Nmap Security Scanner
*Intro
*Ref Guide
*Install Guide
*Download
*Changelog
*Book
*Docs
Security Lists
*Nmap Hackers
*Nmap Dev
*Bugtraq
*Full Disclosure
*Pen Test
*Basics
*More
Security Tools
*Pass crackers
*Sniffers
*Vuln Scanners
*Web scanners
*Wireless
*Exploitation
*Packet crafters
*More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:
edgeos



Penetration Testing: Re: [PT] Load Balancers?

Re: [PT] Load Balancers?

From: Jerome Athias <jerome.athias_at_free.fr>
Date: Thu, 06 Oct 2005 00:24:24 +0200

Hi,

does an nmap -V give an F5 Labs... ?

BSK wrote:

>Dear All,
>
>I'm doing a Blackbox PT for one of our clients, for
>their website. I noticed a scenario which I would like
>to discuss with you and get your opinion.
>
>I got their IP by pinging the website address. I
>cancelled the first ping and executed the second ping
>immediately. The resolved address remains the same but
>the domain name changes. Below are the sample results,
>with real names changed:
>
># ping dummy.com
>PING www.dummy.com (xxx.xxx.xxx.xxx) 56(84) bytes of
>data
>64 bytes from www.dummy.com (xxx.xxx.xxx.xxx):
>icmp_seq=0 ttl=109 time=351 ms
>
># ping dummy.com
>PING pummy.net (xxx.xxx.xxx.xxx) 56(84) bytes of data
>64 bytes from pummy.net (xxx.xxx.xxx.xxx): icmp_seq=0
>ttl=109 time=351 ms
>
># ping dummy.com
>PING www.suffy.cc (xxx.xxx.xxx.xxx) 56(84) bytes of
>data
>64 bytes from www.suffy.cc (xxx.xxx.xxx.xxx):
>icmp_seq=0 ttl=109 time=351 ms
>
>When I repeat the same process for pummy.net, I get
>same results.
>
>I think its a server collocation or load balancing
>done on xxx.xxx.xxx.xxx.
>
>All dummy.com, suffy.cc and pummy.net show the same
>website when seen thru the web browser.
>
>Await your inputs.
>
>Thanks,
>Bshan
>
>
>
>___________________________________________________________
>How much free photo storage do you get? Store your holiday
>snaps for FREE with Yahoo! Photos http://uk.photos.yahoo.com
>
>------------------------------------------------------------------------------
>Audit your website security with Acunetix Web Vulnerability Scanner:
>
>Hackers are concentrating their efforts on attacking applications on your
>website. Up to 75% of cyber attacks are launched on shopping carts, forms,
>login pages, dynamic content etc. Firewalls, SSL and locked-down servers are
>futile against web application hacking. Check your website for vulnerabilities
>to SQL injection, Cross site scripting and other web attacks before hackers do!
>Download Trial at:
>
>http://www.securityfocus.com/sponsor/pen-test_050831
>-------------------------------------------------------------------------------
>
>
>
>
>

Received on Oct 05 2005
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
edgeos