BIND Version reveal.
Matthew_Touw at notes.seagate.com
Matthew_Touw at notes.seagate.com
Thu Jun 3 11:16:04 UTC 1999
Hi,
I read that from some security papers that determination of DNS Version
Number can provide attacker necessary advantage of known security problem.
My DNS is a 8.1.2. How can I mask the version number from being revealing
by user without modifying and recompiling the ns_req.c. ...Maybe I am a bit
greedy, ...just a wish....I want it yet able to tell me which version it is
using a convention method.
I have gone thru cricket's impressive presentation of security and did most
of the things. Is there any other attack I have to look out for 8.1.2 as
well.
Thanks.
Rgds
Matt
More information about the bind-users
mailing list