|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
From: Mark Teicher (mark.teicher
NETWORKICE.COM)Date: Thu Feb 01 2001 - 10:03:34 CST
Changing version numbers will definitely cause the actual attack from some
of the DNS version query scripts to fail, but then again changing versions
to avoid will then create a maintenance overhead for administrative staff
to go back in and change the version number back so that when one upgrades
to next the version the correct updates can be applied, and then change the
version number again. This can be a very tiring process for each
application an administrator does this to.
It would be better if one is discovering updates would just expend their
energy in working with software vendors to eliminate these types of bugs
from the software.
.02
/mark
At 02:57 PM 1/31/01 -0700, Somaini, Justin wrote:
One thing to do is to change the version posting in the named.conf file.
The scanner looking for sub 9.1 could be tricked. Actual attack failing of
course.
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]