Educause Security Discussion mailing list archives
Re: Server naming conventions
From: "Michael J. Wheeler" <mwheeler () PITTSTATE EDU>
Date: Thu, 11 Feb 2010 11:45:33 -0600
I wonder if non-edible nuts were considered. For instance: wing(nut), lug(nut), and cage(nut).
Also, after "left" and "right" were used, you could always use "deez". :) -- Michael J. Wheeler Assistant Director, Systems and Networking Pittsburg State University Phone: 620-235-4610 E-mail: mwheeler () pittstate edu On 2/11/2010 7:51 AM, Sherry Horeanopoulos wrote:
Thank you all – you have provided me and my officemates with a sidesplitting morning. I’d give my cashew stash to be a part of the .nuts network! *From:* The EDUCAUSE Security Constituent Group Listserv [mailto:SECURITY () LISTSERV EDUCAUSE EDU] *On Behalf Of *Woodruff, Daniel *Sent:* Thursday, February 11, 2010 8:46 AM *To:* SECURITY () LISTSERV EDUCAUSE EDU *Subject:* Re: [SECURITY] Server naming conventions This has been a fantastic thread, thanks for all the input and creative naming scheme ideas. With new servers hosted by University IT here, the Windows Systems group has settled on the ‘its-service-p##’ type style, where ‘p’ stands for production, ‘t’ would be test, etc. It seems some other institutions do similar and even add more information such as location, and you brought up a good point about a nmap scan can easily enumerate the services on a box, so I feel more comfortable with that now. And segmenting DNS into different zones is a great idea too. Thanks, Dan Woodruff University IT Security and Policy University of Rochester Woodruff, Daniel wrote:What kinds of naming conventions do everyone follow when building newservers?Currently, our Windows hosts are named following the pattern‘its-w2ks#’or similar, where the # is the next in the sequence, and the names arepublished in DNS. What are the potential drawbacks or using a schemelike this? Do you think it is any better or worse from a securityperspective than using something like‘its-oracle-1’ which has theservice right in the name? We’re concerned about disclosing the purposeof the machine via its name, and are trying to get an idea of what otherschools do for their machines. Thanks in advance.For some servers, which are for internal ITS use only, there is really no naming convention in place. Mythological figures and horrible puns tend to be the norm. For user-facing servers, the DNS name generally reflects the purpose or service of the server. For example, our domain controllers are named "ad-canisius" and"ad-canisius2", our Exchange mail stores are"store01" and"store02", etc. There's probably a slight risk of revealing information by putting a service right in the name, but frankly, it's no more information than a simple nmap fingerprinting scan would be likely to provide. -- Matt Gracie (716) 888-8378 Information Security Administrator [log in to unmask] <http://listserv.educause.edu/cgi-bin/wa.exe?LOGON=A2%3Dind1002%26L%3DSECURITY%26D%3D0%26P%3D45691> Canisius College ITS Buffalo, NY http://www2.canisius.edu/~graciem/graciem_public_key.gpg <http://www2.canisius.edu/%7Egraciem/graciem_public_key.gpg>
Current thread:
- Re: Server naming conventions, (continued)
- Re: Server naming conventions Woodruff, Daniel (Feb 11)
- Re: Server naming conventions Sherry Horeanopoulos (Feb 11)
- Re: Server naming conventions Gene Spafford (Feb 11)
- Re: Server naming conventions Stucky, David (Feb 11)
- Re: Server naming conventions Cal Frye (Feb 11)
- Re: Server naming conventions Steven Tardy (Feb 11)
- Re: Server naming conventions Stanclift, Michael (Feb 11)
- Re: Server naming conventions Michael J. Wheeler (Feb 11)
- Re: Server naming conventions Timothy Fairlie (Feb 11)
- Re: Server naming conventions Derek Diget (Feb 11)
- Re: Server naming conventions Michael J. Wheeler (Feb 11)
- Re: Server naming conventions Julian Y. Koh (Feb 11)
- Re: Server naming conventions Sandra Barclay (Feb 11)
- Re: Server naming conventions Andreas Paulisch (Feb 11)
- Re: Server naming conventions Dan Oachs (Feb 11)
- Re: Server naming conventions Barbara Ann Torney (Feb 11)
- Re: Server naming conventions Laurie Zirkle (Feb 11)
- Re: Server naming conventions Chris Bennett (Feb 11)
- Re: Server naming conventions McCrary, Barbara (Feb 11)
- Re: Server naming conventions Greg Schaffer (Feb 11)
- Re: Server naming conventions Jeff Kell (Feb 11)
(Thread continues...)