We were able run a controlled experiment in EC2 and gather response timing data via information returned by cURL . As we suspected, the response times from the load balancer versus its back-end instance were not significantly different.
For our second idea of identifying web deployment misconfigurations, we made a list of ports we could probe in order to determine how prevalent those services are in the cloud, including FTP (21), SSH (22), MySQL ( 3306), memcached(11211), redis(6379), NFS (2049), OpenVPN (1194), HFDS datanode (50075), MapReduce task tracker ( 50060) . This is the first step in helping us decide which services are worth exploring, which including figuring out if and how they are misconfigured and insecure. We intend to look at using WhoWas to conducting the probing in the following weeks.