Penetration Testing mailing list archives
Re: Testing load balanced servers behind NAT
From: Carlos Carvalho <carlos () fisica ufpr br>
Date: Sat, 8 Sep 2001 12:17:54 -0300
Alex Butcher (alex () s3 integralis co uk) wrote on 7 September 2001 10:08:
Andrew Koh wrote:On getting internal IP: Besides misconfigured DNS and snmp, are there any other ways to find out internal host IP?Sometimes requesting non-existent files using HTTP (you don't say the servers are running this, but...) can reveal internal IP addresses in the error messages.
Sometimes email headers also reveal internal IPs or hostnames, such as our case right now. However I don't see the usefulness of having internal IPs, since they're unreachable from the outside anyway. And once you're inside, it's not at all a secret... ---------------------------------------------------------------------------- This list is provided by the SecurityFocus Security Intelligence Alert (SIA) Service. For more information on SecurityFocus' SIA service which automatically alerts you to the latest security vulnerabilities please see: https://alerts.securityfocus.com/
Current thread:
- Testing load balanced servers behind NAT Andrew Koh (Sep 06)
- Re: Testing load balanced servers behind NAT Bill Pennington (Sep 06)
- Re: Testing load balanced servers behind NAT Alex Butcher (Sep 07)
- Re: Testing load balanced servers behind NAT Carlos Carvalho (Sep 10)
- RE: Testing load balanced servers behind NAT Javier Megias (Sep 07)