Linux

Sometimes it is handy to know what version of BIND someone is using on a site, especially when the people involved have no idea what BIND is or what you are talking about when you ask them.

Quick and easy way with the BSD/*nix version of nslookup:

“nslookup -q=txt -class=CHAOS version.bind. 0 dns.roflcopter.com"

Server: dns.roflcopter.com
Address: 127.0.0.1#53
version.bind text = "9.2.4rc6"

So, if 'dns.roflcopter.com' actually existed, they are running 9.2.4.rc6.

On any DNS server that I have running BIND, I tend to fake the version returned, so this isn't always accurate. You can accomplish this by setting 'version' within the options section of named.conf

For instance:

options {
directory "/var/named";
version "Go away"
};

Why? I don't like users knowing the version numbers of software I am running. Worms and script kiddies love looking in search engines/etc for versions of software that can be easily exploited. For instance if your system advertises that it is using "Whizzbang 1.0.1" and a new exploit comes out for any version of 'Whizzbang' earlier than 1.0.2, you will most likely have people trying to get in. Of course most scripts will just try a brute-force attack, and if you are vulnerable, you are already hosed.

A great resource for securing BIND by Rob Thomas (not singer), is located here: http://www.cymru.com/Documents/secure-bind-template.html

Wow.

I would be kind of cool to be on this migration team.
"Yeah, let's power down this Pentium and replace it with this Opteron"

http://www.woodtv.com/global/story.asp?s=4771988

Seems like they could have scheduled it a little better, as mentioned in the article:

"The upgrade is unprecedented and comes at a time notorious for severe weather in West Michigan. The National Weather Service will be shutting down one of its largest eyes on the sky for five days; five days with little to no radar."