if you are banking on that as your security strong point i certainly hope you don’t work for HSBC…
i like the porn star idea. maybe just last names of them so it would be a subtle joke type thing.`i cant wait to get the support call like:
“Can you come take a look at this? JennaJamison keeps going down”
Never said I was, but hey, I can make shit up to. Try best practices? For something so insanely simple to do, even as a mediocre security step, would it be worth not doing? We’re talking about WHY people use various names for servers. Put it this way, you have 500 servers in the network that someone sitting at home wants to poke around in, and only one of these servers has what they are looking for. These servers are not physically located in the same network, so to even attempt to breach one of them, they have to some legwork to do. This takes time.
Hand them over the exact server they are looking for. Bingo.
Force them to attempt to breach every single one by means of trial and error, and it will increase the likely hood of them being caught by some means of activity or security threat picked up by a firewall, IPS/IDS, AAA server, or the alike.
All because of a simple name.
Think of it as robbing a bank for a diamond. Give them the location, and they can go in and try to rob it. Withhold its location, and they have many more banks to break in to. Are they more likely to get caught going in to just one location, or many others?
P.S. It is my notion that if you have to guess the role of a server on a network, you probably have no business being on it
:loopie: <~~~ Happydance
I’m sure this is a moot point and you can just relabel the drives…
However wouldn’t servers with obviously stupid naming conventions be notoriously amateurish in appearance when it comes to setting up shared drives on users computers?
//jennajameson/app$
etc.
when you map a drive on a windows machine, it says “[Folder Name] on [Server Path]” If you wanted to make things more professional looking, you could probably CNAME them. But at that point, you might as well just use the right name from the start rather than complicating the system just so you can type in stupiduser@budweiser to feel all cool and geeky.
you should hear 1/2 the security policies that some companies i deal with have. one companys ideas of network security is not running dhcp… anyone with networking knowledge can easily sniff traffic and pickup the ip scheme
We don’t use dhcp here and it pisses me off. Users will move computers and not tell us, then when I need to find a system that’s spewing out crap, I have no idea where it is now.
Srsly My idea is the best.
BAH the fucking wetback is down again… NOOOOOOO NOT MY gook too!! NOOO where is my %#$%@ He’s stealing all the power…
oh man… the scenarios that could ensue
lol… dunno, its pretty simple to make them useful names without making things easier to attack.
regardless, name them completely random shit if you must but naming shit after gay things as I previously mentioned is… you guessed it, gay.
racial slurs would certainly be a step up :tup:
lol, thats UB for ya… for such an extensive network they have a lot of really dumb departments
20 work stations and 5 servers. workstations are always on and always in use as its a 24/7 operation. simply dumb terminals that only run one program
why dont you implement a port based authentication method. its pretty useful. some office we had the same issues with users moving around and not knowing where stuff was. they turned off ports and only allows one mac adress per port. it was a ok solution but caused a lot of issues and leg work.
802.1x you cna track users per port and see what they are even doing.
I just use ex presidents names, the most recent one I did was abe lincoln.
When I took over IT at the company I used to work at, the previous yahoo had named everything with star wars themes. It drove me absolutely up the wall, and I still curse her to this very day. 18 servers, 204 workstations, 6 offices, every one of them with some geek name - and no documentation on anything. At all. Period. If she hadn’t stored the passwords on post-its under the keyboards, I’d have been doing the sam shuffle like whoa.
W2K-PDC
W2K3-XCHG
LNX-APCHE
SLRS-TBASE
Those are names I can live with.
see: “UB Sucks”
?
Ya we are trying to avoid that. Its myself and a friend doing this setup and just looking for a creative name cycle. We wired the datacenter and looking for a type of naming scheme for the servers and one for the workstations. If they went together somehow that would be great. We also map out where we put all the servers in the datacenters and where we put the workstations so someone in the future can at least figure out where stuff is.
I work at UB and have no control over most of the policies that are implemented. The people that do tend to have their heads up their asses.
Why don’t you use some sort of asset management software software or database…
Well what do you expect. I’ve been trying to get a good deal of things changed where i am… I basically gave up on it.
haha oh ok. i know what you mean. ub was fun to work at with the people in my department but its the same politics as a big corporation.
we wrote our own indexing software for cabling, ports, and network hardware that we use to manage where everything is. after we do an install we give the customer a map of the hardware and connections for reference.
I am against using locations in host names for computers…things always get shifted around…
Using clientXXX for host names along with a spreadsheet or something else to keep track seems to work well…If you get the customer in the habit of updating.