Skip to main content
Goline Logo
Goline It Services Logo

Home

About Us

Services

Solutions

Systems Architecture

Support

FAQ

News

  • GOLINE SA Announces Strategic Partnership with NetApp November 7th, 2025
    GOLINE SA is excited to announce a new partnership with NetApp, a global leader in cloud data services and storage solutions. This collaboration aims to help organizations modernize their IT infrastructure, streamline data management, and enhance performance across cloud and hybrid environments. Modern Data Solutions for Businesses Through this partnership, GOLINE integrates advanced data management solutions, enabling businesses to securely store, manage, and access critical information across cloud, on-premises, or hybrid setups. Clients can benefit from: Flexible and scalable storage solutions to meet growing data needs Simplified management of cloud and on-premises environments Enterprise-grade security for sensitive and mission-critical data...
  • GOLINE SA Announces Partnership with Omnissa November 7th, 2025
    GOLINE SA is proud to announce a new strategic partnership with Omnissa, a global leader in digital workspace platforms and Horizon Cloud Service solutions. This collaboration marks a significant step forward in helping organizations embrace secure, flexible, and high-performance work environments. Why Choose Omnissa for Your Business? The platform enables virtual desktops, applications, and unified endpoint management. Organizations can deploy scalable workspaces across cloud, hybrid, or on-premises setups. Key benefits include: Easy access to desktops and apps on any device Centralized management for Windows, macOS, iOS, Android, and ChromeOS Strong security with access controls and multi-factor authentication Automated scaling to...
  • GOLINE SA partners with Cloudflare November 6th, 2025
    Goline is proud to announce a strategic partnership with Cloudflare, the world leader in web performance and security solutions. This collaboration aims to provide goline.ch customers with state-of-the-art protection against cyber threats while delivering lightning-fast website performance. Through this partnership, Goline integrates Cloudflare’s advanced services, including DDoS protection, CDN caching, DNS security, and edge computing, allowing businesses to secure and optimize their websites effortlessly. Users will benefit from improved page load speed, enhanced reliability, and robust defense against malicious attacks. This partnership with Cloudflare enables goline to offer unmatched security and performance solutions to clients. By leveraging Cloudflare’s cutting-edge technology,...

Hide DNS Software Version

Paolo Caparrelli Networking Windows 22 June 2022

<!DOCTYPE html> <html> <head> </head> <body> <p><span style="font-size: large;"><strong>Hide DNS Software Version</strong></span><br /><br />Sometimes a new vulnerability is found in DNS software and script kiddies are scanning the Internet to exploit unpatched systems. It's a best practice to hide software version on your DNS servers, although this is not a real protection it just makes a little harder to find your servers via scanning.<br /><br />Use dig command to find which version is running on your name servers:<br /><br /><span style="color: #0000ff;">$ dig +short @ns1.example.com version.bind txt chaos</span><br /><span style="color: #888888;">"9.8.2rc1-RedHat-9.8.2-0.23.rc1.el6_5.1"</span><br /><br /><span style="font-size: large;"><strong>Bind</strong></span><br /><br />To hide version in when using Bind, open named.conf configuration file using your favorite editor, go to options section and set a custom version string using version option.<br /><br />Example:<br /><br /><span style="color: #0000ff;">// /etc/named.conf</span><br /><span style="color: #0000ff;">options {</span><br /><span style="color: #0000ff;">  // Hide bind version</span><br /><span style="color: #0000ff;">  version "unknown";</span><br /><span style="color: #0000ff;">};</span><br /><br />Restart the server (use bind9 instead of named on systems based on Debian):<br /><br /><span style="color: #0000ff;">$ sudo service named restart</span><br /><span style="color: #888888;">Stopping named: .                                          [  OK  ]</span><br /><span style="color: #888888;">Starting named:                                            [  OK  ]</span><br /><br />Verify that server is returning new version string:<br /><br /><span style="color: #0000ff;">$ dig +short @ns1.example.com version.bind txt chaos</span><br /><span style="color: #888888;">"unknown"</span><br /><br /><span style="font-size: large;"><strong>Knot</strong></span><br /><br />Edit knot.conf and set version parameter in system section to off:<br /><br /><span style="color: #0000ff;">system {</span><br /><span style="color: #0000ff;">  # Used for answer to CH TXT 'version.server' or 'version.bind'</span><br /><span style="color: #0000ff;">  version off;</span><br /><span style="color: #0000ff;">}</span><br /><br />Restart the server to apply changes:<br /><br /><span style="color: #0000ff;">$ sudo service knot restart</span><br /><span style="color: #888888;">Stopping knot: .                                          [  OK  ]</span><br /><span style="color: #888888;">Starting knot:                                            [  OK  ]</span><br /><br /><span style="font-size: large;"><strong>NSD</strong></span><br /><br />Edit nsd.conf configuration file and set hide-version parameter to yes in server section.<br /><br /><span style="color: #0000ff;">server:</span><br /><span style="color: #0000ff;">  # /etc/nsd/nsd.conf</span><br /><span style="color: #0000ff;">  # Don't answer VERSION.BIND and VERSION.SERVER CHAOS class queries</span><br /><span style="color: #0000ff;">  hide-version: yes</span><br /><br />Restart NSD server:<br /><br /><span style="color: #0000ff;">$ sudo service nsd restart</span><br /><span style="color: #888888;">Stopping nsd:                                              [  OK  ]</span><br /><span style="color: #888888;">Starting nsd:                                              [  OK  ]</span><br /><br /><br /><span style="font-size: large;"><strong>Microsoft DNS</strong></span><br /><br />To control how the server responds to version query, use dnscmd command with EnableVersionQuery parameter. Possible values:<br /><br />    0x00000000 (DNS_VERSION_QUERY_OFF) No version information will be returned.<br />    0x00000001 (DNS_VERSION_QUERY_FULL) The server responds with major operating system version, minor operating system version, and operating system revision.<br />    0x00000002 (DNS_VERSION_QUERY_MINIMAL) The server responds with major operating system version and minor operating system version.<br /><br />Example:<br /><br /><span style="color: #0000ff;">dnscmd /config /EnableVersionQuery 0</span><br /><br />On Windows Server 2008 and Windows Server 2008 R2, the default value is 0x00000001. On Windows Server 2012 and Windows Server 2012 R2, the default value is 0x00000000.</p> </body> </html>

0 0 votes
Article Rating
Subscribe
Notify of
0 Comments
Oldest
Newest Most Voted
Inline Feedbacks
View all comments
0
Would love your thoughts, please comment.x
()
x