????bind??? How To Hide BIND Version

星期五, 24th 七月 2009

??nessus??, ?????Bind version?????????, ???????????. 

How To Hide BIND DNS Sever Version
by Vivek Gite · 2 comments

Q. How do I hide my dns server version number from command such as:
dig @ns1.example.com -c CH -t txt version.bind

How do I hide version under BIND9 Linux / UNIX systems?

A. This is nothing but security through obscurity. You can hide version but one can always fingerprint your name server to find out exact version details using fpdns tool.

Open your named.conf file, find out options { ... }; section,

        query-source    port 53;
        query-source-v6 port 53;
        listen-on { 174.ttt.xx.yy; };
        directory "/var/named"; // the default
        dump-file               "data/cache_dump.db";
        statistics-file         "data/named_stats.txt";
        memstatistics-file      "data/named_mem_stats.txt";
        dnssec-enable yes;
        recursion no;
        allow-notify { 174.zzz.yy.zz; 172.xx.yy.zz; };
        version "BIND";
};To hide your bind version:

version "YOUR Message";


version "use fpdns to get version number ;)";

Save and close the file. Restart named, enter:

# service bind9 restart


# service named restart

How do I see bind version?
Use dig command, enter

$ dig @ns1.softlayer.com -c CH -t txt version.bind

As usual, you can use fpdns to find out version number.