[34186] in North American Network Operators' Group
Re: sorry to ruin several of your evenings...
daemon@ATHENA.MIT.EDU (Christopher L. Morrow)
Tue Jan 30 16:50:56 2001
Date: Tue, 30 Jan 2001 16:31:30 -0500 (EST)
From: "Christopher L. Morrow" <cmorrow@UU.NET>
To: Jared Mauch <jared@puck.Nether.net>
Cc: bmanning@vacation.karoshi.com, Stephen Stuart <stuart@mfnx.net>,
poptix@sleepybox.poptix.net, nanog@merit.edu
In-Reply-To: <20010130162500.W14398@puck.nether.net>
Message-ID: <Pine.GSO.4.20.0101301629020.21575-100000@csserve0.corp.us.uu.net>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Errors-To: owner-nanog-outgoing@merit.edu
I didn't say I didn't upgrade :) I just said why give out info you don't
need to give out.
--Chris
On Tue, 30 Jan 2001, Jared Mauch wrote:
>
> The key here is that if you're going to spend time faking the
> real response of a query that time may be best spent fixing the
> real problem.
>
> People who will now complain about the number of machines they
> need to upgrade, etc.. should now evaluate the costs of running an internet
> connected network. If these costs or risks are too high for you perhaps
> you need to evaluate your internet connection policies.
>
> - Jared
>
> On Tue, Jan 30, 2001 at 09:32:24PM +0000, bmanning@vacation.karoshi.com wrote:
> >
> > lets see... (from previous discussions on the usefullness of tweeking
> > the version)
> >
> > wearing my blackhat, i have to decide which system is worthty
> > of my talents... which one should I pick?
> >
> > version "bad-ass-bind";
> > -or-
> > version "9.1.0"
> >
> > of course I could be running 4.8.1 and simply recompile so it _reports_
> > a bogus version but the profile of a 9.1.0 code base is -very- distinct
> > from a 4.8.1 code base... esp on replies to queries.
> >
> > Pick your targets carefully.
> >
> >
> >
> > > Why not jus return some 'bogus' version ??? like this option allows:
> > >
> > > version "bad-ass-bind";
> > >
> > > :)
> > >
> > > --Chris
> > >
> > > #######################################################
> > > ## UUNET Technologies, Inc. ##
> > > ## Manager ##
> > > ## Customer Router Security Engineering Team ##
> > > ## (W)703-289-8479 (C)703-283-3734 ##
> > > #######################################################
> > >
> > > On Tue, 30 Jan 2001, Stephen Stuart wrote:
> > >
> > > >
> > > > > While it's not exactly a problem, it does give away that you're running
> > > > > bind9 (I do like the new 'version' option where you can set the
> > > > > version.bind reply) even if you change the version to appear to be a bind8
> > > > > server.
> > > >
> > > > "allow-query" lets you control who can see that information:
> > > >
> > > > zone "bind" chaos {
> > > > allow-query {
> > > > 127.0.0.1 ;
> > > > xxx.xxx.xxx.xxx/len ;
> > > > } ;
> > > > type master;
> > > > file "filename";
> > > > };
> > > >
> > > > Stephen
> > > >
> > >
> > >
> >
>
> --
> Jared Mauch | pgp key available via finger from jared@puck.nether.net
> clue++; | http://puck.nether.net/~jared/ My statements are only mine.
> END OF LINE | Manager of IP networks built within my own home
>
