nessus Advanced Settings related to scanning. |
| [target] has been turned off, crashed or became unreachable during the audit – scan was interrupted prior to completion |
Tenable Nessus determined that the target was alive, and began scanning. During the scan, the target stopped responding, and the scanner terminated the scan for that target only. The scan results may be incomplete. This may be the result of a temporary network disruption, a service that failed or restarted on the target, or the target may have crashed or been removed from the network. |
Verify that the target is active and running. Check any running services and start or restart as needed. Once the target is determined to be active, re-scan. |
| Some network congestion was detected during the scan. This may indicate that one or more of the remote hosts are connected through a connection that does not have enough bandwidth to cope with this scan. To reduce the risk of congestion: - Reduce 'max hosts' to a lower value - Increase the 'network read timeout' in your policy | There were intermittent failures to connect to a target port that is known to be open. |
Verify the current values of, and adjust, the Tenable NessusAdvanced Settings related to scanner performance. Increase the Network timeout setting in the scan policy, then re-scan. |
| Scan not started for Nessus Agent [agent name] | During an agent scan, the agent did not start the scan. |
Check whether the agent is present on the network. Verify network connectivity between the agent and the Tenable Nessus Manager/Tenable Vulnerability Management. Re-run the agent scan once you verify the agent is online. |
| [count] Nessus Agents didn't start scan: [agent names] | During an agent scan, the agent did not start the scan. |
Check whether each agent is present on the network. Verify network connectivity between the agents and the Tenable Nessus Manager/Tenable Vulnerability Management. Re-run the agent scan once you verify the agents are online. |
| Scan not completed for Nessus Agent [agent name] at [agent IP] | During an agent scan, the agent did not report a scan result. |
Check whether the agent is present on the network. Verify network connectivity between the agent and the Tenable Nessus Manager/Tenable Vulnerability Management. Re-run the agent scan once you verify the agent is online. |
| [count] Nessus Agents didn't complete scan: [agent names] | During an agent scan, the agents did not report a scan result. |
Check whether each agent is present on the network. Verify network connectivity between the agents and the Tenable Nessus Manager/Tenable Vulnerability Management. Re-run the agent scan once you verify the agents are online. |
| [count] Nessus Agents aborted scan: [agent names] | During an agent scan, the agents aborted the scan. | |
| Failed to import scan results from remote scanner | A managed Tenable Nessus scanner uploaded a scan result to Tenable Nessus Manager, but Tenable Nessus Manager could not process the scan result. | Check if Tenable Nessus Manager has enough disk space, or if the scan result uploaded by the scanner is corrupted due to network or disk errors. |
| Failed to import scan results from remote Nessus Agent [agent name] at [agent IP] - [error] |
An agent uploaded a scan result to either a cluster child node or Tenable Nessus Manager, but the scan result could not be processed. |
Check if Tenable Nessus Manager has enough disk space, or if the scan result uploaded by the scanner is corrupted due to network or disk errors. |
| Failed to import scan results from remote node |
In a clustered scan, a cluster "child node" is a Tenable Nessus scanner that manages agents, and is managed by a Tenable Nessus Manager. This error happens when a scan result is uploaded by a child node to a Tenable Nessus Manager, but the result processing fails. |
Check if Tenable Nessus Manager has enough disk space, or if the scan result uploaded by the scanner is corrupted due to network or disk errors. |
| The scan report file was not found | A plugin attempted to attach a file to a scan result, but the file does not exist. | Check the disk space on the scanner. If there is insufficient space, make room by removing unneeded files, or by adding disk space. |
| The scan report was [size] which is greater than the [max size] threshold for attaching. | A plugin attempted to attach a file to a scan result, but the file is too large. | Try adjusting the attached_report_maximum_size setting. If it is over 50MB, try to filter out the results in the report to reduce the size. |
| This audit has been deprecated and was not executed: [audit file name] | A Tenable Nessus Compliance Audit scan specified an audit file that is no longer supported. The scan will proceed, but the deprecated audit file will be skipped. | Remove the deprecated audit from the scan settings. |
| It was not possible to email this scan: [error] | Tenable Nessus has been configured to email scan results when a scan has completed, but the attempt to email the results failed. | Check that the configured email address and server are correct, and that the server is online and can be reached from the scanner. |
| [varies] | A plugin reported an error. | |
| Portscanner max ports exceeded | Warning: portscanners have found more than [number of ports] open for [target], and the number of reported ports has been truncated to [number of ports] (threshold controlled by scanner preference portscanner.max_ports). Usually this is due to intervening network equipment intercepting and responding to connection requests as a countermeasure against port scanning or other potentially malicious activity. Since this negatively impacts both scan accuracy and performance, you may want to adjust your network security configuration to disable this behavior for vulnerability scans. | Adjust your network security configuration or the portscanner.max_ports preference. |
| Report max ports exceeded | Warning: [ports] were found to be open for [target] - since this exceeds the threshold of [number of ports] (controlled by scanner preference report.max_ports), these results have been removed from the scan report. Usually this is due to intervening network equipment intercepting and responding to connection requests as a countermeasure against portscanning or other potentially malicious activity. Since this negatively impacts both scan accuracy and performance, you may want to adjust your network security configuration to disable this behavior for vulnerability scans. | Adjust your network security configuration or the report.max_ports preference. |
| SYN scanner timeout | The SYN port scan against [targets] timed out after [number of seconds] - TCP port results may be incomplete. |
The SYN port scanners can run slowly under certain circumstances. The most frequent causes are poor network connectivity between the scanner and the host being scanned, and the configuration of boundary devices such as firewalls. Take one of the following actions:
Contact Tenable Support for guidance on how to increase the timeout. |
| TCP scanner timeout | The TCP port scan against [targets] timed out after [number of seconds] - TCP port results may be incomplete. |
The TCP port scanners can run slowly under certain circumstances. The most frequent causes are poor network connectivity between the scanner and the host being scanned, and the configuration of boundary devices such as firewalls. Take one of the following actions:
Contact Tenable Support for guidance on how to increase the timeout. |
| UDP scanner timeout | The UDP port scan against [targets] timed out after [number of seconds] - UDP port results may be incomplete. |
The UDP port scanner is known to run for more than 24 hours under some circumstances. Therefore, Tenable recommends using the SYN scanner instead. If you cannot use the SYN scanner due to policy or technical reasons, either reduce the number of ports scanned or increase the UDP port scanner timeout. Contact Tenable Support for guidance on how to increase the timeout.
Note: For scans executed on Tenable cloud scanners, the UDP port timeout is fixed at eight hours to prevent scan timeouts and other undesirable performance effects. |