How do I change the version that BIND reports when queried for version.bind?
BIND servers respond to queries for name version.bind with record type TXT and class CHAOS. By default this is set to the version of BIND that has been installed.
dig @127.0.0.1 version.bind chaos txt ; <<>> DiG 9.11.0 <<>> @127.0.0.1 version.bind chaos txt ; (1 server found) ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 22214 ;; flags: qr aa rd; QUERY: 1, ANSWER: 1, AUTHORITY: 1, ADDITIONAL: 0 ;; WARNING: recursion requested but not available ;; QUESTION SECTION: ;version.bind. CH TXT ;; ANSWER SECTION: version.bind. 0 CH TXT "9.11.0" ;; AUTHORITY SECTION: version.bind. 0 CH NS version.bind. ;; Query time: 160 msec ;; SERVER: 127.0.0.1#53(127.0.0.1) ;; WHEN: Wed Mar 15 15:07:34 2017 ;; MSG SIZE rcvd: 63
Sometimes it is desirable not to reveal the version of BIND that is running on the server. The default version can be changed using the version option in the options statement in named.conf. For example:
version "BIND 9";
It's also possible to disable version reporting entirely: