Install Bind as an authoritative DNS server

From wiki
Revision as of 06:46, 12 August 2016 by Vincent (talk | contribs) (Hide version)


Install

# apt install bind9

Configure

Warning Warning: This page is a work in progress and is not completed. Important informations might be missing or wrong.

Hide version

Version might be useful to an attacker that is searching known vulnerabilities on your server. Let’s make its life more difficult by hiding it.

Note that it is not an excuse to run old vulnerable software. The goal is just to slow down attacker in case of newly published security exploit, so you have enough time to update before getting pwned.

To prevent the version being returned edit file /etc/bind/named.conf.options and add the version line

options {
    
    version "";
    
}
Retrieved from ‘https://wiki.meurisse.org/index.php?title=Bind&oldid=449