Reasons why BIND isn't being upgraded
Patrick Greenwell
patrick at cybernothing.org
Fri Feb 2 16:48:42 UTC 2001
On 1 Feb 2001, Paul Vixie wrote:
>
> Simon at wretched.demon.co.uk (Simon Waters) writes:
>
> > The ISC.ORG web site recommends leaving the BIND version string
> > unchanged to assist in troubleshooting.
> >
> > I remain unconvinced that showing the version string helps much.
>
> it helped you with your survey, didn't it?
>
> hiding it doesn't help at all. people who want to know if you're vulnerable
> and to what have tools to find out.
>
> hiding it DOES however make it harder for people (including network owners)
> to do surveys.
By the same token one might argue that atempting to hide vunerabilities
to those paying you for "early warnings" doesn't help at all.
Just something to consider.
More information about the NANOG
mailing list