I think Charlie summed it up well Security by Obscurity solves nadda, and only complicates matters.
Proper hardening and limiting of network access through various controls is your best course of action. There isn't really nothing with a determine hacker and Nmap cant do to find out what you are using on your network, through authenticated or unauthenticated means. Z Edward E. Ziots Network Engineer Lifespan Organization MCSE,MCSA,MCP,Security+,Network+,CCA Phone: 401-639-3505 -----Original Message----- From: Charlie Kaiser [mailto:[EMAIL PROTECTED] Sent: Monday, April 14, 2008 9:59 AM To: NT System Admin Issues Subject: RE: Naming convention for Servers Not really. If your internal servers are under enough of an attack to make security through obscurity important, you have bigger things to worry about. Proper hardening, auditing, rights assignments, and regular inspection of audit logs will help with internal security (the curious guy who wants to poke around at the file server or DC). Renaming the servers for the sake of a naming convention could produce more problems than you solve, though. There are enough netbios name-dependent applications out there to really whack you if you miss a couple during a rename, especially if they're homegrown apps. Using a naming convention going forward though, makes a lot of sense. So does renaming as you rebuild or replace hardware. ********************** Charlie Kaiser W2K3 MCSA/MCSE/Security Systems Engineer Essex Credit / Brickwalk 925 274 3183 ********************** -----Original Message----- From: Rishi Kumar [mailto:[EMAIL PROTECTED] Sent: Monday, April 14, 2008 6:39 AM To: NT System Admin Issues Subject: Naming convention for Servers I have a general question that I'd like to put up for discussion. I work for a medium size company with about 50 servers. Most of our domain controllers and exchange servers have random names....(These are not real) but something like George, Gertrude, etc... I am one of TWO system admins... or let's say 3 sys admins, including my supervisor. I have been pleading to start using a naming convention for the last several months as it is now getting confusing to remember which sever performs which function and which office it is located. (We have 7 different office locations throughout the country). Is there really a good reason to NOT have a naming convention? ~ Upgrade to Next Generation Antispam/Antivirus with Ninja! ~ ~ <http://www.sunbelt-software.com/SunbeltMessagingNinja.cfm> ~ ~ Upgrade to Next Generation Antispam/Antivirus with Ninja! ~ ~ <http://www.sunbelt-software.com/SunbeltMessagingNinja.cfm> ~
