BIND Version check

Bill Moseley moseley at hank.org
Tue Jun 20 20:36:12 UTC 2000


At 06:46 PM 06/20/00 GMT, Barry Margolin wrote:
>I think his theory is that if you give out your version, and the hacker
>detects that it's one with no known vulnerabilities, he'll leave you
>alone.  But if you don't give out your version, he'll just try all the
>named attacks he knows, in case you're vulnerable to any of them.

It's probably hard to second guess how a hacker will operate.  "Good"
hackers are the ones that can't be second guessed...

Anyway, more on topic, I'm unclear how to enable version.bind on my setup.  

Again I use allow-query globally to provide access only to my own network,
and then in specific zone files I do an allow-query{ all; };

What I'm not clear on is how to also allow version access to the outside
with this setup.

Thanks,

Bill Moseley
mailto:moseley at hank.org



More information about the bind-users mailing list