BIND Version check
Daniel Norton
danorton at suespammers.org
Tue Jun 20 19:27:52 UTC 2000
On 20 Jun 2000 10:47:57 -0700, Michael Bryan <bind at ursine.com> wrote:
>But that being said, hiding the version number does very little to
>protect you, as it's another form of Security By Obscurity, and does
>not address any real security issues that might exist in BIND.
It can, however, reduce your chances of being a target of an attacker
searching for a victim.
>I would place much more importance on keeping BIND up to date,
So would I.
>Hiding your version
>number might slow down a stupid or lazy hacker, but won't even make
>a good one blink --- if they're interested in your system, they'll
>just run a suite of exploits against your server no matter what
>version it reports.
But hiding the version number can reduce the *interest* in your system.
It won't help the type of attack that is aiming for your system, but it
can reduce the likelihood of the type of attack that is looking for
*any* system. Both types of attacked need to be considered when
addressing security issues.
--
Daniel Norton
More information about the bind-users
mailing list