Penetration Testing mailing list archives
RE: Securing web site with redundancy ?
From: "Ivan Groenewald" <ivang2 () xtrahost co uk>
Date: Tue, 24 Aug 2004 14:16:07 +0100
In Windows 2003 there is built in network load balancing that works with IIS6. (MS NLB) http://www.microsoft.com/resources/documentation/IIS/6/all/techref/en-us/iis RG_SCA_4.mspx In 2000 with IIS5 you can do webserver clustering from within IIS http://www.microsoft.com/windows2000/en/server/iis/default.asp?url=/windows2 000/en/server/iis/htm/core/iiclusus.htm Alternatively a hardware solution like a Cisco CSS 11500 would also do. Ivan -----Original Message----- From: Josh Tolley [mailto:josh () raintreeinc com] Sent: 20 August 2004 23:51 To: Bénoni MARTIN Cc: security-basics () securityfocus com; pen-test () securityfocus com Subject: Re: Securing web site with redundancy ? There are loads of such options -- if you like Linux, the LVS project will do what you want. You might also look at heartbeat and mon, also linux utils. I couldn't tell you what commercial options you might want to use other than Windows clustering, which would do this as well. For that you may require some sort of shared storage, and a switch that's compatible -- it can do some funny things with arp, which really confuses a lot of switches (ours, for example, which has decided to broadcast all traffic to our cluster all over our LAN, which makes it a huge pain to use. Perhaps we have it configured wrong, but I haven't had time to look at it much). Josh Tolley Raintree Systems, Inc. http://www.raintreeinc.com 760 509 9000 Bénoni MARTIN wrote:
Hi all ! I was wondering if there was a way to set up 2 "redundant" web servers
(identical web sites), i.e. when one crashes, the other one takes the connection over. The same thing which is already available for firewalls (high disponibility), but with web servers.
We would have 2 Windozes in a DMZ with IIS as the web server, and a pix
firewall between the dmz and Internet. Is there any tool allowing this out there ? I tried to google quite a while, but without any chance...
Some one has an idea ? Cheers list !
---------------------------------------------------------------------------- --
Ethical Hacking at the InfoSec Institute. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors. Check out our Advanced Hacking course, learn to write exploits and attack security infrastructure. Attend a
course
taught by an expert instructor with years of in-the-field pen testing experience in our state of the art hacking lab. Master the skills of an Ethical Hacker to better assess the security of your organization. http://www.securityfocus.com/sponsor/InfoSecInstitute_pen-test_040817
---------------------------------------------------------------------------- ---
--------------------------------------------------------------------------- Computer Forensics Training at the InfoSec Institute. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors. Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse so that it never happens again. http://www.securityfocus.com/sponsor/InfoSecInstitute_security-basics_040817 ---------------------------------------------------------------------------- ------------------------------------------------------------------------------ Ethical Hacking at the InfoSec Institute. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors. Check out our Advanced Hacking course, learn to write exploits and attack security infrastructure. Attend a course taught by an expert instructor with years of in-the-field pen testing experience in our state of the art hacking lab. Master the skills of an Ethical Hacker to better assess the security of your organization. http://www.infosecinstitute.com/courses/ethical_hacking_training.html -------------------------------------------------------------------------------
Current thread:
- Securing web site with redundancy ? Bénoni MARTIN (Aug 20)
- Re: Securing web site with redundancy ? Ivan Krstic (Aug 21)
- Re: Securing web site with redundancy ? _ (Aug 21)
- Re[2]: Securing web site with redundancy ? Äóäíàêîâ Ñåðãåé Âÿ÷åñëàâîâè÷ (Aug 22)
- Re: Securing web site with redundancy ? John Kinsella (Aug 21)
- Re: Securing web site with redundancy ? Josh Tolley (Aug 21)
- Re: Securing web site with redundancy ? Jose Maria Lopez (Aug 24)
- RE: Securing web site with redundancy ? Ivan Groenewald (Aug 24)
- Re: Securing web site with redundancy ? Ben Timby (Aug 21)
- Re: Securing web site with redundancy ? A.R. (Aug 21)
- RE: Securing web site with redundancy ? Corey Watts-Jones (Aug 22)
- Re: Securing web site with redundancy ? Volker Tanger (Aug 23)
- Re: Securing web site with redundancy ? aditya shah (Aug 24)
- Re: Securing web site with redundancy ? Volker Tanger (Aug 23)
- <Possible follow-ups>
- RE: Securing web site with redundancy ? Andrew Cathrow (Aug 23)
- RE: Securing web site with redundancy ? Depp, Dennis M. (Aug 23)
- RE: Securing web site with redundancy ? Bénoni MARTIN (Aug 23)
- RE: Securing web site with redundancy ? David Schenz (Aug 24)
- RE: Securing web site with redundancy ? Beaty, Bryan (Aug 24)
(Thread continues...)
- Re: Securing web site with redundancy ? Ivan Krstic (Aug 21)