sorry to ruin several of your evenings...
bmanning at vacation.karoshi.com
bmanning at vacation.karoshi.com
Tue Jan 30 21:32:24 UTC 2001
lets see... (from previous discussions on the usefullness of tweeking
the version)
wearing my blackhat, i have to decide which system is worthty
of my talents... which one should I pick?
version "bad-ass-bind";
-or-
version "9.1.0"
of course I could be running 4.8.1 and simply recompile so it _reports_
a bogus version but the profile of a 9.1.0 code base is -very- distinct
from a 4.8.1 code base... esp on replies to queries.
Pick your targets carefully.
> Why not jus return some 'bogus' version ??? like this option allows:
>
> version "bad-ass-bind";
>
> :)
>
> --Chris
>
> #######################################################
> ## UUNET Technologies, Inc. ##
> ## Manager ##
> ## Customer Router Security Engineering Team ##
> ## (W)703-289-8479 (C)703-283-3734 ##
> #######################################################
>
> On Tue, 30 Jan 2001, Stephen Stuart wrote:
>
> >
> > > While it's not exactly a problem, it does give away that you're running
> > > bind9 (I do like the new 'version' option where you can set the
> > > version.bind reply) even if you change the version to appear to be a bind8
> > > server.
> >
> > "allow-query" lets you control who can see that information:
> >
> > zone "bind" chaos {
> > allow-query {
> > 127.0.0.1 ;
> > xxx.xxx.xxx.xxx/len ;
> > } ;
> > type master;
> > file "filename";
> > };
> >
> > Stephen
> >
>
>
More information about the NANOG
mailing list