RE: Securing web site with redundancy ?

From: Bénoni MARTIN (Benoni.MARTIN@libertis.ga)
Date: Mon Aug 23 2004 - 06:21:41 EDT

Hi!

If my memory does not let me down, a DNS server makes the translation between IP adresses and hostnames. On any OS, you can specify several DNS servers, so if the first fails down, it tries to reach the second one.

But what I have to handle is this: someone on the network requests www.mywebsite.com. The external FW catchs the request, performs a NAT and redirects it to the webserver. But the FW has to know to which web server it has to redirect the request...

PS: My web servers are web servers only, not at all DNS servers ...

-----Message d'origine-----
De : Corey Watts-Jones [mailto:cwattsjones@rogers.com]
Envoyé : samedi 21 août 2004 06:12
À : Bénoni MARTIN; security-basics@securityfocus.com; pen-test@securityfocus.com
Objet : RE: Securing web site with redundancy ?

Hmmm... could you not simply add the second web server to the end of the list for DNS entries? Failing contact with the first listed server it should contact the next entry in line.

Correct me if I'm wrong, folks. :)

-----Original Message-----
From: Bénoni MARTIN [mailto:Benoni.MARTIN@libertis.ga]
Sent: Friday, August 20, 2004 8:10 AM
To: security-basics@securityfocus.com; pen-test@securityfocus.com
Subject: Securing web site with redundancy ?

Hi all !

I was wondering if there was a way to set up 2 "redundant" web servers (identical web sites), i.e. when one crashes, the other one takes the connection over. The same thing which is already available for firewalls (high disponibility), but with web servers.

We would have 2 Windozes in a DMZ with IIS as the web server, and a pix firewall between the dmz and Internet. Is there any tool allowing this out there ? I tried to google quite a while, but without any chance...

Some one has an idea ?

Cheers list !

---------------------------------------------------------------------------- 

--
Ethical Hacking at the InfoSec Institute. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors. Check out our Advanced Hacking course, learn to write exploits and attack security infrastructure. Attend a course taught by an expert instructor with years of in-the-field pen testing experience in our state of the art hacking lab. Master the skills of an Ethical Hacker to better assess the security of your organization.
http://www.securityfocus.com/sponsor/InfoSecInstitute_pen-test_040817
----------------------------------------------------------------------------
---
------------------------------------------------------------------------------
Ethical Hacking at the InfoSec Institute. All of our class sizes are
guaranteed to be 12 students or less to facilitate one-on-one interaction
with one of our expert instructors. Check out our Advanced Hacking course,
learn to write exploits and attack security infrastructure. Attend a course
taught by an expert instructor with years of in-the-field pen testing
experience in our state of the art hacking lab. Master the skills of an
Ethical Hacker to better assess the security of your organization.
http://www.securityfocus.com/sponsor/InfoSecInstitute_pen-test_040817
-------------------------------------------------------------------------------

This archive was generated by pen-test@securityfocus.com
Objet : RE: Securing web site with redundancy ?