One or more nameservers responded to version queries

greektranslator

Well-Known Member
Jun 5, 2011
58
0
56
Greece
cPanel Access Level
Root Administrator
I tested with this site DNS tools | Manage Monitor Analyze | DNSstuff and I get

Nameserver software version
One or more nameservers responded to version queries. This can be considered a breach of security. If a malicious person or program had access to a version-specific exploit for your DNS server, displaying the version info openly will make their attack much easier. This should be removed or obscured. The nameservers that responded to version queries are:


I found these threads
Nameserver software version
How to disable BIND version querying??? help

but I cannot find any "version" instance in /etc/named.conf
 

24x7server

Well-Known Member
Apr 17, 2013
1,894
91
78
India
cPanel Access Level
Root Administrator
Hi,

If you have a remote server as Linux, you can use the dig tool to find the version:

# dig @<DNS-Server-IP> version.bind


------------------------------- -------------------------------
; <<>> DiG 9.9.4-RedHat-9.9.4-29.el7_2.4 <<>> @<DNS-Server-IP> version.bind chaos TXT
; (1 server found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 1865
;; flags: qr aa rd; QUERY: 1, ANSWER: 1, AUTHORITY: 1, ADDITIONAL: 1
;; WARNING: recursion requested but not available

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;version.bind. CH TXT

;; ANSWER SECTION:
version.bind. 0 CH TXT "9.9.4-RedHat-9.9.4-51.el7"

;; AUTHORITY SECTION:
version.bind. 0 CH NS version.bind.

;; Query time: 41 msec
;; SERVER: <DNS-Server-IP>#53(<DNS-Server-IP>)
;; WHEN: Fri Dec 01 15:03:39 UTC 2017
;; MSG SIZE rcvd: 93
------------------------------- -------------------------------
version.bind will give you the version number..