Naming the Nameservers
Michel Marcon
NOSPAM.michel.marcon at vnumail.com
Fri Aug 20 20:50:55 UTC 1999
On 18 Aug 1999 14:18:03 -0700, Patrick Greenwell
<patrick at stealthgeeks.net> wrote:
>On Wed, 18 Aug 1999, Michel Marcon wrote:
>
>> Hi
>> While I understand your concerns, I don't agree with this type of
>> naming convention. Naming a proxy 'proxy.society.com' or or a mail
>> gateway 'mail.unicorn.net' may alert the wily hacker. Let this one
>> take pain and try to discover the real usage of each and every
>> computer of a target LAN. Yes I know, he might use a scanner, but why
>> should you try to hel him?
>
>
>> Other right examples:
>> Mailserver: octopus.unicorn.net
>> Proxy: nelson.society.com
>
>One of the main purpose of DNS is to give useful names to objects, like
>hosts. While it's fine if you've got a couple of boxes at home to name a
>host whatever because it is easily remembered, when you have tens,
>hundreds, or thousands of hosts naming a box "octopus" suddenly seems less
>useful to the people that work there who are going to have to figure out
>what the host "octopus" does.
Well, this time you win. Hands down ....
Seriously: you are right. It is not obvious to which machine does
what. I am myself a sysadmin and I have this kind of problems.
However I do insist that the naming is sometimes a clue for hackers.
No clear solution, anyway...
cmic
>
>
>
>
----------------------------------
Michel Marcon Sysadmin UNIX & WNT
and guitar player....
NOSPAM.michel.marcon at vnumail.com
More information about the bind-users
mailing list