Is it possible to show bogus version number in BIND
Michael Kjorling
michael at kjorling.com
Wed May 1 20:39:34 UTC 2002
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
On May 1 2002 11:56 -0700, Chris Villemez wrote:
> I believe you can just comment out the version info code before you compile
> the source. It's located in bin/named/ns_req.c in the tarball (but you can
> just search for the 'VERSION' string):
>
> if (class == ns_c_chaos && type == ns_t_txt &&
> ns_samename(dnbuf, "VERSION.BIND") == 1 &&
> server_options->version != NULL &&
> server_options->version[0] != '\0')
> return (add_bind(hp, cpp, msg, msglenp,
> "VERSION", server_options->version));
>
> (This was from Bind version 8.3.1).
>
> If you comment this out before building Bind, it should prevent version
> information from being passed back to the requester when the requester
> issues a DNS version number check. Someone correct me if I'm wrong, but
> this is what I remember doing before. Hope this helps.
>
> -Christopher Villemez
Or, you can just add:
version "";
to the options section of your named.conf. This will make the check at
line 4 in the if() statement fail (an empty string has a \0 at the
first position, or string[0]) and thus the entire if() statement will
never be satisfied.
The upside of this is that you don't have to patch the BIND source
code.
Michael Kjörling
- --
Michael Kjörling -- Programmer/Network administrator ^..^
Internet: michael at kjorling.com -- FidoNet: 2:204/254.4 \/
PGP: 95f1 074d 336d f8f0 f297 6a5b 2aa3 7bfd 8a70 e33e
``And indeed people sometimes speak of man's "bestial" cruelty, but
this is very unfair and insulting to the beasts: a beast can never be
so cruel as a man, so ingeniously, so artistically cruel.''
(Ivan Karamazov, in Dostoyevsky's 'The Brothers Karamazov')
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.6 (GNU/Linux)
Comment: Public key is at http://michael.kjorling.com/contact/pgp.html
iD8DBQE80FKIKqN7/Ypw4z4RAsKDAJ9vnyRocTGxgL9p9gaAdY5qGpodYwCeIZHK
25yDsVzWuyi/PbBIrh0yyD8=
=zqOH
-----END PGP SIGNATURE-----
More information about the bind-users
mailing list