Re: [PEN-TEST] Load Balancing Servers

[Justin Schaefer <JustinS () SCREAMINGMEDIA COM>]

You are entirely correct, i was just explaining the concept behind load
balancing servers. Generally this prevents users from obtainign a direct
network connection to one of the machines. However if you are testing for a
web based vulnerability for example, just treat is as one server. I havnet
found anyone yet that load balances across non identical servers. :)

-Justin

-----Original Message-----
From: Jens Knoell [mailto:jens () ING TWINWAVE NET]
Sent: Wednesday, September 27, 2000 11:02 AM
To: PEN-TEST () SECURITYFOCUS COM
Subject: Re: [PEN-TEST] Load Balancing Servers


From: "Justin Schaefer" <JustinS () SCREAMINGMEDIA COM>
> I assume you're talking about a box such as a cisco local director. These
> boxes basically act as a transparent bridge between two networks.
generally
> they are set up on an interal network and NATed to an external address.
The
> actual site being hit from outside points to the external ip of the local
> director. the local director then hits the internal servers, on their
> internal addresses. So, if this is correct, you should not be able to hit
> the internal servers directly from outside. Hope that helps.

That's not entirely true... the problem is more that you cannot select which
server you attack. Assuming that load balancing servers are all mirrors of
each other, it shouldn't really matter what you test. Find a
vulnerability/weakness on one server, and you can more or less assume you
got the same problem on the mirrors too.

Jens