BIND Version check

Daniel Norton danorton at suespammers.org
Tue Jun 20 19:24:13 UTC 2000


On 20 Jun 2000 09:56:41 -0700, "David R. Conrad"
<David.Conrad at nominum.com> wrote:
>You should upgrade to a version of BIND that does not have the
>vulnerabilities.  Hiding the version information is simply a very poor form of
>security through obscurity and would not deter any attacker with half a clue.

Upgrading to the latest works fine until vulnerabilities for that
version are known.  Once the vulnerabilities are known, there is a open
window until you fix them.  Don't allow the window by not allowing the
version of your server to be known.

--
Daniel Norton



More information about the bind-users mailing list