본문 바로가기
해봐야 안다.OTL/Linux

[리눅스] DNS : 버전 정보 변경하기

조정현 2009. 11. 19. 17:07

<DNS 버전 정보 변경>

Dns 버전 정보가 노출 되면 취약점이 노출되기 때문에 버전 정보를 변경해야한다.

[root@jo:/var/named]#vi /etc/named.conf

options {

listen-on port 53 { any; };

listen-on-v6 port 53 { ::1; };

directory "/var/named";

dump-file "/var/named/data/cache_dump.db";

statistics-file "/var/named/data/named_stats.txt";

memstatistics-file "/var/named/data/named_mem_stats.txt";

allow-query { any; };

recursion no;

version "hahaha!!! groomy day!!";

};

--

[root@jo:/var/named]#dig @ns.cho.iss txt chaos version.bind

 

; <<>> DiG 9.3.4-P1 <<>> @ns.cho.iss txt chaos version.bind

; (1 server found)

;; global options: printcmd

;; Got answer:

;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 8034

;; flags: qr aa rd; QUERY: 1, ANSWER: 1, AUTHORITY: 1, ADDITIONAL: 0

 

;; QUESTION SECTION:

;version.bind.            CH    TXT

 

;; ANSWER SECTION:

version.bind.        0    CH    TXT    "9.6.1-P1"

 

;; AUTHORITY SECTION:

version.bind.        0    CH    NS    version.bind.

 

;; Query time: 5 msec

;; SERVER: 192.168.100.1#53(192.168.100.1)

;; WHEN: Wed Oct 28 11:08:15 2009

;; MSG SIZE rcvd: 65

--

[root@jo:/var/named]#service named restart

Stopping named: . [ OK ]

Starting named: [ OK ]

--

[root@jo:/var/named]#dig @ns.cho.iss txt chaos version.bind

 

; <<>> DiG 9.3.4-P1 <<>> @ns.cho.iss txt chaos version.bind

; (1 server found)

;; global options: printcmd

;; Got answer:

;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 52869

;; flags: qr aa rd; QUERY: 1, ANSWER: 1, AUTHORITY: 1, ADDITIONAL: 0

 

;; QUESTION SECTION:

;version.bind.            CH    TXT

 

;; ANSWER SECTION:

version.bind.        0    CH    TXT    "hahaha!!! groomy day!!"

 

;; AUTHORITY SECTION:

version.bind.        0    CH    NS    version.bind.

 

;; Query time: 5 msec

;; SERVER: 192.168.100.1#53(192.168.100.1)

;; WHEN: Wed Oct 28 11:08:34 2009

;; MSG SIZE rcvd: 79

--

#vi /etc/named.conf

97 view chaosnet chaos {

98

99 zone "bind" {

100 type master;

101 file "db.bind";

102 allow-query { "internal-zone";};

103 };

104 };

105

--

[root@jo:/var/named]#vi db.bind

$TTL 1D

$ORIGIN bind.

@ CHAOS SOA localhost. root.localhost. (

1

6H

30M

14D

1D )

CHAOS NS localhost.

version.bind. CH TXT "Bind 9.6.1-P1"

--

[root@jo:/var/named]#service named restart

Stopping named: [ OK ]

Starting named: [ OK ]

--

[root@jo:/var/named]#dig @ns.cho.iss txt chaos version.bind

 

; <<>> DiG 9.3.4-P1 <<>> @ns.cho.iss txt chaos version.bind

; (1 server found)

;; global options: printcmd

;; Got answer:

;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 24023

;; flags: qr aa rd; QUERY: 1, ANSWER: 1, AUTHORITY: 1, ADDITIONAL: 0

 

;; QUESTION SECTION:

;version.bind.            CH    TXT

 

;; ANSWER SECTION:

version.bind.        86400    CH    TXT    "Bind 9.6.1-P1"

 

;; AUTHORITY SECTION:

bind.            86400    CH    NS    localhost.

 

;; Query time: 2 msec

;; SERVER: 192.168.100.1#53(192.168.100.1)

;; WHEN: Wed Oct 28 11:09:23 2009

;; MSG SIZE rcvd: 79

--

'해봐야 안다.OTL/Linux' Related Articles

티스토리툴바