Re: Identifying whether 2 IPs are from the same server

[Joachim Schipper <j.schipper () math uu nl>]

On Thu, Nov 24, 2005 at 01:58:58PM +0000, BSK wrote:
> Hello,
>
> I am doing a Penetration Testing for 2 IP addresses.
> My findings till now for both the servers are exactly
> same. I strongly feel that both the IPs belong to the
> same machine. May be a scenario where two NICs are on
> the same machine with two Public IPs. I ran HPING to
> match their IP IDs but it shows different series for
> both of them.
>
> Is there any other technique that we can use to
> ascertain such a situation?
>
> thank you

If you can cause high system load in some way other than flooding all
the bandwidth, you could try correlating the responsiveness of interface
#2 with the amount of stuff sent to interface #1.

However, it's not impossible that you are looking at two
identically-configured servers...

                Joachim

------------------------------------------------------------------------------
Audit your website security with Acunetix Web Vulnerability Scanner: 

Hackers are concentrating their efforts on attacking applications on your 
website. Up to 75% of cyber attacks are launched on shopping carts, forms, 
login pages, dynamic content etc. Firewalls, SSL and locked-down servers are 
futile against web application hacking. Check your website for vulnerabilities 
to SQL injection, Cross site scripting and other web attacks before hackers do! 
Download Trial at:

http://www.securityfocus.com/sponsor/pen-test_050831
-------------------------------------------------------------------------------