Tuesday, September 29, 2009

How To Hide BIND DNS Sever Version

SkyHi @ Tuesday, September 29, 2009
Q. How do I hide my dns server version number from command such as:
dig @ns1.example.com -c CH -t txt version.bind

How do I hide version under BIND9 Linux / UNIX systems?

A. This is nothing but security through obscurity. You can hide version but one can always fingerprint your name server to find out exact version details using fpdns tool.

Open your named.conf file, find out options { ... }; section,

query-source port 53;
query-source-v6 port 53;
listen-on { 174.ttt.xx.yy; };
directory "/var/named"; // the default
dump-file "data/cache_dump.db";
statistics-file "data/named_stats.txt";
memstatistics-file "data/named_mem_stats.txt";
dnssec-enable yes;
recursion no;
allow-notify { 174.zzz.yy.zz; 172.xx.yy.zz; };
version "BIND";

To hide your bind version:
version "YOUR Message";
version "use fpdns to get version number ;)";
Save and close the file. Restart named, enter:
# service bind9 restart
# service named restart
How do I see bind version?

Use dig command, enter
$ dig @ns1.softlayer.com -c CH -t txt version.bind
As usual, you can use fpdns to find out version number.

Reference: http://www.cyberciti.biz/faq/hide-bind9-dns-sever-version/