Monthly Archives: March 2012

How To Hide BIND DNS Sever Version

Posted on by

SUMMARY

This article describes how to hide BIND DNS Server Version. As described in our previous article “How to Use Ezdig to Determine the Version of BIND“,  users can use EzDig to find out the version of BIND easily. Hiding out Bind DNS Server version will prevent it.

THE STEPS

1) Login to your server as root through SSH.

2) Open your named.conf file, find out options { … }; section

3) Add this line:
version “Anything you want”;
after:
query-source address * port 53;

4) Save the changes

5) Restart your BIND service.

Now, when you check the version of BIND again, the response should be what you set at step 3.  (“Anything you want”)

MORE INFORMATION

You must keep your server updated to be protected from the latest security threats and exploits. If a hacker runs an exploit on your outdated version of BIND, even if you hide the version number, you will get hacked into.

References

http://www.eztk.com/products/ezdig.php
How to Use Ezdig to Determine the Version of BIND
BIND software version status

How to Use Ezdig to Determine the Version of BIND

Posted on by

SUMMARY

This article describes how to use the EzDig utility to determine the version of Berkeley Internet Name Domain (BIND) that is running on a remote BIND DNS server.

MORE INFORMATION

BIND is an implementation of a DNS server. If you troubleshoot interoperability issues with BIND servers, you may find it useful to determine what version of BIND each server is running.

The traditional method is using dig utility (under Linux system) or nslookup(under Linux/Windows system) to find the BIND version.  You must  remember a lot of parameters of those tools.

The EzDig make things easy.
Use Ezdig to Determine the Version of BIND

As the above screenshot, to determine the version of (BIND) that is running on a remote BIND DNS server, you need just five steps.

  1. Input “version.bind” in the Query field.
  2. Select “TXT” type
  3. Select “CH”  chaos class
  4. Select or Input the BIND server which you want to determine the version
  5. Click the “Dig” button

All things done!

If the administrator of the BIND server don’t hide the version information, you will get the real version of it, otherwise you will get same text information that like this example: “If you have a legitimate reason for requesting this info, please contact hostmaster@Level3.net”.

We will explain how to hide BIND server version in another article.

About EzDig

EzDig is GUI dig tool for windows. It enables you to query Domain Name System (DNS) name servers. It is free of charge, 100% Freeware.

MAIN Features

  • Support A, NS, CNAME, MX, TXT records
  • Support SOA record (start of [a zone of] authority record)
  • Support PTR record, domain name pointer, reverse DNS resolution
  • Support AAAA record (IPv6 address record)
  • Support ANY* type (All cached records)
  • Support AXFR (Request for a transfer of an entire zone)
  • Support IN(Internet), CH(CHAOS) classes
  • Select UDP(Default)/TCP Transport
  • Specified DNS server
  • Clear, copy, save the output window
  • Auto clear the output window

You can get more information and download it at following URL:
http://www.eztk.com/products/ezdig.php

References

BIND software version status