North American Network Operators Group|
Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical
Re: Question about strain on the A root server
>> binfo.c = Bind Version Checker >> 'binfo' is a quick little script to pull back the version >> of named running on a remote nameserver. This is handy >> for >> comparing it to a list of known vulnerable versions of >> named/bind. Previous to this, it took a few commands to >> extract out the version. > >It seems to have been written more of not as a DNS admin convenience, >but more as for inclusion into rootkit type packages, IMO. perhaps, but it's certainly (a) not malicious or (b) gonna swamp the root servers. >A few commands? More like one :) > >$ nslookup -q=txt -class=chaos version.bind <nameserver> or dig version.bind chaos txt @nameserver :) >And here's how to disable giving out that information to untrusted hosts >or networks: > >in named.conf, set up something like this (*NOT* in the options section): >... >Now, create a file called 'chaos' (in same directory where your zone >files lives) with something like: >... been there, done that. and it's interesting to see all the people who are checking out your name server after their addresses get logged for hitting the acl. -- |-----< "CODE WARRIOR" >-----| [email protected] * "ah! i see you have the internet [email protected] (Andrew Brown) that goes *ping*!" [email protected] * "information is power -- share the wealth."