Re: [SAGE] Naming conventions for servers, network gear, etc.

[Ruth Milner <rmilner@nmt.edu>]

Cat wrote:

 > I'm always entertained by the idea that names must somehow make doing
 > network reconaissance easier. [...] "it makes things harder for
 > crackers" simply isn't a good argument for names that have nothing
 > to do with the nature of the machine.

I agree. It's really a "security through obscurity" approach - one
which doesn't even cover the most commonly-used attack path.

The people it actually does make things harder for, at least in an
organization, are the ones who have to use and maintain the systems.

Jason wrote:

 > My home development network has "SATURN"
 > as the main DHCP/DNS/LDAP server, and the other machines are named after
 > Saturn's moons

Hmmm ... so if anyone were to look at names on this network, the
system providing the most critical services is the one that all the
others are orbiting around? Maybe "Saturn" should be a honeypot. :-)

I always preferred the CNAME approach. You can name the server
however you prefer - locational/functional/aesthetic - and create
CNAMEs for the services it provides. Makes it really easy for users
to remember how to find what they need, and makes no difference at
all to potential attackers.

Ruth