Security concern
Lordy
bind at lordy.de
Thu May 17 22:35:11 UTC 2001
Hi Alan,
this probably means that the user did something like:
nslookup -q=TXT -class=CHAOS version.bind your.nameserver.com
If you haven't changed the default settings the user now knows that
you are running version 4.9.3-BETA26 and might think about attacking
your nameserver.
For security reasons you should think about putting something like
this into your BIND configuration file:
options {
version { "GO AWAY !" };
};
After this users will not be able to find out which version of BIND you
are running.
Regards,
Lordy
At 23:20 17.05.01 +0100, you wrote:
>Im failry new to bind and so was a little disturbed when i saw the
>following enty in my logs:
>
>/nnn.nnn.nnn.nnn/VERSION.BIND/TXT
>
>from a cable user where nnn is ip
>
>im runnnig veriosn 4.9.3-BETA 26 if that help... i have heard of a worm
>around but can see none of it's effects
>
>Alan Woodalnd
More information about the bind-users
mailing list