BIND Version check
Daniel Norton
danorton at suespammers.org
Tue Jun 20 19:31:31 UTC 2000
On 20 Jun 2000 10:47:35 -0700, Bill Manning <bmanning at ISI.EDU> wrote:
> Actually, revealing the version is a good thing. Hiding the
> version encourages additional probing.
Only if the version number reveals a version that has no vulnerabilities
known to the attacker.
It won't help the type of attack that is aiming for your system, but
hiding the version number can reduce the likelihood of the type of
attack that is looking for *any* system. Both types of attacks need to
be considered when addressing security issues.
> Upgrading to mitagate vulnerabilities is -MUCH- prefered that
> attempting security through obscurity.
No question.
--
Daniel Norton
More information about the bind-users
mailing list