Article ID: 6574, created on Aug 5, 2009, last review on May 10, 2014

  • Applies to:
  • H-Sphere

Symptoms

Parallels H-Sphere Control Panel can not pass PCI (payment card industry) scan because off the following Security information found on  port/service "domain (53/udp)":
"Determine which version of BIND name daemon is running"


Resolution

It is possible to hide the version number of bind by using the 'version'  directive in the 'options' section in named.conf

Changes in the named.conf should looks like:

# diff /etc/named.conf.orig /etc/named.conf
2a3
 >       version "Not disclosed";

To restart named please run:

/etc/init.d/named restart - Linux
/usr/local/etc/rc.d/named.sh restart - FreeBSD

To verify the issue just send request to DNS from any IP address:

# nslookup -type=txt -class=chaos version.bind 1.2.3.4
Server:         1.2.3.4
Address:        1.2.3.4#53

version.bind    text = "Not disclosed"



where, 1.2.3.4 - box with name server installed.

f213b9fa8759d57bee5d547445806fe7 6311ae17c1ee52b36e68aaf4ad066387

Email subscription for changes to this article
Save as PDF