Determining/hiding BIND version numberDetermining/hiding BIND version number
Both nslookup and dig can query a remote BIND nameserver's version number:
dig @nameserver version.bind txt chaos
;; ANSWER SECTION:
VERSION.BIND. 0 CH TXT "8.3.4-REL"
nslookup -type=txt -class=chaos version.bind nameserver
VERSION.BIND text = "8.3.4-REL"
If BIND is installed locally, simply run named -v locally to determine the
version of BIND.
Although hiding the BIND version number will not prevent automated cracking
tools from exploiting vulnerable nameservers, you should prevent "banner
grabbing," or allowing others to gather version information about services
running on your machines.
To change the version information returned by your BIND nameserver, create a
version line in your named.conf file's options directive.
Example:
options {
version "Not disclosed";
}
Send the named process a SIGHUP for the change to take effect.
kill -HUP `cat path_to/named.pid`
dig @nameserver version.bind txt chaos
VERSION.BIND. 0 CH TXT "Not disclosed"
Back to brandonhutchinson.com.
Last modified: 12/03/2003
(
geocities.com/hackermuda/exploits) (
geocities.com/hackermuda)