Security Basics mailing list archives
Re: dns daemon version
From: Dean_Larson () May-Co com
Date: Tue, 16 Dec 2003 08:49:07 -0600
doesn't this give the person information, ie: your running a new version
of bind, this at least lets them narrow the attack field a bit. what if
you gave bad information: 4.9.1 or 4.9.2, etc.
Fernando Serto
<fernando.serto@mem To: deft () inf ufsc br
etrics.com> cc: security-basics () securityfocus com
Subject: Re: dns daemon version
12/15/2003 07:27 PM
But it only works for bind, doesn't it?
on this particular case (192.168.10.1) I know which version is running,
and I changed the conf file to 'version "nice try";', so, when I try to
"dig it" i get:
root@arara:~# dig @192.168.10.1 chaos txt version.bind
; <<>> DiG 9.2.2-P3 <<>> @192.168.10.1 chaos txt version.bind
;; global options: printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 62093
;; flags: qr aa rd; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0
;; QUESTION SECTION:
;version.bind. CH TXT
;; ANSWER SECTION:
version.bind. 0 CH TXT "nice try"
;; Query time: 14 msec
;; SERVER: 192.168.10.1#53(192.168.10.1)
;; WHEN: Tue Dec 16 12:21:52 2003
;; MSG SIZE rcvd: 51
root@arara:~#
is there any other way to query which daemon is running (and version, as
well)?
cheers,
Fernando
deft () inf ufsc br wrote:
Hi Fernando, I use "dig @192.168.10.1 chaos txt version.bind Cya Paulo Franzoni Dau Filho deft () inf ufsc br Citando Fernando Serto <fernando.serto () memetrics com>:hey guys, is there anyway to probe the dns server version? I tried this with nmap: root@arara:~# nmap -sS -sV -v -p53 192.168.10.1 Starting nmap 3.45 ( http://www.insecure.org/nmap/ ) at 2003-12-16 11:16
EST
Host gw.local (192.168.10.1) appears to be up ... good. Initiating SYN Stealth Scan against gw.local (192.168.10.1) at 11:16 Adding open port 53/tcp The SYN Stealth Scan took 0 seconds to scan 1 ports. Initiating service scan against 1 service on 1 host at 11:16 The service scan took 10 seconds to scan 1 service on 1 host. Interesting ports on gw.local (192.168.10.1): PORT STATE SERVICE VERSION 53/tcp open domain Nmap run completed -- 1 IP address (1 host up) scanned in 10.398 seconds root@arara:~# thanks -- Fernando Serto Systems Administrator Memetrics Pty. Ph: + 61 (0) 2 9556 0833 Mobile: 0403 338 005 E-mail: fernando.serto () memetrics com
---------------------------------------------------------------------------
----------------------------------------------------------------------------
-- Fernando Serto Systems Administrator Memetrics Pty. Ph: + 61 (0) 2 9556 0833 Mobile: 0403 338 005 E-mail: fernando.serto () memetrics com --------------------------------------------------------------------------- ---------------------------------------------------------------------------- --------------------------------------------------------------------------- ----------------------------------------------------------------------------
Current thread:
- dns daemon version Fernando Serto (Dec 15)
- Re: dns daemon version deft (Dec 16)
- Re: dns daemon version Fernando Serto (Dec 16)
- Re: dns daemon version Dean_Larson (Dec 16)
- RE: dns daemon version Joey Peloquin (Dec 16)
- Re: dns daemon version Fernando Serto (Dec 17)
- Re: dns daemon version Fernando Serto (Dec 16)
- Re: dns daemon version deft (Dec 16)