Information Security
network documents
Updated Sun, 28 Aug 2022 14:01:19 GMT

Would publishing a network diagram make the network less secure?


I have found some social networking sites that focus on sharing architecture (network maps and diagrams) and configuration.

Does sharing this type of information decrease the security of my network?

Examples:

The idea of setting this site up was not to make it possible for people to vote on the "look" of a network diagram. The purpose of this site is to allow people to learn about computer networking and network documentation by seeing what other people have done with their networks

or this site:

Network Documentation .com provides free online resources and tools to network professionals regarding network documenting, diagramming, and management.

or this social network site:

Make a flow chart, org chart, mind map, network diagram, UML diagram, wireframe and other drawings online with Lucidchart's free flow chart creator and ...




Solution

If I am attacking a network, having a map helps me target my attack, avoiding possible sensors, honeypots etc and aiming at high value targets or sources of information.

This can speed up an attack immensely, reducing the defender's chance of preventing it.

In summary, yes this is a security risk!

Update:

To reduce risk, some steps you can take are:

  • remove addresses, function titles etc
  • only include sections of the network
  • post under an anonymous profile
  • include fake network sections




Comments (1)

  • +0 – 1- is there any way to publish our maps with fake profile? that no one can know me? 2- if you decide to publish your network , which elements of your map is more secure and should delete or modify them before publish? — Dec 04, 2012 at 08:46