When you’re setting up any kind of server, it can be tempting to give the machine a functional or descriptive name. However, for security purposes it often makes sense to be more obtuse.
I was reminded of this while checking out a reader review on Gizmodo for the Synology DiskStation DS415play NAS. Brett Ironomger, who won one of the devices, highlights the importance of picking the right naming strategy:
The DS415play defaults to calling itself “Diskstation” — I decided to call it “Splodge” for no other reason than everything on my network has strange names. This makes it easier to hide the real purpose of a device whilst still making it recognisable to me.
Using an unusual name isn’t a substitute for decent security, of course, but it’s a simple extra layer — and a variant on the popular trick of giving your Wi-Fi network an amusing or discouraging name.
Comments
14 responses to “Why You Should Give Your Servers Strange Names”
Never seen the point of this.
If someone’s on your network, whether a machine is called “Fred” or “AllTheEmployeeRecords” makes no difference to an attacker after your files.
Better advice would be to not name a machine/device after a location, company name etc. Those change all the time and it’s annoying for your IT man to try and find out that a printer named “Next to Fred’s desk” is nothing of the sort as Fred left many years ago. And that was 2 office moves ago anyway.
And to add, a user or family member etc is (perhaps – they do strange things) less likely to accidentally CTRL+A, SHIFT+DEL a load of folders from a location displayed at SERVER01 than one shown as something like, for example, HOOPLA.
“Using an unusual name isn’t a substitute for decent security, of course”
but its a simply extra layer … to make your life a lot harder and slower for no real gain.
thumbs up.
How about just call your servers interesting names because they’re fun. Who cares why, just don’t be a boring sod. My servers used to all have 80’s arcade game names, which had vague references to their utility, these days it’s pop culture references. However at work a new manager decided everything had to be named in an orderly and boring fashion and now no one ever knows what server they’re talking about, they lost all personality.
I used to give my devices strange names, then I got sick of thinking of strange names or coming to be embarrassed by old crap I came up with years ago. I now name everything mainuser_device, so my laptop is dknigs_helix, stuff like that. Makes it way easier to identify on a network also.
its a admin thing, build of BBS
I used to work at a high school. We were forced to change the file server and print server names (arachnophobia and apocalypse) to generic names because someone didn’t see the humor in forcing teachers to spell big words.
I tend to name mine in themes. Right now, mine are named after different types of fruits, depending on the user’s favourite.
This has to be the biggest load of bull I’ve read on the internet in the last 24 hours.
Fine for home or SMB environments, but doesn’t scale at all once you start getting multiple servers of the same “type”.
And the security argument is complete bunk.
I think every university in the world had a server series named after planets and moons… but I could never find Uranus at my university (maybe it was hidden – that must of been very good security)
The servers where I had my first “real” job were all named for different types of alcohol.
My naming convention used to be planets, but I think I just couldn’t be bothered with that…I still call Raspberry Pi’s “pluto” though!
I’ve found this to be a huge problem after taking on a client that had arbitrary names for their servers.
While obscurity may help with security, it makes scaling harder, and it takes longer to find which bear (Polar, Grizzly, Teddy) is supposed to be the Domain Controller, making support take longer than necessary.
We used Simpsons characters names eg NELSON, WIGGUM, KRUSTY, until the new manager came in and wanted AUSCOPRDAPPS01…. hmm… my tongue bleeds…
Giving your server or PC a strange hostname, may not make it more secure but it sure would confuse some average or non technical minded user.
For someone like myself, it would not make much of a difference from a security point of view, cause I could do OS fingerprint scanning, or run a scanner against the host to figure, what services it maybe hosting.
There other techniques that, I could use to find out more about that system…