Attachment #50611 for bug #77058

View | Details | Raw Unified | Return to bug 77058
Collapse All | Expand All




       <para>Permitting version lookups on the <acronym>DNS</acronym>
         server could be opening the doors for an attacker.  A
         malicious user may use this information to hunt up known
         exploits or bugs to utilize against the host.</para>

   <warning>
     <para>This will not protect you from exploits. Only upgrading to a
       version that is not vunerable will protect your server.</para>
   </warning>

   <para>A false version string can be placed the
     <literal>options</literal> section of
     <filename>named.conf</filename>:</para>

       <programlisting>options {
        directory       "/etc/namedb";A

Return to bug 77058

Lines 4177-4185 Link Here

(-)doc/en_US.ISO8859-1/books/handbook/network-servers/chapter.sgml Thu Feb 3 (-3 / +10 lines)
4177	<para>Permitting version lookups on the <acronym>DNS</acronym>	4177	<para>Permitting version lookups on the <acronym>DNS</acronym>
4178	server could be opening the doors for an attacker. A	4178	server could be opening the doors for an attacker. A
4179	malicious user may use this information to hunt up known	4179	malicious user may use this information to hunt up known
4180	exploits or bugs to utilize against the host. A false version	4180	exploits or bugs to utilize against the host.</para>
4181	string can be placed the <literal>options</literal> section of	4181
4182	<filename>named.conf</filename>:</para>	4182	<warning>
		4183	<para>This will not protect you from exploits. Only upgrading to a
		4184	version that is not vunerable will protect your server.</para>
		4185	</warning>
		4186
		4187	<para>A false version string can be placed the
		4188	<literal>options</literal> section of
		4189	<filename>named.conf</filename>:</para>
4183		4190
4184	<programlisting>options {	4191	<programlisting>options {
4185	directory "/etc/namedb";A	4192	directory "/etc/namedb";A