North American Network Operators Group
Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

Re: sorry to ruin several of your evenings...

  • From: Jared Mauch
  • Date: Tue Jan 30 17:10:01 2001 
	The problem is that there are those that do not have their
sysadmin staff at proper levels or will use some configuration options
to their advantage to save doing work.  These people should use caution
if they go about it this way instead of upgrading.

	You would be surprised how many requests i get for favico.ico on my
web server still...

	- Jared

On Tue, Jan 30, 2001 at 04:31:30PM -0500, Christopher L. Morrow wrote:
> 
> I didn't say I didn't upgrade :) I just said why give out info you don't
> need to give out.
> 
> --Chris
> 
> On Tue, 30 Jan 2001, Jared Mauch wrote:
> 
> > 
> > 	The key here is that if you're going to spend time faking the
> > real response of a query that time may be best spent fixing the
> > real problem.
> > 
> > 	People who will now complain about the number of machines they
> > need to upgrade, etc.. should now evaluate the costs of running an internet
> > connected network.  If these costs or risks are too high for you perhaps
> > you need to evaluate your internet connection policies.
> > 
> > 	- Jared
> > 
> > On Tue, Jan 30, 2001 at 09:32:24PM +0000, [email protected] wrote:
> > > 
> > >  lets see... (from previous discussions on the usefullness of tweeking
> > >  the version)
> > > 	
> > > 	wearing my blackhat, i have to decide which system is worthty
> > > 	of my talents... which one should I pick?
> > > 
> > > 	version "bad-ass-bind";  	
> > > 	-or-
> > > 	version "9.1.0"
> > > 
> > >  of course I could be running 4.8.1 and simply recompile so it _reports_
> > >  a bogus version but the profile of a 9.1.0 code base is -very- distinct
> > >  from a 4.8.1 code base... esp on replies to queries.
> > > 
> > >  Pick your targets carefully.
> > > 
> > > 
> > > 
> > > > Why not jus return some 'bogus' version ??? like this option allows:
> > > > 
> > > > version "bad-ass-bind";
> > > > 
> > > > :)
> > > > 
> > > > --Chris
> > > > 
> > > > #######################################################
> > > > ## UUNET Technologies, Inc.                          ##
> > > > ## Manager                                           ##
> > > > ## Customer Router Security Engineering Team         ##
> > > > ## (W)703-289-8479 (C)703-283-3734                   ##
> > > > #######################################################
> > > > 
> > > > On Tue, 30 Jan 2001, Stephen Stuart wrote:
> > > > 
> > > > > 
> > > > > > While it's not exactly a problem, it does give away that you're running
> > > > > > bind9 (I do like the new 'version' option where you can set the
> > > > > > version.bind reply) even if you change the version to appear to be a bind8
> > > > > > server.
> > > > > 
> > > > > "allow-query" lets you control who can see that information:
> > > > > 
> > > > > zone "bind" chaos { 
> > > > >         allow-query {
> > > > >                 127.0.0.1 ;
> > > > >                 xxx.xxx.xxx.xxx/len ;
> > > > >         } ;
> > > > >         type master; 
> > > > >         file "filename"; 
> > > > > };
> > > > > 
> > > > > Stephen
> > > > > 
> > > > 
> > > > 
> > > 
> > 
> > -- 
> > Jared Mauch  | pgp key available via finger from [email protected]
> > clue++;      | http://puck.nether.net/~jared/  My statements are only mine.
> > END OF LINE  | Manager of IP networks built within my own home
> > 

-- 
Jared Mauch  | pgp key available via finger from [email protected]
clue++;      | http://puck.nether.net/~jared/  My statements are only mine.
END OF LINE  | Manager of IP networks built within my own home