Re: [Fwbuilder-discussion] Should FW have DNS name?
Brought to you by:
mikehorn
From: <va...@vk...> - 2006-06-09 16:48:24
|
On Jun 9, 2006, at 7:49 AM, Bill Smith wrote: > What I meant was, does it not make it easier for the hacker? > If fqdn is not assign, it takes the hacker longer to hack. > which side of the firewall you are talking about ? Do you mean dns record created for the firewall on the outside or inside your network ? On the outside it is a matter of security by obscurity. It probably makes it a little bit easier for hackers if you make host name scream "firewall", otherwise I do not think it matters. It is more important to control access to the firewall in its policy rules. Simple traceroute will reveal its IP address unless you block traceroute in the policy, besides IP address scans are a common tool anyway. On the other hand, having dns entry for the firewall makes your life as administrator easier. Since the question was posted to fwbuilder-discussion mailing list, I'd like to add that Firewall builder does not rely on the DNS record for the firewall and always connects to it using IP address of the management interface configured in the firewall object. If you are inclined to not add DNS entry for the firewall, you can do it, it will not break built-in installer in Firewall Builder. --vk > Bill > > ted creedon <tcr...@ea...> wrote: > My firewall has a dns name + dhcp address. Works fine. There is a > shell script that Linux runs when the dhcp address changes. > > tedc > > From: fwb...@li... > [mailto:fwb...@li...] On > Behalf Of Bill Smith > Sent: Friday, June 09, 2006 3:43 AM > To: Firewall@SecuriryFocus; fwb...@li... > Subject: [Fwbuilder-discussion] Should FW have DNS name? > > Hi Folks, > > Should FW has DNS name? > If it does, what is the implication? > > Plz comment. > > Bill > __________________________________________________ > Do You Yahoo!? > Tired of spam? Yahoo! Mail has the best spam protection around > http://mail.yahoo.com > _______________________________________________ > Fwbuilder-discussion mailing list > Fwb...@li... > https://lists.sourceforge.net/lists/listinfo/fwbuilder-discussion > > __________________________________________________ > Do You Yahoo!? > Tired of spam? Yahoo! Mail has the best spam protection around > http://mail.yahoo.com > > > > !DSPAM:44898aab151051977126980! > _______________________________________________ > Fwbuilder-discussion mailing list > Fwb...@li... > https://lists.sourceforge.net/lists/listinfo/fwbuilder-discussion > > > !DSPAM:44898aab151051977126980! |