Re: Confirmation on Loadbalancing

From: Tim (tim-pentest_at_sentinelchicken.org)
Date: 10/23/05

  • Next message: BSK: "Blocking Port scans" 
    Date: Sun, 23 Oct 2005 16:42:46 -0400
To: BSK <bishan4u@yahoo.co.uk>

    > B> Is it a load balancing firewall / firewall in failover
    > B> mode or Cisco PIX is generating a randor IPID?
    >
    > Probably yes, check also
    > - ISN changes
    > - Window size
    > - TTL changes (open ports..may indicate NAT/LB)
    > - TOS
    > - etc all fields which may change on different machines

    Hello,

    I've never tried this, but you could also try inducing connections back
    to yourself from those servers. For instance, if mail servers perform
    reverse DNS lookups or if you can get a border mail relay to accept a
    message that you know will bounce later, then you might be able to get
    those servers to come back through the firewall to you. Since hosts
    often allocate source ports in sequence and NAPT systems don't normally
    re-write source ports unless there is a conflict, you might be able to
    tell if there are multiple systems connecting back to you.

    Probably a lot harder to pull off than the suggestions above though.

    tim

    ------------------------------------------------------------------------------
    Audit your website security with Acunetix Web Vulnerability Scanner:

    Hackers are concentrating their efforts on attacking applications on your
    website. Up to 75% of cyber attacks are launched on shopping carts, forms,
    login pages, dynamic content etc. Firewalls, SSL and locked-down servers are
    futile against web application hacking. Check your website for vulnerabilities
    to SQL injection, Cross site scripting and other web attacks before hackers do!
    Download Trial at:

    http://www.securityfocus.com/sponsor/pen-test_050831
    -------------------------------------------------------------------------------

  • Next message: BSK: "Blocking Port scans"

    Relevant Pages

    • RE: 3rd party vuln assesment firms
      ... > "We use the same tools hackers bring to bear against your systems. ... >> I'm looking for a firm to conduct annual 3rd party vulnerability ... Up to 75% of cyber attacks are launched on shopping ... >> your website for vulnerabilities to SQL injection, ...
      (Pen-Test)
    • Re: Active Directory user enumeration
      ... > Audit your website security with Acunetix Web Vulnerability Scanner: ... > login pages, dynamic content etc. Firewalls, SSL and locked-down servers are ... Cross site scripting and other web attacks before hackers do! ...
      (Pen-Test)
    • RE: Getting Printer IP Addresses Prior to Pen Testing - Question About DHCP
      ... Audit your website security with Acunetix Web Vulnerability Scanner: ... Hackers are concentrating their efforts on attacking applications on your ... Up to 75% of cyber attacks are launched on shopping carts, forms, ... login pages, dynamic content etc. Firewalls, SSL and locked-down servers are ...
      (Pen-Test)
    • Re: Ping a mac address
      ... Axis print servers... ... > Audit your website security with Acunetix Web Vulnerability Scanner: ... Cross site scripting and other web attacks before hackers do! ...
      (Pen-Test)
    • RE: 3rd party vuln assesment firms
      ... > "We use the same tools hackers bring to bear against your systems. ... >> I'm looking for a firm to conduct annual 3rd party vulnerability ... Up to 75% of cyber attacks are launched on shopping ... >> your website for vulnerabilities to SQL injection, ...
      (Pen-Test)