Blocking version information
Pete Ehlke
pde at rfc822.net
Sat Jun 18 13:15:48 UTC 2005
On Fri Jun 17, 2005 at 16:51:04 -0700, James Philpott wrote:
>
>There should be no problems associated with hiding the version
>information on your DNS server in BIND 9 or BIND 8 by the use of the
>global options statement "version". Version is a widely obfuscated by
>the use of the this option when an administrator does not want the world
>or their internal users to be able to see the version of BIND is being
>used.
>
Changing the string reported via the version statement- or changing it
in the source- does little to nothing to keep world+dog from discovering
what name server you are running. People do this, thinking they are
'hiding' their version. They are wrong.
-Pete
More information about the bind-users
mailing list