We cannot avoid mentioning that BIND allows you to hide (and replace) its version number with an arbitrary string. Although we do not advocate security through obscurity, and this should not be taken as a reliable way of preventing version fingerprinting (which is possible using other means), hiding the version number is a small setting that's worth mentioning.
Here's an example of version querying after changing the setting:
; <<>\> DiG 9.3.0 <<>\> @18.104.22.168 version.bind chaos txt ;; global options: printcmd ;; Got answer:
;; ->\>HEADER<<- opcode: QUERY, status: NOERROR, id: 192 9
;; flags: qr aa rd; QUERY: 1, ANSWER: 1, AUTHORITY: 1, ADDITIONAL: 0
;; QUESTION SECTION:
;version.bind. CH TXT
;; ANSWER SECTION:
;; AUTHORITY SECTION:
version.bind. 0 CH NS version.bind.
;; SERVER: 14 0.105.134.1#53(22.214.171.124) ;; WHEN: Sat Nov 4 17:59:10 2006 ;; MSG SIZE rcvd: 60
Was this article helpful?
Read how to maintain and repair any desktop and laptop computer. This Ebook has articles with photos and videos that show detailed step by step pc repair and maintenance procedures. There are many links to online videos that explain how you can build, maintain, speed up, clean, and repair your computer yourself. Put the money that you were going to pay the PC Tech in your own pocket.