BIND version

[Adam Lang]

Well, if you are worried about security, I wouldn't run that version in
production.  "a" does stand for alpha...

There is a difference between the "latest" production release and the
"latest" development release.

Adam Lang
Systems Engineer
Rutgers Casualty Insurance Company
http://www.rutgersinsurance.com
----- Original Message -----
From: "alexus" <ml at db.nexgen.com>
To: <Mark.Andrews at nominum.com>
Cc: <bind9-users at isc.org>; <bind-users at isc.org>
Sent: Tuesday, June 12, 2001 9:21 PM
Subject: Re: BIND version


>
> how is it possible to fingerprint a nameserver? can i protect my ns
against
> that?
>
> and which security lists are you talking about? where are those lists? i'm
> trying to keep my up to date i'm using 9.2.0a2 .. pretty much "the"
> latests;) (just came out)
>
> ----- Original Message -----
> From: <Mark.Andrews at nominum.com>
> To: "alexus" <ml at db.nexgen.com>
> Cc: <bind9-users at isc.org>; <bind-users at isc.org>
> Sent: Tuesday, June 12, 2001 7:53 PM
> Subject: Re: BIND version
>
>
> >
> > >
> > > Hello
> > >
> > > I'd like to know how is it possible to see a remote version of bind
and
> how
> > > can i protect my bind from that? I don't want to other people to
> exploring
> > > which version of bind do I have..
> > >
> > > Thank you in advance.
> > >
> > >
> >
> > Plenty of people will tell you how to do this but it is
> > pointless as it does not raise security.  It's quite possible
> > to fingerprint a nameserver and kiddy scripts will try the
> > attacks anyway.
> >
> > The best way to raise security is to follow the security
> > lists and keep up to date.
> >
> > Mark
> > --
> > Mark Andrews, Nominum Inc.
> > 1 Seymour St., Dundas Valley, NSW 2117, Australia
> > PHONE: +61 2 9871 4742                 INTERNET:
Mark.Andrews at nominum.com
> >
>