Home page logo
/

pen-test logo Penetration Testing mailing list archives

Re: [PEN-TEST] Load Balancing Servers
From: Jens Knoell <jens () ING TWINWAVE NET>
Date: Wed, 27 Sep 2000 17:01:57 +0200

From: "Justin Schaefer" <JustinS () SCREAMINGMEDIA COM>
I assume you're talking about a box such as a cisco local director. These
boxes basically act as a transparent bridge between two networks.
generally
they are set up on an interal network and NATed to an external address.
The
actual site being hit from outside points to the external ip of the local
director. the local director then hits the internal servers, on their
internal addresses. So, if this is correct, you should not be able to hit
the internal servers directly from outside. Hope that helps.

That's not entirely true... the problem is more that you cannot select which
server you attack. Assuming that load balancing servers are all mirrors of
each other, it shouldn't really matter what you test. Find a
vulnerability/weakness on one server, and you can more or less assume you
got the same problem on the mirrors too.

Jens


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]