Firewall Wizards mailing list archives
Re: DNS Names for external services
From: "Marcus J. Ranum" <mjr () ranum com>
Date: Wed, 14 Apr 2010 12:57:06 -0500
Just curious, what is your opinions of the security vs. ease of use trade-offs on putting DNS entries in (vs. making people know/use an IP address) for services you expose to the Internet.
I guess the question is "what are you trying to accomplish?" If the premise is that it'll slow down a skilled attacker, I think it's false, because once a penetration has been accomplished you can map a network using netstat and tcpdup, and dns names won't really make any difference in that process. mjr. -- Marcus J. Ranum CSO, Tenable Network Security, Inc. http://www.tenablesecurity.com _______________________________________________ firewall-wizards mailing list firewall-wizards () listserv icsalabs com https://listserv.icsalabs.com/mailman/listinfo/firewall-wizards
Current thread:
- Re: DNS Names for external services, (continued)
- Re: DNS Names for external services Andre Lima (Apr 26)
- Re: DNS Names for external services Dave Piscitello (Apr 27)
- Re: DNS Names for external services Paul Melson (Apr 14)
- Re: DNS Names for external services Dave Piscitello (Apr 22)
- Re: DNS Names for external services Paul Melson (Apr 22)
- Re: DNS Names for external services Dave Piscitello (Apr 22)
- Re: DNS Names for external services Henri Salo (Apr 14)
- Re: DNS Names for external services Kent Crispin (Apr 14)
- Re: DNS Names for external services Jim Seymour (Apr 14)
- Re: DNS Names for external services John Morrison (Apr 14)
- Re: DNS Names for external services kent (Apr 15)
- Re: DNS Names for external services Marcus J. Ranum (Apr 14)
- Re: DNS Names for external services Jens Link (Apr 15)
- Re: DNS Names for external services John Morrison (Apr 14)
- Re: DNS Names for external services Behm, Jeff (Apr 14)
- Re: DNS Names for external services orca Puget (Apr 14)
- Re: DNS Names for external services Peter Bruderer (Apr 14)