“ab” is an Apache HTTP server benchmarking tool.
Before probing further this type of server, first you need to determine some basic information about its configuration. There are multiple tools available for server fingerprinting. In this case, the tool is specifically made for Apache and it is installed by default in many Linux distributions. When you see a banner, header, default files or anything else that indicates that it is Apache, then you could use the “ab” tool to get some more useful information that you can use later to be precise rather than flooding the server with unnecessary traffic and generating security alerts.
Basic syntax:
ab -n <number of requests> -c <number of concurrent requests> <url>
For more detailed information read the tool manual. It is a powerful tool that allows server administrators to determine various configuration issues with Apache, including the number of requests that the server can handle per second and its bandwidth limits. For resilience, disaster recovery and load balancing purposes, that is the key information for admins. For offensive minded individuals this is one of the key bits of information you can get. If you know what the bandwidth is and how much traffic the server can handle then you can adapt your approach accordingly.
The sample usage is shown at the top of the page.
The tcpdump filter used in the example is as follows:
sudo tcpdump -A -s 0 ‘tcp dst port 80 and (((ip[2:2] – ((ip[0]&0xf)<<2)) – ((tcp[12]&0xf0)>>2)) != 0)’ -i lo
The filter shows only the requests made and no responses and it is targeting the localhost interface used in the example. If you need to see both the responses and the requests change ‘tcp dst port 80’ to ‘tcp port 80’ in the tcpdump filter.