Firewall Wizards mailing list archives
Re: DNS Names for external services
From: "Marcus J. Ranum" <mjr () ranum com>
Date: Wed, 14 Apr 2010 12:57:06 -0500
Just curious, what is your opinions of the security vs. ease of use trade-offs on putting DNS entries in (vs. making people know/use an IP address) for services you expose to the Internet.
I guess the question is "what are you trying to accomplish?"
If the premise is that it'll slow down a skilled attacker, I
think it's false, because once a penetration has been
accomplished you can map a network using netstat and tcpdup,
and dns names won't really make any difference in that
process.
mjr.
--
Marcus J. Ranum CSO, Tenable Network Security, Inc.
http://www.tenablesecurity.com
_______________________________________________
firewall-wizards mailing list
firewall-wizards () listserv icsalabs com
https://listserv.icsalabs.com/mailman/listinfo/firewall-wizards
Current thread:
- Re: DNS Names for external services, (continued)
- Re: DNS Names for external services Andre Lima (Apr 26)
- Re: DNS Names for external services Dave Piscitello (Apr 27)
- Re: DNS Names for external services Paul Melson (Apr 14)
- Re: DNS Names for external services Dave Piscitello (Apr 22)
- Re: DNS Names for external services Paul Melson (Apr 22)
- Re: DNS Names for external services Dave Piscitello (Apr 22)
- Re: DNS Names for external services Henri Salo (Apr 14)
- Re: DNS Names for external services Kent Crispin (Apr 14)
- Re: DNS Names for external services Jim Seymour (Apr 14)
- Re: DNS Names for external services John Morrison (Apr 14)
- Re: DNS Names for external services kent (Apr 15)
- Re: DNS Names for external services Marcus J. Ranum (Apr 14)
- Re: DNS Names for external services Jens Link (Apr 15)
- Re: DNS Names for external services John Morrison (Apr 14)
- Re: DNS Names for external services Behm, Jeff (Apr 14)
- Re: DNS Names for external services orca Puget (Apr 14)
- Re: DNS Names for external services Peter Bruderer (Apr 14)