How to prevent bind from divulging its version
Paul Jacobs
paul at netpacq.com
Fri Jun 29 18:28:54 UTC 2001
Ok... then what Version of bind am I running....?
At 06:04 PM 6/28/2001, you wrote:
> I will repeat this:
>
> There is no way, other than not answering any queries, that
> you can prevent named from reveling its version. It is
> simply to easy to finger print a nameserver.
>
> If you think changing what is returned in a version query
> does this then you are kidding yourself.
>
> Mark
>
> >
> > In /etc/named.conf under the "options" area place the below...:
> >
> > // Return a bogus response to miscreants
> > // who query for our BIND version. Do not
> > // use this trick if you are going to use
> > // the view trick detailed below.
> > version "Off with your head!";
> >
> >
> > At 08:39 PM 6/27/2001, you wrote:
> > >Hi,
> > >
> > >Is there any method of preventing bind from divulging its version?
> > >
> > >many thanks!
> > >kshong
> >
> > Best regards,
> > Paul Jacobs /Senior Network Eng.
> > NETPACQ Systems, Inc.
> > "Full Service Web Media"
> > http://www.netpacq.com
> > mailto:paul at netpacq.com
> >
> >
> >
> >
> >
>--
>Mark Andrews, Nominum Inc.
>1 Seymour St., Dundas Valley, NSW 2117, Australia
>PHONE: +61 2 9871 4742 INTERNET: Mark.Andrews at nominum.com
Best regards,
Paul Jacobs /Senior Network Eng.
NETPACQ Systems, Inc.
"Full Service Web Media"
http://www.netpacq.com
mailto:paul at netpacq.com
More information about the bind-users
mailing list