bindvrs Vulnerability

Lightner, Jeff jlightner at water.com
Tue Jan 12 16:03:42 UTC 2010 

Sometimes you have to do things like hiding your version just because it
came up on the security audit.  It's a lot easier to make them shut up
by doing what they want than by explaining to them that what they want
is meaningless.

-----Original Message-----
From: bind-users-bounces+jlightner=water.com at lists.isc.org
[mailto:bind-users-bounces+jlightner=water.com at lists.isc.org] On Behalf
Of Kevin Darcy
Sent: Tuesday, January 12, 2010 10:52 AM
To: bind-users at lists.isc.org
Subject: Re: bindvrs Vulnerability

Hiding your version accomplishes little.

a) attackers can using "fingerprinting" technology to determine your 
BIND version even if you obscure it
b) attackers can just brute force all of the known attacks in the hopes 
that you're vulnerable to at least one of them

The real solution is to upgrade to a version that's not vulnerable.

 

                                       - Kevin
Balanagaraju Munukutla wrote:
>
> Hi
>
> How to Disable the BIND version query feature in BIND 9.2.1.
>
> This is a bindvrs Vulnerability.
>
> Thanks & Regards
> Nagaraj
>
------------------------------------------------------------------------
>
> _______________________________________________
> bind-users mailing list
> bind-users at lists.isc.org
> https://lists.isc.org/mailman/listinfo/bind-users

_______________________________________________
bind-users mailing list
bind-users at lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users
 
Proud partner. Susan G. Komen for the Cure.
 
Please consider our environment before printing this e-mail or attachments.
----------------------------------
CONFIDENTIALITY NOTICE: This e-mail may contain privileged or confidential information and is for the sole use of the intended recipient(s). If you are not the intended recipient, any disclosure, copying, distribution, or use of the contents of this information is prohibited and may be unlawful. If you have received this electronic transmission in error, please reply immediately to the sender that you have received the message in error, and delete it. Thank you.
----------------------------------

More information about the bind-users mailing list