How to prevent bind from divulging its version
Mark.Andrews at nominum.com
Mark.Andrews at nominum.com
Fri Jun 29 01:04:41 UTC 2001
I will repeat this:
There is no way, other than not answering any queries, that
you can prevent named from reveling its version. It is
simply to easy to finger print a nameserver.
If you think changing what is returned in a version query
does this then you are kidding yourself.
Mark
>
> In /etc/named.conf under the "options" area place the below...:
>
> // Return a bogus response to miscreants
> // who query for our BIND version. Do not
> // use this trick if you are going to use
> // the view trick detailed below.
> version "Off with your head!";
>
>
> At 08:39 PM 6/27/2001, you wrote:
> >Hi,
> >
> >Is there any method of preventing bind from divulging its version?
> >
> >many thanks!
> >kshong
>
> Best regards,
> Paul Jacobs /Senior Network Eng.
> NETPACQ Systems, Inc.
> "Full Service Web Media"
> http://www.netpacq.com
> mailto:paul at netpacq.com
>
>
>
>
>
--
Mark Andrews, Nominum Inc.
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742 INTERNET: Mark.Andrews at nominum.com
More information about the bind-users
mailing list