Bugtraq mailing list archives

Re: Silly patch to report version.bind requests

From: lamont () CRANSTON FC HP COM (LaMont Jones)
Date: Fri, 12 Jun 1998 15:28:39 -0600

I wrote this patch for BIND 8.1.2 that will change the version number
returned and (most importantly) write to your logs that a person attempted
to do so.


Rather than hacking on the source, just do the following with the stock
distribution:

in named.conf:
zone "bind" chaos { allow-query {localhost; }; type master; file "pri/bind"; };

and in pri/bind:
$ORIGIN bind.
@       1D CHAOS SOA    localhost. root.localhost. (
                        1               ; serial
                        3H              ; refresh
                        1H              ; retry
                        1W              ; expiry
                        1D )            ; minimum
        CHAOS NS        localhost.

Presto - log messages for denied queries, and no changes to the code.

lamont

Current thread:

Re: Full Armor avarice (Jun 09)
- Silly patch to report version.bind requests Craig H. Rowland (Jun 10)
  - Re: Silly patch to report version.bind requests Peter Svensson (Jun 12)
  - Re: Silly patch to report version.bind requests LaMont Jones (Jun 12)
- Re: Full Armor S M Phillips (Jun 11)
- <Possible follow-ups>
- Full Armor Kimmie Dicaire (Jun 09)