Penetration Testing mailing list archives
Re: [PEN-TEST] Load Balancing Servers
From: Blaise <blaise () GEEKY NET>
Date: Mon, 25 Sep 2000 17:43:33 -0400
depends on what you are working on. I found that on the Foundry networks systems, it was trivially easy to do a DOS on the IP stack that handled remote admin (eg. the ssh, telnet and web port) This doesn't however affect the switching capabilities. We did it using a straight SYN flood. took down all the ports mentionned. The other big problem was that those services could be dissabled, but the ports stayed open (at least for ssh and telnet, not sure about the web interface) Our final solution was to packet filter any requests going directly to the box and use a serial connection to administer it. Great switches, lousy admin IP stack. (worked on both the ServerIronXL and the BigServerIron)
-----Original Message----- From: Penetration Testers [mailto:PEN-TEST () SECURITYFOCUS COM]On Behalf Of Ian Edwards Sent: Monday, September 25, 2000 9:14 AM To: PEN-TEST () SECURITYFOCUS COM Subject: [PEN-TEST] Load Balancing Servers I have started to come across Load Balancing Servers lately, and am wondering if anyone has any advise/tools when doing Penetration Tests through these servers. Thanks Ian Edwards
Current thread:
- [PEN-TEST] Load Balancing Servers Ian Edwards (Sep 25)
- Re: [PEN-TEST] Load Balancing Servers Blaise (Sep 25)
- [PEN-TEST] SAS70; the process and merit thereof? Craig Anderson (Sep 27)
- Re: [PEN-TEST] SAS70; the process and merit thereof? Tom Litney (Sep 27)
- Re: [PEN-TEST] SAS70; the process and merit thereof? Joe Calloway (Sep 27)
- [PEN-TEST] SAS70; the process and merit thereof? Craig Anderson (Sep 27)
- <Possible follow-ups>
- Re: [PEN-TEST] Load Balancing Servers Justin Schaefer (Sep 27)
- Re: [PEN-TEST] Load Balancing Servers Jens Knoell (Sep 27)
- Re: [PEN-TEST] Load Balancing Servers Justin Schaefer (Sep 27)
- Re: [PEN-TEST] Load Balancing Servers Gregor Binder (Sep 27)
- Re: [PEN-TEST] Load Balancing Servers Miller Scott Contr 30CS/FTI (Sep 27)
- Re: [PEN-TEST] Load Balancing Servers ollie-infosec (Sep 27)
- Re: [PEN-TEST] Load Balancing Servers Blaise (Sep 25)