[6959] in bugtraq
Re: Silly patch to report version.bind requests
daemon@ATHENA.MIT.EDU (LaMont Jones)
Fri Jun 12 18:07:49 1998
Date: Fri, 12 Jun 1998 15:28:39 -0600
Reply-To: LaMont Jones <lamont@CRANSTON.FC.HP.COM>
From: LaMont Jones <lamont@CRANSTON.FC.HP.COM>
X-To: "Craig H. Rowland" <crowland@psionic.com>
To: BUGTRAQ@NETSPACE.ORG
In-Reply-To: Your message of "Wed, 10 Jun 1998 17:18:45 EDT."
<Pine.LNX.3.96.980610171407.8195A-100000@dolemite.psionic.com>
> I wrote this patch for BIND 8.1.2 that will change the version number
> returned and (most importantly) write to your logs that a person attempted
> to do so.
Rather than hacking on the source, just do the following with the stock
distribution:
in named.conf:
zone "bind" chaos { allow-query {localhost; }; type master; file "pri/bind"; };
and in pri/bind:
$ORIGIN bind.
@ 1D CHAOS SOA localhost. root.localhost. (
1 ; serial
3H ; refresh
1H ; retry
1W ; expiry
1D ) ; minimum
CHAOS NS localhost.
Presto - log messages for denied queries, and no changes to the code.
lamont
