Re: "Hiding" version.bind in /etc/bind/named.conf.options doesn't work

2018-03-04 Thread @lbutlr
On Feb 28, 2018, at 09:57, G.W. Haywood via bind-users wrote: > On Wed, 28 Feb 2018, (Ing. Pedro Pablo Delgado Martell) wrote: >> Good morning, I'm trying to make it more difficult for an attacker to >> get my DNS server version. > > Waste of time. The attacks are

RE: "Hiding" version.bind in /etc/bind/named.conf.options doesn't work

2018-03-03 Thread Bob McDonald
Personally, I leave the version statement alone. I like having my "internal" servers return the current running version when queried. I disable chaos queries on my internet facing servers via views thus effectively not answering any queries for the version or hostname from folks I don't know. I

Re: "Hiding" version.bind in /etc/bind/named.conf.options doesn't work

2018-02-28 Thread sthaug
> >> Good morning, I'm trying to make it more difficult for an attacker to > >> get my DNS server version. > > > > Waste of time.  The attacks are automated, and will be mounted anyway. > > > > Indeed. At least one of my legacy servers returns "4.9.4-P1-Would you > believe Win98SE?", which was

Re: "Hiding" version.bind in /etc/bind/named.conf.options doesn't work

2018-02-28 Thread Warren Kumari
On Wed, Feb 28, 2018 at 12:57 PM, G.W. Haywood via bind-users wrote: > Hi there, > > On Wed, 28 Feb 2018, (Ing. Pedro Pablo Delgado Martell) wrote: > >> Good morning, I'm trying to make it more difficult for an attacker to >> get my DNS server version. > > > Waste of

Re: "Hiding" version.bind in /etc/bind/named.conf.options doesn't work

2018-02-28 Thread Dave Warren
On 2018-02-28 10:57, G.W. Haywood via bind-users wrote: Hi there, On Wed, 28 Feb 2018, (Ing. Pedro Pablo Delgado Martell) wrote: Good morning, I'm trying to make it more difficult for an attacker to get my DNS server version. Waste of time.  The attacks are automated, and will be mounted

RE: "Hiding" version.bind in /etc/bind/named.conf.options doesn't work

2018-02-28 Thread G.W. Haywood via bind-users
Hi there, On Wed, 28 Feb 2018, (Ing. Pedro Pablo Delgado Martell) wrote: Good morning, I'm trying to make it more difficult for an attacker to get my DNS server version. Waste of time. The attacks are automated, and will be mounted anyway. -- 73, Ged.

Re: "Hiding" version.bind in /etc/bind/named.conf.options doesn't work

2018-02-28 Thread Alan Clegg
On 2/28/18 10:57 AM, Bob Harold wrote: > Those instructions assume that the  /etc/bind/named.conf.options file > is 'included' in the main named.conf file. > Just add the "version" line to your named.conf file options section. [...] > So my config file is at: >

Re: "Hiding" version.bind in /etc/bind/named.conf.options doesn't work

2018-02-28 Thread Bob Harold
On Wed, Feb 28, 2018 at 8:55 AM, Ing. Pedro Pablo Delgado Martell < ppmart...@eleka.co.cu> wrote: > Good morning, I'm trying to make it more difficult for an attacker to get > my DNS server version. I have been following several posts about doing this > and mostrly all of them suggest to modify