Re: bindvrs Vulnerability

2010-01-12 Thread Niobos
On 12 Jan 2010, at 17:15, Lightner, Jeff wrote: For BIND blocking the version keeps the auditors from asking the question since they don't know base version let alone extended version. Which tells more about the auditors than about the feature to do so __

Re: bindvrs Vulnerability

2010-01-12 Thread Audrey Beach
erable to at least one of them > > The real solution is to upgrade to a version that's not vulnerable. > > > - Kevin > Balanagaraju Munukutla wrote: > >> >> Hi >> >> How to Disable the BIND version query fe

RE: bindvrs Vulnerability

2010-01-12 Thread Lightner, Jeff
ow base version let alone extended version. -Original Message- From: bind-users-bounces+jlightner=water@lists.isc.org [mailto:bind-users-bounces+jlightner=water@lists.isc.org] On Behalf Of Alan Clegg Sent: Tuesday, January 12, 2010 11:09 AM To: bind-users@lists.isc.org Subject: Re: bindvr

Re: bindvrs Vulnerability

2010-01-12 Thread Alan Clegg
Lightner, Jeff wrote: > Sometimes you have to do things like hiding your version just because it > came up on the security audit. It's a lot easier to make them shut up > by doing what they want than by explaining to them that what they want > is meaningless. That said, if your "security audit" a

RE: bindvrs Vulnerability

2010-01-12 Thread Lightner, Jeff
htner=water@lists.isc.org [mailto:bind-users-bounces+jlightner=water@lists.isc.org] On Behalf Of Kevin Darcy Sent: Tuesday, January 12, 2010 10:52 AM To: bind-users@lists.isc.org Subject: Re: bindvrs Vulnerability Hiding your version accomplishes little. a) attackers can using "fing

Re: bindvrs Vulnerability

2010-01-12 Thread Kevin Darcy
solution is to upgrade to a version that's not vulnerable. - Kevin Balanagaraju Munukutla wrote: Hi How to Disable the BIND version query feature in BIND 9.2.1. This is a bindvrs Vu

Re: bindvrs Vulnerability

2010-01-12 Thread Chris Buxton
On Jan 11, 2010, at 11:26 PM, Balanagaraju Munukutla wrote: > Hi > > How to Disable the BIND version query feature in BIND 9.2.1. > > This is a bindvrs Vulnerability. This is not a vulnerability, it's a feature. The vulnerability relates to running BIND 9.2.1 - th

Re: bindvrs Vulnerability

2010-01-11 Thread Yohann LEPAGE
Balanagaraju Munukutla a écrit : Hi Hi, How to Disable the BIND version query feature in BIND 9.2.1. in named.conf : options { version"what you want"; }; Or just : http://www.google.com/search?q=disable+version+bind -- Yohann LEPAGE Post-scriptum La Poste Ce message

bindvrs Vulnerability

2010-01-11 Thread Balanagaraju Munukutla
Hi How to Disable the BIND version query feature in BIND 9.2.1. This is a bindvrs Vulnerability. Thanks & Regards Nagaraj___ bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users