[4348] in WWW Security List Archive
Re: Access Logfile Question
daemon@ATHENA.MIT.EDU (Anton J Aylward)
Tue Feb 11 11:36:38 1997
Date: Tue, 11 Feb 1997 09:12:32 -0500
To: Paul Flores <pflores@phoenix.net>, David Murray <dmurray@pdssoftware.com>
From: Anton J Aylward <anton@the-wire.com>
Cc: Anton J Aylward <anton@the-wire.com>, www-security@ns2.rutgers.edu,
firewalls@greatcircle.com
Errors-To: owner-www-security@ns2.rutgers.edu
At 03:40 PM 10/02/97 -0600, Paul Flores wrote:
>On Mon, 10 Feb 1997, David Murray wrote:
>
>> I can't remember where I saw it, but I recently read an
>> interesting article about mis-uses of DNS. Several backbone
>> organizations put such detail into their host (and gateway and
>> router) names, that using nslookup, it possible to physically map
>> their network. Not many companies are willing to publish such vital
>> corporate information, yet this is a perfectly reasonable and
>> accepted policy for DNS. Personally, I don't feel the need to
>> publish host names for every PC we have connected to the Internet.
>> Is this wrong? I don't know. Can I ftp to uunet? No, but there are
>> other mirrors with the same information. While reverse lookup may be
>> reasonable, its not common.
>>
>
>What is wrong with setting the reverse DNS to = the IP address? No
information
>is given out then, and you still have access to everything.
>
>Paul
>
> "Show me an Ethernet collision and I'll show you a network that
>could do with one user fewer" --BOFH
Nothing.
But from a security point of view, you are disclosing that you have all
those PCs and other internal machines. Any one of them may be poorly
configured or running vulnerable software.
A firewall with a plug-in interface presents just one IP address
to the Internet. With suitable split DNS (see earlier posting and any
standard text on firewalls) you are not disclosing any information about
the internals of your network.
--------------------------------------------------------------------------
Anton J Aylward | Security is not something that comes in
The Strahn & Strachan Group Inc | a self-contained box. It is an attribute
Information Security Consultants | of how you do business and as such
Voice: (416) 494-8661 | needs to be managed carefully.
Fax: (416) 494-8803 | - Karen Goertzel, Wang Federal Inc.
