Nameserver breach of security

  • Posted March 1, 2013

I’m using DO’s DNS service and upon looking up DNSStuff, I got this warning below,

"One or more nameservers responded to version queries. This can be considered a breach of security. If a malicious person or program had access to a version-specific exploit for your DNS server, displaying the version info openly will make their attack much easier. This should be removed or obscured. The nameservers that responded to version queries are: responded with “9.8.1-P1” responded with “9.8.1-P1” "

Is there really a “breach of security” or can i just safely ignore the warning? Anything I and/or DO can do to “fix” this? Much thanks.


Submit an answer
You can type!ref in this text area to quickly search our full set of tutorials, documentation & marketplace offerings and insert the link!

These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.

It’s not really a breach. The majority of DNS nameservers will respond to version requests. All that means is that anyone is able to see what version of the BIND software they are running. In fact, I’m sort of surprised all three NS’s didn’t respond. If there’s an issue at all, perhaps it’s with the last nameserver -not- responding to the version request. <br> <br>You can safely ignore it.