Computer name naming convention for securityShould OS information be in DNS?Can we protect domain name by law?What are some risks of purchasing a “used” domain nameDomain Name TheftsHow to hack a computer on a different network?Techniques to find out the domain a given name server resolves forIs there any security reason to prefer local IP address over zeroconf “.local” domain name?Can a domain name be trusted?How to identify the vulnerabilities in a target computer?Domain name vs IP only hosting?Personal or computer information stored in a freshly compiled executable
Any way to meet code with 40.7% or 40.44% conduit fill?
An easy way to solve this limit of a sum?
Do I need transit visa for Dublin?
How to factor a fourth degree polynomial
White's last move?
Implicit conversion between decimals with different precisions
Multi-user CRUD: Valid, Problem, or Error?
What is the shape of the upper boundary of water hitting a screen?
Did Stalin kill all Soviet officers involved in the Winter War?
Taking advantage when HR forgets to communicate the rules
Why does mean tend be more stable in different samples than median?
Why did Super-VGA offer the 5:4 1280*1024 resolution?
Machine Learning Golf: Multiplication
What is the highest level of accuracy in motion control a Victorian society could achieve?
Why do people prefer metropolitan areas, considering monsters and villains?
Why does this function pointer assignment work when assigned directly but not with the conditional operator?
Why would "dead languages" be the only languages that spells could be written in?
Chilling juice in copper vessel
Minor differences between two recorded guitars
Attach a visible light telescope to the outside of the ISS
How to reclaim personal item I've lent to the office without burning bridges?
Is there an upper limit on the number of cards a character can declare to draw from the Deck of Many Things?
Why do we need a bootloader separate from our application program in microcontrollers?
Why is there paternal, for fatherly, fraternal, for brotherly, but no similar word for sons?
Computer name naming convention for security
Should OS information be in DNS?Can we protect domain name by law?What are some risks of purchasing a “used” domain nameDomain Name TheftsHow to hack a computer on a different network?Techniques to find out the domain a given name server resolves forIs there any security reason to prefer local IP address over zeroconf “.local” domain name?Can a domain name be trusted?How to identify the vulnerabilities in a target computer?Domain name vs IP only hosting?Personal or computer information stored in a freshly compiled executable
.everyoneloves__top-leaderboard:empty,.everyoneloves__mid-leaderboard:empty,.everyoneloves__bot-mid-leaderboard:empty margin-bottom:0;
I've been doing a security audit and found out you can easily identify host roles and running services just by their computer name (using nslookup).
I would like to report this so that they use less obvious computer names and it becomes harder for an attacker to identify machine roles on the network. I would like to give some weight to this proposal by linking to some security naming convention from a trusted organisation. After some search, I've been unable to find some. Is there any existing ?
dns-domain sensitive-data-exposure information-gathering infoleak
edited 7 hours ago
Luc
25.4k6 gold badges48 silver badges106 bronze badges
asked 8 hours ago
Xavier59Xavier59
1,7172 gold badges9 silver badges27 bronze badges
add a comment |
I've been doing a security audit and found out you can easily identify host roles and running services just by their computer name (using nslookup).
I would like to report this so that they use less obvious computer names and it becomes harder for an attacker to identify machine roles on the network. I would like to give some weight to this proposal by linking to some security naming convention from a trusted organisation. After some search, I've been unable to find some. Is there any existing ?
dns-domain sensitive-data-exposure information-gathering infoleak
edited 7 hours ago
Luc
25.4k6 gold badges48 silver badges106 bronze badges
asked 8 hours ago
Xavier59Xavier59
1,7172 gold badges9 silver badges27 bronze badges
I'm of the camp that believes that completely random host names won't hinder an attacker much if at all and will cause more problems (for users and administrators alike) than a predictable host name convention. Also see security.stackexchange.com/q/178328/77995 and RFC 1178
– HBruijn
7 hours ago
@HBruijn I agree that having random host names could mislead sysadmin but as a security consultant, I think it's our job to give my clients as much insight on security as possible while it's their job to decide wether or not they want to make the change based on the cost of being hacked vs the cost of the trouble caused to the sysadmins.
– Xavier59
6 hours ago
@Xavier59 I'm also a security consultant. Yes, we should help clients understand the risks, but I'm undecided about this one (I was waiting for answers, I like the question). It definitely helps me to exploit their systems when I can see descriptive hostnames, or even just a predictable number (so I can increment it and see if that system exists), but it also helps the sysadmins. I'm not sure it helps me so much that I would recommend to disable it at all times. But then again, the sysadmins could also easily use tools/documentation to map a MAC/IP to a description. So I'm not sure.
– Luc
6 hours ago
add a comment |
I've been doing a security audit and found out you can easily identify host roles and running services just by their computer name (using nslookup).
I would like to report this so that they use less obvious computer names and it becomes harder for an attacker to identify machine roles on the network. I would like to give some weight to this proposal by linking to some security naming convention from a trusted organisation. After some search, I've been unable to find some. Is there any existing ?
dns-domain sensitive-data-exposure information-gathering infoleak
edited 7 hours ago
Luc
25.4k6 gold badges48 silver badges106 bronze badges
asked 8 hours ago
Xavier59Xavier59
1,7172 gold badges9 silver badges27 bronze badges
I've been doing a security audit and found out you can easily identify host roles and running services just by their computer name (using nslookup).
I would like to report this so that they use less obvious computer names and it becomes harder for an attacker to identify machine roles on the network. I would like to give some weight to this proposal by linking to some security naming convention from a trusted organisation. After some search, I've been unable to find some. Is there any existing ?
dns-domain sensitive-data-exposure information-gathering infoleak
dns-domain sensitive-data-exposure information-gathering infoleak
edited 7 hours ago
Luc
25.4k6 gold badges48 silver badges106 bronze badges
asked 8 hours ago
Xavier59Xavier59
1,7172 gold badges9 silver badges27 bronze badges
edited 7 hours ago
Luc
25.4k6 gold badges48 silver badges106 bronze badges
asked 8 hours ago
Xavier59Xavier59
1,7172 gold badges9 silver badges27 bronze badges
edited 7 hours ago
Luc
25.4k6 gold badges48 silver badges106 bronze badges
edited 7 hours ago
Luc
25.4k6 gold badges48 silver badges106 bronze badges
edited 7 hours ago
Luc
25.4k6 gold badges48 silver badges106 bronze badges
25.4k6 gold badges48 silver badges106 bronze badges
asked 8 hours ago
Xavier59Xavier59
1,7172 gold badges9 silver badges27 bronze badges
asked 8 hours ago
Xavier59Xavier59
1,7172 gold badges9 silver badges27 bronze badges
asked 8 hours ago
Xavier59Xavier59
1,7172 gold badges9 silver badges27 bronze badges
1,7172 gold badges9 silver badges27 bronze badges
I'm of the camp that believes that completely random host names won't hinder an attacker much if at all and will cause more problems (for users and administrators alike) than a predictable host name convention. Also see security.stackexchange.com/q/178328/77995 and RFC 1178
– HBruijn
7 hours ago
@HBruijn I agree that having random host names could mislead sysadmin but as a security consultant, I think it's our job to give my clients as much insight on security as possible while it's their job to decide wether or not they want to make the change based on the cost of being hacked vs the cost of the trouble caused to the sysadmins.
– Xavier59
6 hours ago
@Xavier59 I'm also a security consultant. Yes, we should help clients understand the risks, but I'm undecided about this one (I was waiting for answers, I like the question). It definitely helps me to exploit their systems when I can see descriptive hostnames, or even just a predictable number (so I can increment it and see if that system exists), but it also helps the sysadmins. I'm not sure it helps me so much that I would recommend to disable it at all times. But then again, the sysadmins could also easily use tools/documentation to map a MAC/IP to a description. So I'm not sure.
– Luc
6 hours ago
add a comment |
I'm of the camp that believes that completely random host names won't hinder an attacker much if at all and will cause more problems (for users and administrators alike) than a predictable host name convention. Also see security.stackexchange.com/q/178328/77995 and RFC 1178
– HBruijn
7 hours ago
@HBruijn I agree that having random host names could mislead sysadmin but as a security consultant, I think it's our job to give my clients as much insight on security as possible while it's their job to decide wether or not they want to make the change based on the cost of being hacked vs the cost of the trouble caused to the sysadmins.
– Xavier59
6 hours ago
@Xavier59 I'm also a security consultant. Yes, we should help clients understand the risks, but I'm undecided about this one (I was waiting for answers, I like the question). It definitely helps me to exploit their systems when I can see descriptive hostnames, or even just a predictable number (so I can increment it and see if that system exists), but it also helps the sysadmins. I'm not sure it helps me so much that I would recommend to disable it at all times. But then again, the sysadmins could also easily use tools/documentation to map a MAC/IP to a description. So I'm not sure.
– Luc
6 hours ago
I'm of the camp that believes that completely random host names won't hinder an attacker much if at all and will cause more problems (for users and administrators alike) than a predictable host name convention. Also see security.stackexchange.com/q/178328/77995 and RFC 1178
– HBruijn
7 hours ago
I'm of the camp that believes that completely random host names won't hinder an attacker much if at all and will cause more problems (for users and administrators alike) than a predictable host name convention. Also see security.stackexchange.com/q/178328/77995 and RFC 1178
– HBruijn
7 hours ago
@HBruijn I agree that having random host names could mislead sysadmin but as a security consultant, I think it's our job to give my clients as much insight on security as possible while it's their job to decide wether or not they want to make the change based on the cost of being hacked vs the cost of the trouble caused to the sysadmins.
– Xavier59
6 hours ago
@HBruijn I agree that having random host names could mislead sysadmin but as a security consultant, I think it's our job to give my clients as much insight on security as possible while it's their job to decide wether or not they want to make the change based on the cost of being hacked vs the cost of the trouble caused to the sysadmins.
– Xavier59
6 hours ago
@Xavier59 I'm also a security consultant. Yes, we should help clients understand the risks, but I'm undecided about this one (I was waiting for answers, I like the question). It definitely helps me to exploit their systems when I can see descriptive hostnames, or even just a predictable number (so I can increment it and see if that system exists), but it also helps the sysadmins. I'm not sure it helps me so much that I would recommend to disable it at all times. But then again, the sysadmins could also easily use tools/documentation to map a MAC/IP to a description. So I'm not sure.
– Luc
6 hours ago
@Xavier59 I'm also a security consultant. Yes, we should help clients understand the risks, but I'm undecided about this one (I was waiting for answers, I like the question). It definitely helps me to exploit their systems when I can see descriptive hostnames, or even just a predictable number (so I can increment it and see if that system exists), but it also helps the sysadmins. I'm not sure it helps me so much that I would recommend to disable it at all times. But then again, the sysadmins could also easily use tools/documentation to map a MAC/IP to a description. So I'm not sure.
– Luc
6 hours ago
add a comment |
2 Answers
2
active
oldest
votes
The fact that there is no readily available information to support your conclusion, should give you some idea about its validity.
The point is, that if your attacker is already in, he will need to do some additional foot-printing anyway. Your host name may be database.xyz.intranet, but if the nmap gives you 1521 (oracle), 1433 (sql server) or 5432(Postgress), that gives some information about possible vulnerabilities.. Sure, it will save some time knowing that www.companyname.com is probably not the back end database server, but that is minimal.
On the other hand: are your developers really happy to do SQL-queries on linux20195681.intranet? What is they fire-up a second database in your on-premises cloud? Giving some meaningful names simplifies their life too. And of course it easier for the stand-by that is called at 2 a.m.
Also, your real servers may be hidden behind a load-balancer. The VIP would then typically get the functional name and the hosts behind it some sequence number.
If you are in a small organization, you could consider giving your hosts themed names (e.g. my Pi's at home are called pi, rho, sigma, phi, etc.), but even then, I struggle to remember that sigma is my home-automation, psi my DNS server etc. And yes, you might theme Zeus as the production database, Jupiter as test and Odin as develop, but at some point, any form of polytheism will put a limit on the number of servers.
So it really is better to give them functional names.
On the other hand: don't be to specific or alluring. Calling a host privatekeybackup.intranet will surely attract a bit more attention.
There have been some ideas of randomizing host names (rfc8117) but that seems more an issue for clients.
answered 5 hours ago
Ljm DullaartLjm Dullaart
3114 bronze badges
add a comment |
You have identified only one risk, that of an attacker identifying machine roles on the network by using predictable host names.
I think you missed the competing risk, that of increased operator error by not using predictable and descriptive host names.
This is how I would asses those conflicting measures:
Use unpredictable host names
Benefit(s)
An attacker will need to spend (significant) more effort in determining the layout of your network and to identify the most profitable targets for a penetration attempt.
Risks
Operator error. Users and administrators may have difficulty identifying systems and their correct roles e.g. confusing test and production systems.
- Probability: high
- Impact: high
Rationale: Most humans have terrible memories where "random" data is concerned --> high probability.
Also there are usually very few barriers that prevent trusted users and administrators from making high impact mistakes --> high impact.
Use predictable host names
Benefit(s)
Reduced operator error rates, ease of management and automation.
Risks
Attackers will also have an easier time determining the layout of your network and to identify the most profitable targets for a penetration attempt.
- Probability: medium
- Impact: low
Rationale: Not every naming convention is immediately intuitive to a black-hat attacker --> medium probability.
Also using hostnames to predict a network layout is only a shortcut, but doesn't provide information that an attacker wouldn't be able to learn through other means. And knowledge of the role of a server as disclosed by a hostname does not automatically make it more vulnerable (only more or less valuable). --> low impact.
answered 5 hours ago
HBruijnHBruijn
6524 silver badges9 bronze badges
add a comment |
Your Answer
StackExchange.ready(function()
var channelOptions =
tags: "".split(" "),
id: "162"
;
initTagRenderer("".split(" "), "".split(" "), channelOptions);
StackExchange.using("externalEditor", function()
// Have to fire editor after snippets, if snippets enabled
if (StackExchange.settings.snippets.snippetsEnabled)
StackExchange.using("snippets", function()
createEditor();
);
else
createEditor();
);
function createEditor()
StackExchange.prepareEditor(
heartbeatType: 'answer',
autoActivateHeartbeat: false,
convertImagesToLinks: false,
noModals: true,
showLowRepImageUploadWarning: true,
reputationToPostImages: null,
bindNavPrevention: true,
postfix: "",
imageUploader:
brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
allowUrls: true
,
noCode: true, onDemand: true,
discardSelector: ".discard-answer"
,immediatelyShowMarkdownHelp:true
);
);
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function ()
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fsecurity.stackexchange.com%2fquestions%2f212953%2fcomputer-name-naming-convention-for-security%23new-answer', 'question_page');
);
Post as a guest
Required, but never shown
2 Answers
2
active
oldest
votes
2 Answers
2
active
oldest
votes
active
oldest
votes
active
oldest
votes
The fact that there is no readily available information to support your conclusion, should give you some idea about its validity.
The point is, that if your attacker is already in, he will need to do some additional foot-printing anyway. Your host name may be database.xyz.intranet, but if the nmap gives you 1521 (oracle), 1433 (sql server) or 5432(Postgress), that gives some information about possible vulnerabilities.. Sure, it will save some time knowing that www.companyname.com is probably not the back end database server, but that is minimal.
On the other hand: are your developers really happy to do SQL-queries on linux20195681.intranet? What is they fire-up a second database in your on-premises cloud? Giving some meaningful names simplifies their life too. And of course it easier for the stand-by that is called at 2 a.m.
Also, your real servers may be hidden behind a load-balancer. The VIP would then typically get the functional name and the hosts behind it some sequence number.
If you are in a small organization, you could consider giving your hosts themed names (e.g. my Pi's at home are called pi, rho, sigma, phi, etc.), but even then, I struggle to remember that sigma is my home-automation, psi my DNS server etc. And yes, you might theme Zeus as the production database, Jupiter as test and Odin as develop, but at some point, any form of polytheism will put a limit on the number of servers.
So it really is better to give them functional names.
On the other hand: don't be to specific or alluring. Calling a host privatekeybackup.intranet will surely attract a bit more attention.
There have been some ideas of randomizing host names (rfc8117) but that seems more an issue for clients.
answered 5 hours ago
Ljm DullaartLjm Dullaart
3114 bronze badges
add a comment |
The fact that there is no readily available information to support your conclusion, should give you some idea about its validity.
The point is, that if your attacker is already in, he will need to do some additional foot-printing anyway. Your host name may be database.xyz.intranet, but if the nmap gives you 1521 (oracle), 1433 (sql server) or 5432(Postgress), that gives some information about possible vulnerabilities.. Sure, it will save some time knowing that www.companyname.com is probably not the back end database server, but that is minimal.
On the other hand: are your developers really happy to do SQL-queries on linux20195681.intranet? What is they fire-up a second database in your on-premises cloud? Giving some meaningful names simplifies their life too. And of course it easier for the stand-by that is called at 2 a.m.
Also, your real servers may be hidden behind a load-balancer. The VIP would then typically get the functional name and the hosts behind it some sequence number.
If you are in a small organization, you could consider giving your hosts themed names (e.g. my Pi's at home are called pi, rho, sigma, phi, etc.), but even then, I struggle to remember that sigma is my home-automation, psi my DNS server etc. And yes, you might theme Zeus as the production database, Jupiter as test and Odin as develop, but at some point, any form of polytheism will put a limit on the number of servers.
So it really is better to give them functional names.
On the other hand: don't be to specific or alluring. Calling a host privatekeybackup.intranet will surely attract a bit more attention.
There have been some ideas of randomizing host names (rfc8117) but that seems more an issue for clients.
answered 5 hours ago
Ljm DullaartLjm Dullaart
3114 bronze badges
add a comment |
The fact that there is no readily available information to support your conclusion, should give you some idea about its validity.
The point is, that if your attacker is already in, he will need to do some additional foot-printing anyway. Your host name may be database.xyz.intranet, but if the nmap gives you 1521 (oracle), 1433 (sql server) or 5432(Postgress), that gives some information about possible vulnerabilities.. Sure, it will save some time knowing that www.companyname.com is probably not the back end database server, but that is minimal.
On the other hand: are your developers really happy to do SQL-queries on linux20195681.intranet? What is they fire-up a second database in your on-premises cloud? Giving some meaningful names simplifies their life too. And of course it easier for the stand-by that is called at 2 a.m.
Also, your real servers may be hidden behind a load-balancer. The VIP would then typically get the functional name and the hosts behind it some sequence number.
If you are in a small organization, you could consider giving your hosts themed names (e.g. my Pi's at home are called pi, rho, sigma, phi, etc.), but even then, I struggle to remember that sigma is my home-automation, psi my DNS server etc. And yes, you might theme Zeus as the production database, Jupiter as test and Odin as develop, but at some point, any form of polytheism will put a limit on the number of servers.
So it really is better to give them functional names.
On the other hand: don't be to specific or alluring. Calling a host privatekeybackup.intranet will surely attract a bit more attention.
There have been some ideas of randomizing host names (rfc8117) but that seems more an issue for clients.
answered 5 hours ago
Ljm DullaartLjm Dullaart
3114 bronze badges
The fact that there is no readily available information to support your conclusion, should give you some idea about its validity.
The point is, that if your attacker is already in, he will need to do some additional foot-printing anyway. Your host name may be database.xyz.intranet, but if the nmap gives you 1521 (oracle), 1433 (sql server) or 5432(Postgress), that gives some information about possible vulnerabilities.. Sure, it will save some time knowing that www.companyname.com is probably not the back end database server, but that is minimal.
On the other hand: are your developers really happy to do SQL-queries on linux20195681.intranet? What is they fire-up a second database in your on-premises cloud? Giving some meaningful names simplifies their life too. And of course it easier for the stand-by that is called at 2 a.m.
Also, your real servers may be hidden behind a load-balancer. The VIP would then typically get the functional name and the hosts behind it some sequence number.
If you are in a small organization, you could consider giving your hosts themed names (e.g. my Pi's at home are called pi, rho, sigma, phi, etc.), but even then, I struggle to remember that sigma is my home-automation, psi my DNS server etc. And yes, you might theme Zeus as the production database, Jupiter as test and Odin as develop, but at some point, any form of polytheism will put a limit on the number of servers.
So it really is better to give them functional names.
On the other hand: don't be to specific or alluring. Calling a host privatekeybackup.intranet will surely attract a bit more attention.
There have been some ideas of randomizing host names (rfc8117) but that seems more an issue for clients.
answered 5 hours ago
Ljm DullaartLjm Dullaart
3114 bronze badges
answered 5 hours ago
Ljm DullaartLjm Dullaart
3114 bronze badges
answered 5 hours ago
Ljm DullaartLjm Dullaart
3114 bronze badges
answered 5 hours ago
Ljm DullaartLjm Dullaart
3114 bronze badges
3114 bronze badges
add a comment |
add a comment |
You have identified only one risk, that of an attacker identifying machine roles on the network by using predictable host names.
I think you missed the competing risk, that of increased operator error by not using predictable and descriptive host names.
This is how I would asses those conflicting measures:
Use unpredictable host names
Benefit(s)
An attacker will need to spend (significant) more effort in determining the layout of your network and to identify the most profitable targets for a penetration attempt.
Risks
Operator error. Users and administrators may have difficulty identifying systems and their correct roles e.g. confusing test and production systems.
- Probability: high
- Impact: high
Rationale: Most humans have terrible memories where "random" data is concerned --> high probability.
Also there are usually very few barriers that prevent trusted users and administrators from making high impact mistakes --> high impact.
Use predictable host names
Benefit(s)
Reduced operator error rates, ease of management and automation.
Risks
Attackers will also have an easier time determining the layout of your network and to identify the most profitable targets for a penetration attempt.
- Probability: medium
- Impact: low
Rationale: Not every naming convention is immediately intuitive to a black-hat attacker --> medium probability.
Also using hostnames to predict a network layout is only a shortcut, but doesn't provide information that an attacker wouldn't be able to learn through other means. And knowledge of the role of a server as disclosed by a hostname does not automatically make it more vulnerable (only more or less valuable). --> low impact.
answered 5 hours ago
HBruijnHBruijn
6524 silver badges9 bronze badges
add a comment |
You have identified only one risk, that of an attacker identifying machine roles on the network by using predictable host names.
I think you missed the competing risk, that of increased operator error by not using predictable and descriptive host names.
This is how I would asses those conflicting measures:
Use unpredictable host names
Benefit(s)
An attacker will need to spend (significant) more effort in determining the layout of your network and to identify the most profitable targets for a penetration attempt.
Risks
Operator error. Users and administrators may have difficulty identifying systems and their correct roles e.g. confusing test and production systems.
- Probability: high
- Impact: high
Rationale: Most humans have terrible memories where "random" data is concerned --> high probability.
Also there are usually very few barriers that prevent trusted users and administrators from making high impact mistakes --> high impact.
Use predictable host names
Benefit(s)
Reduced operator error rates, ease of management and automation.
Risks
Attackers will also have an easier time determining the layout of your network and to identify the most profitable targets for a penetration attempt.
- Probability: medium
- Impact: low
Rationale: Not every naming convention is immediately intuitive to a black-hat attacker --> medium probability.
Also using hostnames to predict a network layout is only a shortcut, but doesn't provide information that an attacker wouldn't be able to learn through other means. And knowledge of the role of a server as disclosed by a hostname does not automatically make it more vulnerable (only more or less valuable). --> low impact.
answered 5 hours ago
HBruijnHBruijn
6524 silver badges9 bronze badges
add a comment |
You have identified only one risk, that of an attacker identifying machine roles on the network by using predictable host names.
I think you missed the competing risk, that of increased operator error by not using predictable and descriptive host names.
This is how I would asses those conflicting measures:
Use unpredictable host names
Benefit(s)
An attacker will need to spend (significant) more effort in determining the layout of your network and to identify the most profitable targets for a penetration attempt.
Risks
Operator error. Users and administrators may have difficulty identifying systems and their correct roles e.g. confusing test and production systems.
- Probability: high
- Impact: high
Rationale: Most humans have terrible memories where "random" data is concerned --> high probability.
Also there are usually very few barriers that prevent trusted users and administrators from making high impact mistakes --> high impact.
Use predictable host names
Benefit(s)
Reduced operator error rates, ease of management and automation.
Risks
Attackers will also have an easier time determining the layout of your network and to identify the most profitable targets for a penetration attempt.
- Probability: medium
- Impact: low
Rationale: Not every naming convention is immediately intuitive to a black-hat attacker --> medium probability.
Also using hostnames to predict a network layout is only a shortcut, but doesn't provide information that an attacker wouldn't be able to learn through other means. And knowledge of the role of a server as disclosed by a hostname does not automatically make it more vulnerable (only more or less valuable). --> low impact.
answered 5 hours ago
HBruijnHBruijn
6524 silver badges9 bronze badges
You have identified only one risk, that of an attacker identifying machine roles on the network by using predictable host names.
I think you missed the competing risk, that of increased operator error by not using predictable and descriptive host names.
This is how I would asses those conflicting measures:
Use unpredictable host names
Benefit(s)
An attacker will need to spend (significant) more effort in determining the layout of your network and to identify the most profitable targets for a penetration attempt.
Risks
Operator error. Users and administrators may have difficulty identifying systems and their correct roles e.g. confusing test and production systems.
- Probability: high
- Impact: high
Rationale: Most humans have terrible memories where "random" data is concerned --> high probability.
Also there are usually very few barriers that prevent trusted users and administrators from making high impact mistakes --> high impact.
Use predictable host names
Benefit(s)
Reduced operator error rates, ease of management and automation.
Risks
Attackers will also have an easier time determining the layout of your network and to identify the most profitable targets for a penetration attempt.
- Probability: medium
- Impact: low
Rationale: Not every naming convention is immediately intuitive to a black-hat attacker --> medium probability.
Also using hostnames to predict a network layout is only a shortcut, but doesn't provide information that an attacker wouldn't be able to learn through other means. And knowledge of the role of a server as disclosed by a hostname does not automatically make it more vulnerable (only more or less valuable). --> low impact.
answered 5 hours ago
HBruijnHBruijn
6524 silver badges9 bronze badges
edited 5 hours ago
answered 5 hours ago
HBruijnHBruijn
6524 silver badges9 bronze badges
answered 5 hours ago
HBruijnHBruijn
6524 silver badges9 bronze badges
answered 5 hours ago
HBruijnHBruijn
6524 silver badges9 bronze badges
6524 silver badges9 bronze badges
add a comment |
add a comment |
Thanks for contributing an answer to Information Security Stack Exchange!
- Please be sure to answer the question. Provide details and share your research!
But avoid …
- Asking for help, clarification, or responding to other answers.
- Making statements based on opinion; back them up with references or personal experience.
To learn more, see our tips on writing great answers.
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function ()
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fsecurity.stackexchange.com%2fquestions%2f212953%2fcomputer-name-naming-convention-for-security%23new-answer', 'question_page');
);
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
I'm of the camp that believes that completely random host names won't hinder an attacker much if at all and will cause more problems (for users and administrators alike) than a predictable host name convention. Also see security.stackexchange.com/q/178328/77995 and RFC 1178
– HBruijn
7 hours ago
@HBruijn I agree that having random host names could mislead sysadmin but as a security consultant, I think it's our job to give my clients as much insight on security as possible while it's their job to decide wether or not they want to make the change based on the cost of being hacked vs the cost of the trouble caused to the sysadmins.
– Xavier59
6 hours ago
@Xavier59 I'm also a security consultant. Yes, we should help clients understand the risks, but I'm undecided about this one (I was waiting for answers, I like the question). It definitely helps me to exploit their systems when I can see descriptive hostnames, or even just a predictable number (so I can increment it and see if that system exists), but it also helps the sysadmins. I'm not sure it helps me so much that I would recommend to disable it at all times. But then again, the sysadmins could also easily use tools/documentation to map a MAC/IP to a description. So I'm not sure.
– Luc
6 hours ago