[34202] in North American Network Operators' Group
beating about the bush (not)
daemon@ATHENA.MIT.EDU (bmanning@vacation.karoshi.com)
Tue Jan 30 22:49:21 2001
From: bmanning@vacation.karoshi.com
Message-Id: <200101310403.EAA22546@vacation.karoshi.com>
To: nanog@merit.edu
Date: Wed, 31 Jan 2001 04:03:59 +0000 (UCT)
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
Errors-To: owner-nanog-outgoing@merit.edu
I'm in favor of the following:
Honesty. Publish what you have.
If you must, lie. Publish an version that "blends" with the prevaling
landscape if you must. Such behaviour is wrong and may lead
to further probes since the reported version and the server behaviour
don;t jibe.
I'm never in favor of "boasts" or "taunts". That is tantamount to asking for
further investigation.
Blocking queries leads to a false sense of security. Someone will figure out
what your running anyway.
-------
>
> Bill - just a quick question about your post today (pasted below). You're
> hinting at what might be a more prudent thing to do, but I'm not getting the
> hint.
>
> Would you rather deny the version.bind query, give an intriguing answer
> (e.g. "bad-ass-bind"), an intentionally misleading answer (e.g. 4.8.1 or
> 9.5.6), or what?
>
> ----
