August 30th, 2005, 07:16 AM
What do you prefer To use as a naming scheme for your network?
Figured my 1st post should be a valid one. Im Kind of an ameteur in the networking area, but im studying at sait for my ccna and security certs, and i hope to rapidly progress.
Now, ive been reading a few security books, and one inpaticular brought up an interesting point about naming network resources. on one hand, making the names of computers Easy (such as server1, email1 etc...) helps with troubleshooting and network traffic analasys, but it also helps potential threats find their way easier.
On the other hand making the network resources anonymous can be difficult for the network admin, and thus you're told to find a balance.
To me, one of the best ways to do it is by room numbers. This way, you know which room the erros could be comming from, while at the same time have some anonymity on your network. internal sources could mess you over, but it seems like a good overall idea to me.
August 30th, 2005, 07:47 AM
Personally, I pick themes for networks based on authors. (Males are workstations females are servers... why? Because most engineers are sexless males and have an eaiser time remembering women's names. As such they remember their own desktop and several servers easily.)
For examples, one segement is Shakespeare and the systems are named:
Juliet, Ophelia, Desdemona, Cleopatra, Kate, etc for servers and Romeo, Hamlet, Othello, Antony, Petruchio, etc.
Within a cluster (which may have a single network name) the different systems go on a more singular theme like money (dollar, pound, euro, yen, rupee, etc), communist leaders (Lenin, Stalin, Mao, Castro, etc), or even 60's beat poets like the UGCS department of CalTech uses.
This way you have a naming system that is easy for people to build memory tricks around, while being clearer to document than "mail_server1, ..., mail_server9, etc" and doesn't automatically reveal the architecture to an outsider... all while maintaining some logical flow. (once you know the rules)
August 30th, 2005, 07:52 AM
Greek, Roman gods, ancient mapmakers, etc. We even did Seinfeld characters once.
Mankind have a great aversion to intellectual labor; but even supposing knowledge to be easily attainable, more people would be content to be ignorant than would take even a little trouble to acquire it.
- Samuel Johnson
August 30th, 2005, 08:13 AM
LOTR and Harry potter characters seem to be popular atm..
The use of numbers (server1, server2, etc) is not the way to go IMHO !
It doesn't make it easier..
Also naming stuff something you can easilly link in your mind is good.. Cow, Pig, Chicken.. (for example) or Apple, Orange, Plum..
ASCII stupid question, get a stupid ANSI.
When in Russia, pet a PETSCII.
Get your ass over to SLAYRadio
the best station for C64 Remixes !
August 30th, 2005, 08:30 AM
I did one with Disney characters - One segment (the largest client) had 7 servers named for the 7 dwarves, another had 2 named Bambi and Thumper...
Even a broken watch is correct twice a day.
Which coder said that nobody could outcode Microsoft in their own OS? Write a bit and make a fortune!
August 30th, 2005, 08:37 AM
We have workstations with OS first then a random numerical string.
Servers are named with an abbreviation of the location, an abbreviated function and then a number if needed. i.e. London exchange server2 would be LonEx02.
Firewalls are named after greek gods.
Whatever sticks in your head I suppose.
August 30th, 2005, 08:48 AM
Yeah...Themes seem to be popular in networking names...
I've had a firm that uses names of trees ... it was very challenging at first to find the correct server... asking the local admin ... where can I find the "Maple" or "Conifer" ...how about the mighty "Oak" used for a cluster ... the routers and firewalls were named with animal names like Cheeta and Chipmunk ... the guy that designed this network sure had fun .
I to think that just naming servers and other apparel Server1 etc.. isn't the right way to go.
Back when I was a boy, we carved our own IC's out of wood.
August 30th, 2005, 09:35 AM
Or if it's a very small network, use the names of chesspieces. My dad used the names pawn, rook, knight, bishop and queen for the systems that he has in his network. The name also was related to the power of these systems too. The webserver is queen, his main computer is rook. Two other systems for testing were called knight and bishop and a small laptop was called pawn. The scheme thus also indicated the importance of his system.
And I've asked him when he would have a computer called king but he replied there already was a king. He was the king because without him, game over. It is an interesting way to give names according to their importance.
August 30th, 2005, 10:02 AM
One disadvantage to using a thematic naming schemes is it doesn't scale very well. It might work in the early stages of your network, but as time goes on you may run out of names. Also if you have multiple sites in your network it can be hard to determine where the server is located.
The scheme I have a preference for is one that allows you to determine the location, room and type of server (bearing in mind, this would depend upon the security requirements of your network - it may be inappropriate to contain that much detail). This allows you to come up with a scheme like:
Which can break down into:
DEN = Denver
101 = Room 101
PS = Print Server
Whichever way you go, you need to ensure you document your naming scheme and ensure all the techs follow it. Confusion will reign if you have a mixture of systems with no documentation.
Hope this helps
August 30th, 2005, 11:23 AM
Although I mentioned that using named systems will not automatically reveal the architecture of the network to an outsider. I do not think this is a relevant security point. Clearly the system will be examined before an attack is launched and by that point the attacker will know what the system does regardless of its name.
Pick thematic names for simplicity ("dick" and "jane" vs "ERP Server 6" and "ERP Server 9" or worse names like "Primary ERP Server 6/Back-up Email Server 2/Back-up Webserver 2") and not for security.