GEBE1
asked on
Changing Server Names for Security Reasons.
We recently underwent a security audit, in which it was determined that the naming convention of our servers posed a security threat. Our Proxy server is called Proxy, our File server is called ...._fileserver, etc. According to the audit this is a vulnerability. I am of the opinion, that once a hacker has penetrated your network, the server name is of minor importance, since he / she can determine what the server's purpose is by querying the services that are running on the particular server.
Does the name of the server really play such an important role in network security?
Regards,
JT.
Does the name of the server really play such an important role in network security?
Regards,
JT.
ASKER
Thanks for the feedback egiblock.
JT
JT
no problem.
on another note. (i heavent done it) but have heard from people that changing server names once established in a domain is a pain in the but... it could be changed now, but i know it was a pain back in the nt4 days..
on another note. (i heavent done it) but have heard from people that changing server names once established in a domain is a pain in the but... it could be changed now, but i know it was a pain back in the nt4 days..
Try look at this from dif. point of view':
First of all,try to put yourself in the shoes of the culprit.
Perhaps you would not like to get caught in the act.
Perhaps breaking in to the network would be quicker and leaving less clues if you knew something about the servers.
The people making security audit :
perhaps they had a hard time finding what you would consid. real issues,
the time spent m. be +/- the same with/without 'real' trouble.
The management
having spent a lot of ress's on security audit, would be regretfull, IF at some time a break SHOULD show up, if they did not do what security audit had mentioned best pracice.
I guess you
wonder what issues can imege from playing with all names.
First of all,try to put yourself in the shoes of the culprit.
Perhaps you would not like to get caught in the act.
Perhaps breaking in to the network would be quicker and leaving less clues if you knew something about the servers.
The people making security audit :
perhaps they had a hard time finding what you would consid. real issues,
the time spent m. be +/- the same with/without 'real' trouble.
The management
having spent a lot of ress's on security audit, would be regretfull, IF at some time a break SHOULD show up, if they did not do what security audit had mentioned best pracice.
I guess you
wonder what issues can imege from playing with all names.
ASKER
Also valid points, but I would spend more time and money trying to strengthen my firewall, so that the chance of a break would become as small as possible.
Probably a good idea.
My personal feeling is :
-When starting on a fresh, then give the servers 'secure' names.
-When you have got things working, do not mess
My personal feeling is :
-When starting on a fresh, then give the servers 'secure' names.
-When you have got things working, do not mess
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Being that I fall under the network admins group I tend to side with egiblock and jpdavey. Is there documentation that describes best practices iconcerning this?
JT.
JT.
>it's dependant on the network's security requirements and what YOU're comfortable with< from
https://www.experts-exchange.com/questions/21513099/Best-Practices-for-naming-computers.html
https://www.experts-exchange.com/questions/21513099/Best-Practices-for-naming-computers.html
ASKER
I appreciate everyones input, I guess this is more a matter of opinion than procedure.
Regards,
JT
Regards,
JT
just my 2 cents