| GEN:SID | 1:257 |
| Message | DNS named version attempt |
| Summary | A remote machine attempted to determine the version of your DNS server.
|
| Impact | Could indicate an impending attack, or maybe an innocent reconnaissance attempt.
|
| Detailed Information | A remote machine attempted to determine the version of your BIND DNS server.
|
| Affected Systems | |
| Attack Scenarios | As part of reconnaissance leading upto a potential intrusion attempt, an attacker may attempt to determine the BIND version that you are running in hopes of finding an unpatched version.
|
| Ease of Attack | Simple |
| Corrective Action | Disable the ability for untrusted (remote) machines to determine your named version.
|
| Additional References | |
| Rule References | arachnids: 278
nessus: 10028
|