Penetration Testing mailing list archives

Previous By Date Next
Previous By Thread Next

Re: [PEN-TEST] Load Balancing Servers

From: Blaise <blaise () GEEKY NET>
Date: Mon, 25 Sep 2000 17:43:33 -0400
depends on what you are working on. I found that on the Foundry networks
systems, it was trivially easy to do a DOS on the IP stack that handled
remote admin (eg. the ssh, telnet and web port) This doesn't however affect
the switching capabilities. We did it using a straight SYN flood. took down
all the ports mentionned. The other big problem was that those services
could be dissabled, but the ports stayed open (at least for ssh and telnet,
not sure about the web interface) Our final solution was to packet filter
any requests going directly to the box and use a serial connection to
administer it. Great switches, lousy admin IP stack. (worked on both the
ServerIronXL and the BigServerIron)



-----Original Message-----
From: Penetration Testers [mailto:PEN-TEST () SECURITYFOCUS COM]On Behalf
Of Ian Edwards
Sent: Monday, September 25, 2000 9:14 AM
To: PEN-TEST () SECURITYFOCUS COM
Subject: [PEN-TEST] Load Balancing Servers


I have started to come across Load Balancing Servers lately, and am
wondering if anyone has any advise/tools when doing Penetration Tests
through these servers.

Thanks

Ian Edwards
Previous By Date Next
Previous By Thread Next

Current thread: