lbd -load balancing detector
Load balancing is the practice of distributing traffic across multiple servers, in order to increase performance and reliability. With multiple servers offering the same resources, single points of failure are eliminated, and availability is increased. Load balancers may be set up in a way that users from certain geographic locations are sent to specific servers, in order to increase the speed of access.
Load balancing introduces some issue in penetration tests, because it interferes with the accuracy of the testing. This is why it’s important to establish whether load balancers are in place, and if there are, taking that into account when performing the tests and writing the reports.
lbd (load balancing detector) is a Kali tool that is useful for determining the presence of load balancing.
DNS load balancing
In DNS load balancing, a system has a list of IPs that can respond to requests. When you request a resource, you hit on one of these IPs, and you need to test further to identify the exact target. If your target is example.com, and 3 IPs are serving that, when you find a vulnerability, you still have to determine which of these addresses is the vulnerable one (or if all are).
HTTP load balancing
One of the ways HTTP load balancing can be achieved is through cookies. This comes in handy in online stores and other such web applications that need to identify a client and send it to the same specific resource
lbd Usage Example
Test to see if the target domain (example.com) is using a load balancer:
lbd - load balancing detector 0.1 - Checks if a given domain uses load-balancing.
Written by Stefan Behte (http://ge.mine.nu)
Proof-of-concept! Might give false positives.
Checking for DNS-Loadbalancing: NOT FOUND
Checking for HTTP-Loadbalancing [Server]:
ECS (sea/55ED)
ECS (sea/1C15)
FOUND
No comments