Re: [PT] Load Balancers?
From: Jerome Athias (jerome.athias_at_free.fr)
Date: 10/06/05
- Previous message: contact_at_webappsec.org: "WASC Threat Classification in 4 languages"
- In reply to: BSK: "[PT] Load Balancers?"
- Next in thread: Thierry Zoller: "Re: [PT] Load Balancers?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Thu, 06 Oct 2005 00:24:24 +0200 To: BSK <bishan4u@yahoo.co.uk>
Hi,
does an nmap -V give an F5 Labs... ?
BSK wrote:
>Dear All,
>
>I'm doing a Blackbox PT for one of our clients, for
>their website. I noticed a scenario which I would like
>to discuss with you and get your opinion.
>
>I got their IP by pinging the website address. I
>cancelled the first ping and executed the second ping
>immediately. The resolved address remains the same but
>the domain name changes. Below are the sample results,
>with real names changed:
>
># ping dummy.com
>PING www.dummy.com (xxx.xxx.xxx.xxx) 56(84) bytes of
>data
>64 bytes from www.dummy.com (xxx.xxx.xxx.xxx):
>icmp_seq=0 ttl=109 time=351 ms
>
># ping dummy.com
>PING pummy.net (xxx.xxx.xxx.xxx) 56(84) bytes of data
>64 bytes from pummy.net (xxx.xxx.xxx.xxx): icmp_seq=0
>ttl=109 time=351 ms
>
># ping dummy.com
>PING www.suffy.cc (xxx.xxx.xxx.xxx) 56(84) bytes of
>data
>64 bytes from www.suffy.cc (xxx.xxx.xxx.xxx):
>icmp_seq=0 ttl=109 time=351 ms
>
>When I repeat the same process for pummy.net, I get
>same results.
>
>I think its a server collocation or load balancing
>done on xxx.xxx.xxx.xxx.
>
>All dummy.com, suffy.cc and pummy.net show the same
>website when seen thru the web browser.
>
>Await your inputs.
>
>Thanks,
>Bshan
>
>
>
>___________________________________________________________
>How much free photo storage do you get? Store your holiday
>snaps for FREE with Yahoo! Photos http://uk.photos.yahoo.com
>
>------------------------------------------------------------------------------
>Audit your website security with Acunetix Web Vulnerability Scanner:
>
>Hackers are concentrating their efforts on attacking applications on your
>website. Up to 75% of cyber attacks are launched on shopping carts, forms,
>login pages, dynamic content etc. Firewalls, SSL and locked-down servers are
>futile against web application hacking. Check your website for vulnerabilities
>to SQL injection, Cross site scripting and other web attacks before hackers do!
>Download Trial at:
>
>http://www.securityfocus.com/sponsor/pen-test_050831
>-------------------------------------------------------------------------------
>
>
>
>
>
- application/x-pkcs7-signature attachment: S/MIME Cryptographic Signature
- Previous message: contact_at_webappsec.org: "WASC Threat Classification in 4 languages"
- In reply to: BSK: "[PT] Load Balancers?"
- Next in thread: Thierry Zoller: "Re: [PT] Load Balancers?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
|
