Re: Silly patch to report version.bind requests

From: LaMont Jones (lamontat_private)
Date: Fri Jun 12 1998 - 14:28:39 PDT

Next message: Alan Ramsbottom: "Re: Full Armor.... Fool Proof etc... bugs"

Previous message: Phillip R. Jaenke: "CERT Summary CS-98.06"
Maybe in reply to: Craig H. Rowland: "Silly patch to report version.bind requests"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

> I wrote this patch for BIND 8.1.2 that will change the version number
> returned and (most importantly) write to your logs that a person attempted
> to do so.

Rather than hacking on the source, just do the following with the stock
distribution:

in named.conf:
zone "bind" chaos { allow-query {localhost; }; type master; file "pri/bind"; };

and in pri/bind:
$ORIGIN bind.
@       1D CHAOS SOA    localhost. root.localhost. (
                        1               ; serial
                        3H              ; refresh
                        1H              ; retry
                        1W              ; expiry
                        1D )            ; minimum
        CHAOS NS        localhost.

Presto - log messages for denied queries, and no changes to the code.

lamont

Next message: Alan Ramsbottom: "Re: Full Armor.... Fool Proof etc... bugs"
Previous message: Phillip R. Jaenke: "CERT Summary CS-98.06"
Maybe in reply to: Craig H. Rowland: "Silly patch to report version.bind requests"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 13:57:50 PDT