[Openvas-discuss] The remote bind version is: .

Reindl Harald h.reindl at thelounge.net
Tue Jan 10 03:09:07 CET 2012


there is some optimizing potential :-)

"." is still from the 'version' directive
i guess in this case the education should not be displayed :-)

if i set this to something other "nmap -O -sV -T4 -d" shows
"ISC BIND" like below, with the . as version it is
displayed empty

53/tcp  open  domain syn-ack ISC BIND Microsoft DNS
53/tcp  open  domain syn-ack
_________________

NVT: Determine which version of BIND name daemon is running (OID: 1.3.6.1.4.1.25623.1.0.10028)

BIND 'NAMED' is an open-source DNS server from ISC.org.
Many proprietary DNS servers are based on BIND source code.
The BIND based NAMED servers (or DNS servers) allow remote users
to query for version and type information.  The query of the CHAOS
TXT record 'version.bind', will typically prompt the server to send
the information back to the querying source.
The remote bind version is : .

Solution :
Using the 'version' directive in the 'options' section will block
the 'version.bind' query, but it will not log such attempts.




-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 262 bytes
Desc: OpenPGP digital signature
URL: <http://lists.wald.intevation.org/pipermail/openvas-discuss/attachments/20120110/19e5e3a7/attachment.asc>


More information about the Openvas-discuss mailing list