North American Network Operators Group

Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

Re: Question about strain on the A root server

  • From: Andrew Brown
  • Date: Sun Apr 23 15:57:53 2000

>>    binfo.c   =  Bind Version Checker
>>    'binfo' is a quick little script to pull back the version
>>    of named running on a remote nameserver. This is handy
>>    for
>>    comparing it to a list of known vulnerable versions of 
>>    named/bind. Previous to this, it took a few commands to
>>    extract out the version.
>It seems to have been written more of not as a DNS admin convenience,
>but more as for inclusion into rootkit type packages, IMO.

perhaps, but it's certainly (a) not malicious or (b) gonna swamp the
root servers.

>A few commands? More like one :)
>$ nslookup -q=txt -class=chaos version.bind <nameserver>

or dig version.bind chaos txt @nameserver  :)

>And here's how to disable giving out that information to untrusted hosts
>or networks:
>in named.conf, set up something like this (*NOT* in the options section):
>Now, create a file called 'chaos' (in same directory where your zone
>files lives) with something like:

been there, done that.  and it's interesting to see all the people who
are checking out your name server after their addresses get logged for
hitting the acl.

|-----< "CODE WARRIOR" >-----|
[email protected]             * "ah!  i see you have the internet
[email protected] (Andrew Brown)                that goes *ping*!"
[email protected]       * "information is power -- share the wealth."