fpdns

In an attempt to determint the bind version number remotely, usually something like:

dig @dnsserver.net version.bind txt ch

will give you what you need. However, this is a configuration option that can be turned off. ie, in named.conf they could have set the following

options {

version “back off!”;

}

and, uhh, yeah. that will return “back off!” for our version number, which isn’t very helpful.

Enter fpdns.

From the man page:

fpdns is a program that remotely determines DNS server versions. It does this by sending
a series of borderline DNS queries which are compared against a table of responses and
server versions.

False positives or incorrect versions may be reported when trying to identify a set of
servers residing behind a load-balancing apparatus where the servers are of different
implementations, when a specific implementation behaves like a forwarder, behind a fire‐
wall without statefull inspection or without Application Intelligence.

and it works pretty well from my preliminary tests.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s