BIND Version check
Daniel Norton
danorton at suespammers.org
Tue Jun 20 19:24:13 UTC 2000
On 20 Jun 2000 09:56:41 -0700, "David R. Conrad"
<David.Conrad at nominum.com> wrote:
>You should upgrade to a version of BIND that does not have the
>vulnerabilities. Hiding the version information is simply a very poor form of
>security through obscurity and would not deter any attacker with half a clue.
Upgrading to the latest works fine until vulnerabilities for that
version are known. Once the vulnerabilities are known, there is a open
window until you fix them. Don't allow the window by not allowing the
version of your server to be known.
--
Daniel Norton
More information about the bind-users
mailing list