Penetration Testing mailing list archives
[PT] Load Balancers?
From: BSK <bishan4u () yahoo co uk>
Date: Tue, 4 Oct 2005 09:35:29 +0100 (BST)
Dear All, I'm doing a Blackbox PT for one of our clients, for their website. I noticed a scenario which I would like to discuss with you and get your opinion. I got their IP by pinging the website address. I cancelled the first ping and executed the second ping immediately. The resolved address remains the same but the domain name changes. Below are the sample results, with real names changed: # ping dummy.com PING www.dummy.com (xxx.xxx.xxx.xxx) 56(84) bytes of data 64 bytes from www.dummy.com (xxx.xxx.xxx.xxx): icmp_seq=0 ttl=109 time=351 ms # ping dummy.com PING pummy.net (xxx.xxx.xxx.xxx) 56(84) bytes of data 64 bytes from pummy.net (xxx.xxx.xxx.xxx): icmp_seq=0 ttl=109 time=351 ms # ping dummy.com PING www.suffy.cc (xxx.xxx.xxx.xxx) 56(84) bytes of data 64 bytes from www.suffy.cc (xxx.xxx.xxx.xxx): icmp_seq=0 ttl=109 time=351 ms When I repeat the same process for pummy.net, I get same results. I think its a server collocation or load balancing done on xxx.xxx.xxx.xxx. All dummy.com, suffy.cc and pummy.net show the same website when seen thru the web browser. Await your inputs. Thanks, Bshan ___________________________________________________________ How much free photo storage do you get? Store your holiday snaps for FREE with Yahoo! Photos http://uk.photos.yahoo.com ------------------------------------------------------------------------------ Audit your website security with Acunetix Web Vulnerability Scanner: Hackers are concentrating their efforts on attacking applications on your website. Up to 75% of cyber attacks are launched on shopping carts, forms, login pages, dynamic content etc. Firewalls, SSL and locked-down servers are futile against web application hacking. Check your website for vulnerabilities to SQL injection, Cross site scripting and other web attacks before hackers do! Download Trial at: http://www.securityfocus.com/sponsor/pen-test_050831 -------------------------------------------------------------------------------
Current thread:
- [PT] Load Balancers? BSK (Oct 05)
- Re: [PT] Load Balancers? Jerome Athias (Oct 05)
- Re: [PT] Load Balancers? Thierry Zoller (Oct 05)
- <Possible follow-ups>
- RE: [PT] Load Balancers? James Williams (Oct 05)