Introduction
Visit www.openspf.org for more information on this technology. Method It is held within a TXT record for the domain. You can query this with the host command under Linux/POSIX. $ host -t txt [victim].com [victim].com descriptive text "v=spf1 a mx include:[victim].com" Recommendation Consider adding SPF records to allow MX records to send email. SPF helps prevent forging of the FROM address on the receiver end. Customer MTAs which support SPF will reject fraudulent emails because the SPF record will not match the spammers IP source addresses when forging @[victim].com FROM addresses. Introduction
By default BIND DNS reveals the version number when queried for a certain TXT record. Command # dig chaos txt version.bind @ns.[target].com Result An example is below: ; <<>> DiG 9.7.1-P2 <<>> chaos txt version.bind @ns.[target].com ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 18628 ;; flags: qr aa rd; QUERY: 1, ANSWER: 1, AUTHORITY: 1, ADDITIONAL: 0 ;; WARNING: recursion requested but not available ;; QUESTION SECTION: ;version.bind. CH TXT ;; ANSWER SECTION: version.bind. 0 CH TXT "9.3.6-P1-RedHat-9.3.6-4.P1.el5" ;; AUTHORITY SECTION: version.bind. 0 CH NS version.bind. ;; Query time: 329 msec ;; SERVER: [ip]#53([ip]) ;; WHEN: Sat Aug 21 03:55:28 2010 ;; MSG SIZE rcvd: 87 Recommendation Using the 'version' directive in the 'options' section will block the 'version.bind' query - usually in /etc/named.conf. |
Archives
September 2017
Categories
All
|
|
|