masters directive in NZF file

Hi, We've got a set of slaves running BIND 9.9.9-P5 that have dynamically managed zones (via rndc addzone and delzone). The master server's IP was hardcoded into the options sent to addzone, resulting in NZF files with lines like so: zone "foo.com" { type slave; file "foo.com"; masters { 1.2.3.

Re: "Hiding" version.bind in /etc/bind/named.conf.options doesn't work

> >> Good morning, I'm trying to make it more difficult for an attacker to > >> get my DNS server version. > > > > Waste of time.  The attacks are automated, and will be mounted anyway. > > > > Indeed. At least one of my legacy servers returns "4.9.4-P1-Would you > believe Win98SE?", which was

Re: "Hiding" version.bind in /etc/bind/named.conf.options doesn't work

On Wed, Feb 28, 2018 at 12:57 PM, G.W. Haywood via bind-users wrote: > Hi there, > > On Wed, 28 Feb 2018, (Ing. Pedro Pablo Delgado Martell) wrote: > >> Good morning, I'm trying to make it more difficult for an attacker to >> get my DNS server version. > > > Waste of time. The attacks are automat

Re: "Hiding" version.bind in /etc/bind/named.conf.options doesn't work

On 2018-02-28 10:57, G.W. Haywood via bind-users wrote: Hi there, On Wed, 28 Feb 2018, (Ing. Pedro Pablo Delgado Martell) wrote: Good morning, I'm trying to make it more difficult for an attacker to get my DNS server version. Waste of time.  The attacks are automated, and will be mounted any

RE: "Hiding" version.bind in /etc/bind/named.conf.options doesn't work

Hi there, On Wed, 28 Feb 2018, (Ing. Pedro Pablo Delgado Martell) wrote: Good morning, I'm trying to make it more difficult for an attacker to get my DNS server version. Waste of time. The attacks are automated, and will be mounted anyway. -- 73, Ged. __

Re: "Hiding" version.bind in /etc/bind/named.conf.options doesn't work

On 2/28/18 10:57 AM, Bob Harold wrote: > Those instructions assume that the  /etc/bind/named.conf.options file > is 'included' in the main named.conf file. > Just add the "version" line to your named.conf file options section. [...] > So my config file is at: > /replicated/jail/named/etc/named.c

Re: "Hiding" version.bind in /etc/bind/named.conf.options doesn't work

On Wed, Feb 28, 2018 at 8:55 AM, Ing. Pedro Pablo Delgado Martell < ppmart...@eleka.co.cu> wrote: > Good morning, I'm trying to make it more difficult for an attacker to get > my DNS server version. I have been following several posts about doing this > and mostrly all of them suggest to modify th

RE: Issue running "dig txt rs.dns-oarc.net" on 9.12

Thanks for the information Cathy. I've always run the Red Hat provided packages in the past, this is the first time I've ever tried running the newest release direct. Mostly I'm just feeling extra cautious since this is something I've never done before and admittedly I don't know as much about D

"Hiding" version.bind in /etc/bind/named.conf.options doesn't work

Good morning, I'm trying to make it more difficult for an attacker to get my DNS server version. I have been following several posts about doing this and mostrly all of them suggest to modify the */etc/bind/named.conf.options* file and add the lines: options { version "Not available";