BIND Version check
Daniel Norton
danorton at suespammers.org
Thu Jun 22 01:48:03 UTC 2000
On 20 Jun 2000 17:29:04 -0700, "Tony Grace" <tony at grace.net.au> wrote:
>CERT
>and in Australia AUSCERT have security papers with recommendations on hiding
>BIND version numbers.
Here's another bennie: I just now caught a hacker, thanks to
"allow-query { localhost ;}" on "version.named". Of course, he was
coming in from a freshly hacked system, so I don't know originally
whence he came, but he stopped using that system to hack others, anyway.
He was doing precisely what I expected a hacker might do, by looking at
version.named.
--
Daniel Norton
More information about the bind-users
mailing list