windows server computer name

JeffBeall
JeffBeall used Ask the Experts™
on
I used to take care of some windows 2003 servers, and at the time I heard one security messure to take is to NOT name your servers with something that would describe what they do. So for instance - don't call your file share server - fileshare1, or something like that.
Does this still make sense? Or can hackers deduce what the machine does by it's network traffic?
Comment
Watch Question

Do more with

Expert Office
EXPERT OFFICE® is a registered trademark of EXPERTS EXCHANGE®
Stelian StanIT Services Manager
Commented:
I would not bother. If the hackers have access to your network you have a bigger problem. Just a different name of your server will not stop them to still all the information they want.
Commented:
We prefer to put sitecode then S for server and then fs01 or fs02 or dc01 etc.  Helps with several hundred servers and dozens and domain admins
Brian PiercePhotographer
Awarded 2007
Top Expert 2008
Commented:
I agree with the first comment - if hackers get as far as being able to read the names of your servers, then it too late - its quite easy having got that far to determine what services each is running.
11/26 Forrester Webinar: Savings for Enterprise

How can your organization benefit from savings just by replacing your legacy backup solutions with Acronis' #CyberProtection? Join Forrester's Joe Branca and Ryan Davis from Acronis live as they explain how you can too.

Thomas GrassiSystems Administrator
Commented:
Just make sure you have your firewall setup as best as you can to protect your network.
I have several attempts per day but they have not cracked the wall yet.
You can name your servers to your comapnies standard.
I use part of the domain name ie mydomain01 02 etc..
I agree with trgrassijr55, your main protection from hackers is a good strong (periodly updated) firewall. We use a Sonicwall TZ210W and also updated the local security policy to lock out any user with three invalid login attempts.

Yes, we do get some employees that get locked out, but I'd much rather unlock accounts than try cleaning up a hacked network!

We also installed an app named syspeace that locks out IP's of known hackers and also locks out IP's that get caught by the Local Scurity Policy. Their IP get's sent to me and I put a permenant block in the Firewall to lock out their IP.

If you track down that IP to a country and see determine it's from a foriegn country and don't need access from that country, you can get the full block spectrum of that ISP and block the entire ISP out.

Hope this helps!

Author

Commented:
Thanks for the help

Do more with

Expert Office
Submit tech questions to Ask the Experts™ at any time to receive solutions, advice, and new ideas from leading industry professionals.

Start 7-Day Free Trial