sorry to ruin several of your evenings...

Mailman List Mirror (Read Only)

Stephen_Stuart January 30, 2001, 8:38pm 1

While it's not exactly a problem, it does give away that you're running
bind9 (I do like the new 'version' option where you can set the
version.bind reply) even if you change the version to appear to be a bind8
server.

"allow-query" lets you control who can see that information:

zone "bind" chaos {
        allow-query {
                127.0.0.1 ;
                xxx.xxx.xxx.xxx/len ;
        } ;
        type master;
        file "filename";
};

Stephen

Christopher_L_Morro2 January 30, 2001, 8:45pm 2

Why not jus return some 'bogus' version ??? like this option allows:

version "bad-ass-bind";

--Chris

Valdis_Kletnieks January 30, 2001, 8:58pm 3

If you return a bogus version, they *know* you have something to hide.
If you just disallow 'chaos' queries, they don't know for sure, especially
if you *also* disallow other queries/etc from other sites.

Shawn_McMahon January 30, 2001, 9:15pm 4

Hey, just return version 8.6.2, and make 'em waste their time...