Load Balancer basically helps to distribute the network traffic across the multiple servers to improve the network, application performance. the Reconnaissance work on target to find out target domain has a load balancer so that penetration testing does not misdirect your probs or attacks.

So Its recommended to check the domain has a Load balancer, Intrusion Prevention system, Reverse Proxies, Firewalls or content switches all these things will cause false results on security scans.

Load Balancer:

  • Load Balancer acts as a reverse proxy which distributes application or network traffic across a number of servers.
  • It ensures reliability and availability by monitoring the health of the application and sending a request server or application that can respond in a timely manner.
  • Load balancers are found in the network and transport layer (IP, TCP, FTP, UDP) and application layer (HTTP)

Standard Industry algorithm:

  • Round-robin load balancing is one of the simplest methods for distributing client requests across a group of servers. Going down the list of servers in the group, the round-robin load balancer forwards a client request to each server in turn.

 

EHA
  • Does not always result in the accurate or efficient distribution of traffic, because many round-robin load balancers assume that all servers are the same: currently up, currently handling the same load, and with the same storage and computing capacity.
  • Weighted round robin – A weight is assigned to each server based on criteria chosen by the site administrator, most commonly used criterion is the server’s traffic-handling capacity.

  • Least Connections: If two servers in a cluster have exactly the same specification, one server can still get overloaded considerably faster than the other.

  • Random Connections: load balancer receives a large number of requests, a Random algorithm will be able to distribute the requests evenly to the nodes.

Load Balancer Check:

Load Balancer

  • Above figure illustrator that we have successfully found the Loadbalancer on the target domain.
  • Type lbd followed by the target domain name.Ex: lbd tamilrockers.pl
  • We have found HTTP & DNS load balancers for tamilrockers.pl domain.

Before we start penetration testing. It’s mandatory to do this Reconnaissance work on the target domain to detect possible Network & Application Security devices.

You can follow us on LinkedinTwitterFacebook for daily Cybersecurity updates also you can take the Best Ethical Hacking course online to boost your cyer security career.

LEAVE A REPLY

Please enter your comment!
Please enter your name here