not revealing version number at all
Cricket Liu
cricket at nxdomain.com
Wed Jul 18 16:15:06 UTC 2001
> I know that one can set the option "version" to make the version number of
> your server that is returned by dig something ludicrous. I recently came
> across a server that does not give a version number at all -- the status
is
> "REFUSED". I don't see in the doc a way to not respond to a version query
at
> all. I have two questions for the collective: do people think this is a
good
> idea or not, and secondly how is this done (since I do not find it in the
> doc). Thanks.
You could use the old technique of setting up
CHAOSNET "bind" zone and use allow-query to prevent
folks from querying it, e.g.,
zone "bind" ch {
type master;
file "db.bind";
allow-query { none; };
};
db.bind would just need an SOA record and an NS record.
cricket
More information about the bind-users
mailing list