BIND Version check
Daniel Norton
danorton at suespammers.org
Tue Jun 20 15:27:34 UTC 2000
By revealing the version number, you also reveal the set of
vulnerabilities of the server. If your server is visible to the
Internet, you should disable this reporting by adding these lines to
your named.conf file (without the =====):
=====
zone "bind" chaos {
type master ;
file "primary/bind";
allow-query {
localhost ;
} ;
allow-transfer {
none;
} ;
};
=====
and create a file (/var/named/) primary/bind:
=====
$ORIGIN bind.
@ 1D CHAOS SOA localhost. root.localhost. (
1 ; serial
3H ; refresh
1H ; retry
1W ; expiry
1D ) ; minimum
CHAOS NS localhost.
=====
--
Daniel Norton
More information about the bind-users
mailing list