Sometimes you have to do things like hiding your version just because it came up on the security audit. It's a lot easier to make them shut up by doing what they want than by explaining to them that what they want is meaningless.
-----Original Message----- From: bind-users-bounces+jlightner=water....@lists.isc.org [mailto:bind-users-bounces+jlightner=water....@lists.isc.org] On Behalf Of Kevin Darcy Sent: Tuesday, January 12, 2010 10:52 AM To: bind-users@lists.isc.org Subject: Re: bindvrs Vulnerability Hiding your version accomplishes little. a) attackers can using "fingerprinting" technology to determine your BIND version even if you obscure it b) attackers can just brute force all of the known attacks in the hopes that you're vulnerable to at least one of them The real solution is to upgrade to a version that's not vulnerable. - Kevin Balanagaraju Munukutla wrote: > > Hi > > How to Disable the BIND version query feature in BIND 9.2.1. > > This is a bindvrs Vulnerability. > > Thanks & Regards > Nagaraj > ------------------------------------------------------------------------ > > _______________________________________________ > bind-users mailing list > bind-users@lists.isc.org > https://lists.isc.org/mailman/listinfo/bind-users _______________________________________________ bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users Proud partner. Susan G. Komen for the Cure. Please consider our environment before printing this e-mail or attachments. ---------------------------------- CONFIDENTIALITY NOTICE: This e-mail may contain privileged or confidential information and is for the sole use of the intended recipient(s). If you are not the intended recipient, any disclosure, copying, distribution, or use of the contents of this information is prohibited and may be unlawful. If you have received this electronic transmission in error, please reply immediately to the sender that you have received the message in error, and delete it. Thank you. ---------------------------------- _______________________________________________ bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users