Bugtraq mailing list archives
Re: fingerprinting BIND 9.1.0
From: buglist () SHIKAHR COM INTER NET
Date: Tue, 30 Jan 2001 19:14:20 -0600
In message <5.0.2.1.2.20010129125423.00a7f990@127.0.0.01> Max Vision writes:
The BIND 9.1.0beta releases and now BIND 9.1.0 include another hard coded chaos record called "authors".
[ snip ]
% dig @ns.example.com authors.bind chaos txt
I've been playing some with BIND 9.1.0, and have found that queries like this can be suppressed using the new "view" capability. I now have in my named.conf, the following: view "external-chaos" chaos { match-clients { any; }; recursion no; zone "." { type hint ; file "/dev/null"; }; }; and a similar entry for hesiod records. Queries then against either chaos or hesiod records will come back as "servfail". Alternatively, creating your own "bind." domain with CH, rather than IN, records for SOA and TXT data will override hardcoded values. I've also got a "bind." domain that has this record: version.bind. 0 ch txt "Who knows" so that if I don't use a "view" to block chaos records, then at least I give out only information that I want to give out. -- Randall Raemon shikahr.com.inter.net, email to rlr
Current thread:
- fingerprinting BIND 9.1.0 Max Vision (Jan 30)
- Re: fingerprinting BIND 9.1.0 Eric Limpens (Jan 30)
- <Possible follow-ups>
- Re: fingerprinting BIND 9.1.0 buglist (Jan 30)
- Re: fingerprinting BIND 9.1.0 William D. Colburn (aka Schlake) (Jan 31)
- Re: fingerprinting BIND 9.1.0 Lucas Holt (Jan 31)
- Re: fingerprinting BIND 9.1.0 William D. Colburn (aka Schlake) (Jan 31)