nanog mailing list archives
Re: Reasons why BIND isn't being upgraded
From: woods () weird com (Greg A. Woods)
Date: Thu, 1 Feb 2001 23:16:45 -0500 (EST)
[ On Thursday, February 1, 2001 at 21:13:20 (-0500), Adam McKenna wrote: ]
Subject: Re: Reasons why BIND isn't being upgraded I always thought that it was regarded as generally good security practice to give out as little information about your systems as possible, and none at all if you can help it. The BIND version should at least only be accessible from a set of defined IP addresses, defaulting to 127/8.
Not necessarily. As Paul has shown, and as I and others have explained in other forums, hiding the version identifier in this case can obscure the presense of an older buggy version that's in desparate need of upgrading. Only the most simplistic and poorly designed exploits would trust the version identifier anyway, *especially* after these kinds of discussions! ;-) Never try to hide something that's plainly obvious on some other level. It only makes people more curious, and I'm including those wearing grey and black hats in "people" here..... -- Greg A. Woods +1 416 218-0098 VE3TCP <gwoods () acm org> <robohack!woods> Planix, Inc. <woods () planix com>; Secrets of the Weird <woods () weird com>
Current thread:
- Re: Reasons why BIND isn't being upgraded, (continued)
- Re: Reasons why BIND isn't being upgraded Greg A. Woods (Feb 24)
- Re: [NANOG] Re: Reasons why BIND isn't being upgraded Pete Ehlke (Feb 24)
- Re: [NANOG] Re: Reasons why BIND isn't being upgraded Paul Vixie (Feb 24)
- Re: [NANOG] Re: Reasons why BIND isn't being upgraded Jim Mercer (Feb 24)
- Re: Reasons why BIND isn't being upgraded Greg A. Woods (Feb 24)
- Re: [NANOG] Re: Reasons why BIND isn't being upgraded Pim van Riezen (Feb 24)
- Re: [NANOG] Re: Reasons why BIND isn't being upgraded J Bacher (Feb 24)
- Re: Reasons why BIND isn't being upgraded Greg A. Woods (Feb 24)
- Re: Reasons why BIND isn't being upgraded Paul Vixie (Feb 24)
- Re: Reasons why BIND isn't being upgraded Adam McKenna (Feb 24)
- Re: Reasons why BIND isn't being upgraded Greg A. Woods (Feb 24)
- Re: Reasons why BIND isn't being upgraded Patrick Greenwell (Feb 24)
- Re: Reasons why BIND isn't being upgraded Bill Woodcock (Feb 24)
- Re: Reasons why BIND isn't being upgraded Patrick Greenwell (Feb 24)
- Re: Reasons why BIND isn't being upgraded Joe Rhett (Feb 24)
- Re: Reasons why BIND isn't being upgraded Patrick Greenwell (Feb 24)
- Re: Reasons why BIND isn't being upgraded Kevin Oberman (Feb 24)
- Vixie doing his part to make people upgrade (was:Re: Reasons why BIND isn't being upgraded) mdevney (Feb 24)
- Re: Vixie doing his part to make people upgrade (was:Re: Reasons why BIND isn't being upgraded) Mikael Abrahamsson (Feb 24)
- Re: Vixie doing his part to make people upgrade (was:Re: Reasons why BIND isn't being upgraded) Stephen Stuart (Feb 24)
- Re: Vixie doing his part to make people upgrade (was:Re: Reasons why BIND isn't being upgraded) alex (Feb 24)
- Re: Reasons why BIND isn't being upgraded Adam McKenna (Feb 24)