Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Firewalls
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: [Fwbuilder-discussion] Should FW have DNS name?

from [Vadim Kurland â] Network Security [Permanent Link]
Subject: Re: [Fwbuilder-discussion] Should FW have DNS name?
Date: Fri, 9 Jun 2006 09:48:17 -0700 

On Jun 9, 2006, at 7:49 AM, Bill Smith wrote:

What I meant was, does it not make it easier for the hacker?
If fqdn is not assign, it takes the hacker longer to hack.


which side of the firewall you are talking about ? Do you mean dns record created for the firewall on the outside or inside your network ?

On the outside it is a matter of security by obscurity. It probably makes it a little bit easier for hackers if you make host name scream "firewall", otherwise I do not think it matters. It is more important to control access to the firewall in its policy rules. Simple traceroute will reveal its IP address unless you block traceroute in the policy, besides IP address scans are a common tool anyway. On the other hand, having dns entry for the firewall makes your life as administrator easier.

Since the question was posted to fwbuilder-discussion mailing list, I'd like to add that Firewall builder does not rely on the DNS record for the firewall and always connects to it using IP address of the management interface configured in the firewall object. If you are inclined to not add DNS entry for the firewall, you can do it, it will not break built-in installer in Firewall Builder.

--vk


Bill

ted creedon <tcreedon@easystreet.com> wrote:
My firewall has a dns name + dhcp address. Works fine. There is a shell script that Linux runs when the dhcp address changes.

tedc

From: fwbuilder-discussion-bounces@lists.sourceforge.net [mailto:fwbuilder-discussion-bounces@lists.sourceforge.net] On Behalf Of Bill Smith
Sent: Friday, June 09, 2006 3:43 AM
To: Firewall@SecuriryFocus; fwbuilder-discussion@lists.sourceforge.net
Subject: [Fwbuilder-discussion] Should FW have DNS name?

Hi Folks,

Should FW has DNS name?
If it does, what is the implication?

Plz comment.

Bill
 __________________________________________________
Do You Yahoo!?
Tired of spam? Yahoo! Mail has the best spam protection around
http://mail.yahoo.com
_______________________________________________
Fwbuilder-discussion mailing list
Fwbuilder-discussion@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/fwbuilder-discussion

__________________________________________________
Do You Yahoo!?
Tired of spam? Yahoo! Mail has the best spam protection around
http://mail.yahoo.com



!DSPAM:44898aab151051977126980!
_______________________________________________
Fwbuilder-discussion mailing list
Fwbuilder-discussion@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/fwbuilder-discussion


!DSPAM:44898aab151051977126980!

[More with this subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  RE: Should FW have DNS name?, Mark Drucker
Next by Date:  RE: [Fwbuilder-discussion] Should FW have DNS name?, ted creedon
Previous by Thread:  Re: [Fwbuilder-discussion] Should FW have DNS name?, Bill Smith
Next by Thread:  RE: [Fwbuilder-discussion] Should FW have DNS name?, ted creedon
Indexes:  [Date] [Thread] [Top] [All Lists]