• Identifying Load Balancers - How to tell if the target host is behind a load balancer

    Credits to Joe McCray and his Defcon 18 talk

    1. Use dig command
    Look for multiple addresses resolving to one domain name.

    2. Sites like netcraft.com can be used to check for a ip details. If things like F5 BigIP appear, most probably the host is load balanced.

    3. Firefox Live HTTP Headers Add-on can be used to notice change in response headers. Make some generic request twice and notice change in response header. Things like IIS Server 6.0 in 1st response and IIS Server 7.0 in 2nd response indicates it is load balanced.

    Also, Look for modifications such as :
    BIGipServerOS in cookie
    nnCoection : close
    Cneonction : close

    4. A shell script that detects load balancer
    :: ge.mine.nu ::

    5. A python script that detects load balancer
    This article was originally published in blog: Identifying Load Balancers - How to tell if the target host is behind a load balancer started by abhaythehero
    Comments 2 Comments
    1. j0emccray's Avatar
      j0emccray -
      Wow, nice article and video demos of the techniques. Thanks for giving me credit in this article - I really appreciate it. This is my first time coming to the Garage4Hackers website. It looks pretty good. Keep up the good work, and keep providing good content for the community. I was doing some googling for exploit dev stuff and came across several posts from 'vinnu' - he seems to be pretty good. I don't know who is running this site, but whoever you are as well as all of the contributors - AWESOME JOB!!!!!!!!!!!!!! Joe McCray Toll Free: 1-866-892-2132 Email: joe@strategicsec.com LinkedIn: Joe McCray | LinkedIn Twitter: Joseph McCray (@j0emccray) on Twitter Slideshare: Joseph McCray Presentations Channel GPG Key: http://strategicsec.com/JoeStrategicSec_Public.key Website: http://strategicsec.com
    1. abhaythehero's Avatar
      abhaythehero -
      Thanks for the encouragement I would also take this opportunity to thank you for some of your excellent talks and slides. Welcome to the forum and we wish that you will enjoy your stay.
  • G4H Facebook

  • G4H Twitter