Como medida de seguridad, en Bind es posible ocultar la versión que se está utilizando, para que no se sepa desde el exterior la versión exacta del software que posee.
Query:
# dig @localhost version.bind txt chaos
Y devolverá:
; <<>> DiG 9.8.2rc1-RedHat-9.8.2-0.17.rc1.el6_4.4 <<>> @localhost version.bind txt chaos
; (2 servers found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 56473
;; flags: qr aa rd; QUERY: 1, ANSWER: 1, AUTHORITY: 1, ADDITIONAL: 0
;; WARNING: recursion requested but not available;; QUESTION SECTION:
;version.bind. CH TXT;; ANSWER SECTION:
version.bind. 0 CH TXT "9.8.2rc1-RedHat-9.8.2-0.17.rc1.el6_4.4";; AUTHORITY SECTION:
version.bind. 0 CH NS version.bind.;; Query time: 0 msec
;; SERVER: 127.0.0.1#53(127.0.0.1)
;; WHEN: Wed Jun 19 16:21:36 2013
;; MSG SIZE rcvd: 95
Para solucionar esto, tan sólo basta modificar el named.conf, en la sección "options" y agregar:
options {
...version "Bind IT Linux";
};
Reinicie el servicio named:
# service named restart
Y la query:
# dig @localhost version.bind txt chaos
; <<>> DiG 9.8.2rc1-RedHat-9.8.2-0.17.rc1.el6_4.4 <<>> @localhost version.bind txt chaos
; (2 servers found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 3689
;; flags: qr aa rd; QUERY: 1, ANSWER: 1, AUTHORITY: 1, ADDITIONAL: 0
;; WARNING: recursion requested but not available;; QUESTION SECTION:
;version.bind. CH TXT;; ANSWER SECTION:
version.bind. 0 CH TXT "Bind IT Linux";; AUTHORITY SECTION:
version.bind. 0 CH NS version.bind.;; Query time: 1 msec
;; SERVER: 127.0.0.1#53(127.0.0.1)
;; WHEN: Wed Jun 19 16:24:37 2013
;; MSG SIZE rcvd: 70
0 Comentarios