What is BIND?
BIND (Berkeley Internet Name Domain) is an implementation of the Domain Name System (DNS) protocols and provides an openly redistributable reference implementation of the major components of the Domain Name System, including:

- a Domain Name System server (named)
- a Domain Name System resolver library
- tools for verifying the proper operation of the DNS server

The BIND DNS Server is used on the vast majority of name serving machines on the Internet, providing a robust and stable architecture on top of which an organization's naming architecture can be built. The resolver library included in the BIND distribution provides the standard APIs for translation between domain names and Internet addresses and is intended to be linked with applications requiring name service.

Why hide the BIND version number?
Although hiding the BIND version number will not prevent automated cracking tools from exploiting vulnerable nameservers, you should prevent "banner grabbing," or allowing others to gather version information about services running on your machines. This is no substitute for keeping your BIND version updated. You must keep your server updated to be protected from the latest security threats and exploits. If a hacker runs an exploit on your outdated version of BIND, even if you hide the version number, you will get hacked into.


Hiding BIND version
Login to your server through SSH and su to root.

1) pico -w /etc/named.conf

2) add this line:
version "surely you must be joking";
after:
query-source address * port 53;

3) Save the changes
Ctrl+x then y

4) Restart your BIND service.
service named restart or /etc/init.d/named restart

5) Check your bind version
dig ns1.yourserver.com

You may also check your bind version using http://www.dnsreport.com/ and you will see your new bind version.

New! - Need server help? Hire an Expert

By : ramprage

Rating :

Views: 13704

Date: April 1, 2004