Pau Lo
asked on
server names and security risk
What realistically is the risk if somebody found out an internal server name from the outside, e.g. what may it allow them to do in terms of a security attack. I am talking about from the outside. I noticed in some documents available on our website there is some mention of internal servernames and need to quantify the risk, they are not accessible to anyone outside the organisation, only those internal to the company, but it still doesn't sit easy.
Personally It's never bothered me, I work on a lot of different networks, and I've seen everything from Simpsons Characters, Planets, Moons , Greek Gods etc. I just find it annoying. When I build DC's they have DC in the name, When I build Exchange servers then Mail, SQL servers have DB etc
If someone who can see you internal servers, and is up to no good, then A quick port scan will tell them what every server is doing, rather than looking at server names.
Unfortunately a lot of internal documentation, (particularly in the public sector) is written by people who don't have a clue or are copying information for somewhere else.
P
If someone who can see you internal servers, and is up to no good, then A quick port scan will tell them what every server is doing, rather than looking at server names.
Unfortunately a lot of internal documentation, (particularly in the public sector) is written by people who don't have a clue or are copying information for somewhere else.
P
I would remove any documentation about internal IT processes from public facing websites if they are available to the general public. If they are only accessible via an authenticated login, then as long as you have complexity requirements setup for passwords, I would not worry about the documentation.
As for server names, there is no risk if the server names are known. Even if someone was on your network, the server names being known are not a risk. e
As for server names, there is no risk if the server names are known. Even if someone was on your network, the server names being known are not a risk. e
Zero risk if you follow good security procedures.
1) All sites, external + internal, all use SSL certs.
2) Any sensitive materials are password protected + only accessible via people with correct privilege to access these docs.
Hint: A large percentage of stolen data is done by employees + contractors. Don't think for a minute your data is safe, unless you first protect all data from internal staff or anyone else who may be inside your network at any given moment.
1) All sites, external + internal, all use SSL certs.
2) Any sensitive materials are password protected + only accessible via people with correct privilege to access these docs.
Hint: A large percentage of stolen data is done by employees + contractors. Don't think for a minute your data is safe, unless you first protect all data from internal staff or anyone else who may be inside your network at any given moment.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Disclosures like this primarily increase the risk of social engineering attacks. Attackers with knowledge of your system names, architecture, user name structure, allow attackers to create more convincing phishing and phone social engineering attacks.
This serves more towards potential reconnaissance. How much information is published about that server in the documentation becomes what's key. Naturally, you should always be reviewing the security controls anyway.