Good morning, I'm trying to make it more difficult for an attacker to
get my DNS server version. I have been following several posts about
doing this and mostrly all of them suggest to modify the
*/etc/bind/named.conf.options* file and add the lines:
options {
version "Not available"; // Or any bogus info or
just none without quotes
}
Then restart the service (*service bind9 restart*) and the version will
not be shown, only the defined text, in this case "Not available".
However, after doing this and restarting the service I'm still getting
my server version. Am I placing this lines in the wrong file? Thanks in
advance!
------------------------------------
Bind version: 9.10.2-P3
OS: Debian GNU/Linux 8 (jessie)
_______________________________________________
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe
from this list
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users
