Firewall Wizards mailing list archives
Re: DNS Names for external services
From: "Bruce B. Platt" <bruce () ei3 com>
Date: Tue, 13 Apr 2010 17:30:07 -0400
Among other things, Paul said: Snip ... What's a bigger burden, your support costs or your security costs? If your VPN is attackable, because of weak userid-passwords or other flaws, it'll be attacked sooner or later- if you've done your job, then flaws won't be exploitable and the name doesn't matter- if you've done a poor implementation or selection job, then all you're doing by hiding is postponing the inevitable. Paul ... I agree. I also support using non eponymous names. Rather than vpnserver.company.com, something like bart.company.com can be remembered, but does not immediately tell anyone what the machine might do. So a little obscurity may help. Or, make the server as impregnable as possible first, Then give it a name people can remember, then watch to see if people try to bust in or compromise it. Bruce -- This message has been scanned for viruses and dangerous content by MailScanner, and is believed to be clean. _______________________________________________ firewall-wizards mailing list firewall-wizards () listserv icsalabs com https://listserv.icsalabs.com/mailman/listinfo/firewall-wizards
Current thread:
- DNS Names for external services Behm, Jeff (Apr 13)
- Re: DNS Names for external services Paul D. Robertson (Apr 13)
- Re: DNS Names for external services Carson Gaspar (Apr 14)
- Re: DNS Names for external services Bruce B. Platt (Apr 14)
- Re: DNS Names for external services Frank Knobbe (Apr 22)
- Re: DNS Names for external services Morty (Apr 23)
- Re: DNS Names for external services david (Apr 26)
- Re: DNS Names for external services Morty Abzug (Apr 27)
- Re: DNS Names for external services Frank Knobbe (Apr 27)
- Re: DNS Names for external services Paul D. Robertson (Apr 27)
- Re: DNS Names for external services R. DuFresne (Apr 27)
- Re: DNS Names for external services Andre Lima (Apr 26)
- Re: DNS Names for external services Dave Piscitello (Apr 27)
- Re: DNS Names for external services Paul D. Robertson (Apr 13)