SymptomsParallels H-Sphere Control Panel can not pass PCI (payment card industry) scan because off the following Security information found on port/service "domain (53/udp)":
"Determine which version of BIND name daemon is running"
ResolutionIt is possible to hide the version number of bind by using the 'version' directive in the 'options' section in named.conf
Changes in the named.conf should looks like:
# diff /etc/named.conf.orig /etc/named.conf
> version "Not disclosed";
To restart named please run:
/etc/init.d/named restart - Linux
/usr/local/etc/rc.d/named.sh restart - FreeBSD
To verify the issue just send request to DNS from any IP address:
# nslookup -type=txt -class=chaos version.bind 18.104.22.168
version.bind text = "Not disclosed"
where, 22.214.171.124 - box with name server installed.