On Tue, 30 Jan 2001 bmanning@vacation.karoshi.com wrote:
lets see... (from previous discussions on the usefullness of tweeking the version)
wearing my blackhat, i have to decide which system is worthty of my talents... which one should I pick?
version "bad-ass-bind"; -or- version "9.1.0"
of course I could be running 4.8.1 and simply recompile so it _reports_ a bogus version but the profile of a 9.1.0 code base is -very- distinct from a 4.8.1 code base... esp on replies to queries.
Pick your targets carefully.
However if I run a safe version of bind _and_ pay attention to my logfiles I may actually catch a couple of nosy crackerjacks in the attempt and keep an eye out before they find something which _is_ vulnerable. Whether it's operationally sane to use such honeypot functionality on a production server remains to be seen. Pi -- Live phase 1 <--> RJ45 pin 3 GND <--> RJ45 pin 8 Live phase 2 <--> RJ45 pin 6 Live phase 3 <--> RJ45 pin 2 Is this suitable? Neutral <--> RJ45 pin 1 Or should we kill phones too?