RE: Securing web site with redundancy ?

From: David Schenz (schenz.9@dps.ohio-state.edu)
Date: Mon Aug 23 2004 - 17:28:21 EDT


If your sensibilities can deal with a Microsoft solution, network load balancing (NLB) in Windows 2000 Advanced Server or Windows 2003 Server or higher (watch the versions) should take care of your problem (And I do believe some versions of NT also have NLB). Also, make a point of reading up on the benefits of one NIC versus two NICs and also unicast vs multicast mode. Single NIC multicasting tends to misbehave on Cisco and some other switch manufacturers' equipment. Two NICs in unicast mode tend to behave the best (One nic is used for communicating with the other web servers and the other is used for communicating with clients). Shared storage is not required unlike multinode clusters. You also will not need another box beyond your webservers.

Good luck,
David

-----Original Message-----
From: Bénoni MARTIN [mailto:Benoni.MARTIN@libertis.ga]
Sent: Friday, August 20, 2004 8:10 AM
To: security-basics@securityfocus.com; pen-test@securityfocus.com
Subject: Securing web site with redundancy ?

Hi all !

I was wondering if there was a way to set up 2 "redundant" web servers
(identical web sites), i.e. when one crashes, the other one takes the
connection over. The same thing which is already available for firewalls
(high disponibility), but with web servers.

We would have 2 Windozes in a DMZ with IIS as the web server, and a pix
firewall between the dmz and Internet. Is there any tool allowing this out
there ? I tried to google quite a while, but without any chance...

Some one has an idea ?

Cheers list !

----------------------------------------------------------------------------

--
Ethical Hacking at the InfoSec Institute. All of our class sizes are
guaranteed to be 12 students or less to facilitate one-on-one interaction
with one of our expert instructors. Check out our Advanced Hacking course,
learn to write exploits and attack security infrastructure. Attend a course
taught by an expert instructor with years of in-the-field pen testing
experience in our state of the art hacking lab. Master the skills of an
Ethical Hacker to better assess the security of your organization.
http://www.securityfocus.com/sponsor/InfoSecInstitute_pen-test_040817
----------------------------------------------------------------------------
---
---------------------------------------------------------------------------
Computer Forensics Training at the InfoSec Institute. All of our class sizes
are guaranteed to be 12 students or less to facilitate one-on-one
interaction with one of our expert instructors. Gain the in-demand skills of
a certified computer examiner, learn to recover trace data left behind by
fraud, theft, and cybercrime perpetrators. Discover the source of computer
crime and abuse so that it never happens again.
http://www.securityfocus.com/sponsor/InfoSecInstitute_security-basics_040817
----------------------------------------------------------------------------
------------------------------------------------------------------------------
Ethical Hacking at the InfoSec Institute. All of our class sizes are
guaranteed to be 12 students or less to facilitate one-on-one interaction
with one of our expert instructors. Check out our Advanced Hacking course,
learn to write exploits and attack security infrastructure. Attend a course
taught by an expert instructor with years of in-the-field pen testing
experience in our state of the art hacking lab. Master the skills of an
Ethical Hacker to better assess the security of your organization.
http://www.infosecinstitute.com/courses/ethical_hacking_training.html
-------------------------------------------------------------------------------


This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:54:00 EDT