Abstract
Domain names were developed to ease the challenges that human beings face in remembering large sets of numbers such as IP addresses. It is therefore common practice to name servers based on the services they provide or the administrative group they belong to. There is however a disadvantage with this practice, asitgivesthesamelevelofinformationtocyberadversariesaboutthe role of servers within an organization s network. This information might be a security threat by itself. This paper investigates the impact that attractive fully qualified domain names (FQDN) might have in making such servers more tar- geted than servers with non-attractive FQDN, and addresses the null hypothe- sis of the author, that the majority of the attacks, do not take into consideration the FQDN. Statistical analysis of the collected data from the virtual honeynet set up for this investigation, shows that the null hypothesis is true, and having attractive FQDN does not have a significant impact on the preferences of cyber adversaries to probe systems within a given organization s network. Further- more, in this thesis, an attempt is being made to identify previously reported offensive source IP addresses and updated trends of the source country for the majority of the malicious instigators are presented.