It could be beneficial to name them incorrectly, but could also be a logistical nightmare. Naming an Exchange server FTP1, for example, could really through a hacker for a loop after he enumerates the resources.
I would say it's not recommended unless the organization is extremely small. -----Original Message----- From: Snow, Corey [mailto:[EMAIL PROTECTED]] Sent: Wednesday, February 06, 2002 1:09 PM To: '[EMAIL PROTECTED]'; [EMAIL PROTECTED] Subject: RE: Naming Conventions of Servers and Security Interesting question. I never considered that the name of a server would be a potential security risk, but I never name my servers by their function anyway. I usually pick a theme and name them that way. These days, I use the character names from my favorite SF television show. I would tend to agree that in principle, naming a computer after its function would be a potential risk, because if an attacker could gain enough access to enumerate network resources, it would be simple to identify those targets which should be focused on. It would certainly simplify the "recon" phase of any sophisticated attack. I would not recommend a naming scheme like the one you show below, for those reasons. Besides, giving servers silly names is part of the fun of being in IT. ;-) For desktops, some organizations name them after the person who uses it, but that means the name must be changed every time the box changes hands. If you use asset tags on your equipment, maybe naming desktops using that data is a good way to go. Regards, Corey Snow > -----Original Message----- > From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] > Sent: Tuesday, February 05, 2002 8:41 AM > To: [EMAIL PROTECTED] > Subject: Naming Conventions of Servers and Security > > > I have a question about naming conventions. > > What is the security communities recommendation on naming > servers? Is it > safe to name a server by the function the server provides? > We are currently > looking at renaming our entire domain since there are 4 or 5 different > naming conventions currently being used. So far I have been told that > naming a server AABCCC## (where A = Company Division B = Type > of device [ S > = Server, N = Network D = Desktop] C = placement of server > [DMZ or PRD or > STG]) is weak security because an attacker would have useful > knowledge about > the server. I feel most attackers would perform some recon > of the network > and have that information before they went in to attack mode anyway. > > I realize that it could be easier for an attacker to gain > information about > the server, but what about the folks who have to work on the > server? If a > server was to go down or be attacked I would rather know > immediately from > the name what I could be dealing with or how critical it is > to the company > that the server is down. > > Please send me your humble opinions. > > Thanks > > Jeff Wichman > > ######################################################### The information contained in this e-mail and subsequent attachments may be privileged, confidential and protected from disclosure. This transmission is intended for the sole use of the individual and entity to whom it is addressed. If you are not the intended recipient, any dissemination, distribution or copying is strictly prohibited. If you think that you have received this message in error, please e-mail the sender at the above e-mail address. #########################################################
