RE: Identifying whether 2 IPs are from the same server

• Previous message: Joachim Schipper: "Re: Identifying whether 2 IPs are from the same server"
• Maybe in reply to: BSK: "Identifying whether 2 IPs are from the same server"
• Next in thread: Franck Veysset: "Re: Identifying whether 2 IPs are from the same server"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Date: Fri, 25 Nov 2005 07:51:30 -0500
To: "BSK" <bishan4u@yahoo.co.uk>, <pen-test@securityfocus.com>

Try to pull banners from both IPs and see if the timestamps match. Obviously if they do match, it could just be that they share a common clock as that is a really good idea. If they don't match, then you have two different machines. It seems that most sites don't actually do very well at getting their clocks synced. -----Original Message----- From: BSK [mailto:bishan4u@yahoo.co.uk] Sent: Thursday, November 24, 2005 8:59 AM To: pen-test@securityfocus.com Subject: Identifying whether 2 IPs are from the same server Hello, I am doing a Penetration Testing for 2 IP addresses. My findings till now for both the servers are exactly same. I strongly feel that both the IPs belong to the same machine. May be a scenario where two NICs are on the same machine with two Public IPs. I ran HPING to match their IP IDs but it shows different series for both of them. Is there any other technique that we can use to ascertain such a situation? thank you ___________________________________________________________ WIN ONE OF THREE YAHOO! VESPAS - Enter now! - http://uk.cars.yahoo.com/features/competitions/vespa.html ------------------------------------------------------------------------ ------ Audit your website security with Acunetix Web Vulnerability Scanner: Hackers are concentrating their efforts on attacking applications on your website. Up to 75% of cyber attacks are launched on shopping carts, forms, login pages, dynamic content etc. Firewalls, SSL and locked-down servers are futile against web application hacking. Check your website for vulnerabilities to SQL injection, Cross site scripting and other web attacks before hackers do! Download Trial at: http://www.securityfocus.com/sponsor/pen-test_050831 ------------------------------------------------------------------------ ------- **DISCLAIMER This e-mail message and any files transmitted with it are intended for the use of the individual or entity to which they are addressed and may contain information that is privileged, proprietary and confidential. If you are not the intended recipient, you may not use, copy or disclose to anyone the message or any information contained in the message. If you have received this communication in error, please notify the sender and delete this e-mail message. The contents do not represent the opinion of D&E except to the extent that it relates to their official business.

------------------------------------------------------------------------------
Audit your website security with Acunetix Web Vulnerability Scanner:

Hackers are concentrating their efforts on attacking applications on your
website. Up to 75% of cyber attacks are launched on shopping carts, forms,
login pages, dynamic content etc. Firewalls, SSL and locked-down servers are
futile against web application hacking. Check your website for vulnerabilities
to SQL injection, Cross site scripting and other web attacks before hackers do!
Download Trial at:

http://www.securityfocus.com/sponsor/pen-test_050831
-------------------------------------------------------------------------------

• Previous message: Joachim Schipper: "Re: Identifying whether 2 IPs are from the same server"
• Maybe in reply to: BSK: "Identifying whether 2 IPs are from the same server"
• Next in thread: Franck Veysset: "Re: Identifying whether 2 IPs are from the same server"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]