Re: sorry to ruin several of your evenings...

[bmanning () vacation karoshi com]

 lets see... (from previous discussions on the usefullness of tweeking
 the version)
        
        wearing my blackhat, i have to decide which system is worthty
        of my talents... which one should I pick?

        version "bad-ass-bind";         
        -or-
        version "9.1.0"

 of course I could be running 4.8.1 and simply recompile so it _reports_
 a bogus version but the profile of a 9.1.0 code base is -very- distinct
 from a 4.8.1 code base... esp on replies to queries.

 Pick your targets carefully.



> Why not jus return some 'bogus' version ??? like this option allows:
>
> version "bad-ass-bind";
>
> :)
>
> --Chris
>
> #######################################################
> ## UUNET Technologies, Inc.                          ##
> ## Manager                                           ##
> ## Customer Router Security Engineering Team         ##
> ## (W)703-289-8479 (C)703-283-3734                   ##
> #######################################################
>
> On Tue, 30 Jan 2001, Stephen Stuart wrote:
>
> > > While it's not exactly a problem, it does give away that you're running
> > > bind9 (I do like the new 'version' option where you can set the
> > > version.bind reply) even if you change the version to appear to be a bind8
> > > server.
> >
> > "allow-query" lets you control who can see that information:
> >
> > zone "bind" chaos { 
> >         allow-query {
> >                 127.0.0.1 ;
> >                 xxx.xxx.xxx.xxx/len ;
> >         } ;
> >         type master; 
> >         file "filename"; 
> > };
> >
> > Stephen