Message-Id: <200102082310.SAA19817@nighthawk.mit.edu>
To: bobmah@MIT.EDU
cc: security-internal@MIT.EDU
Subject: BIND
Date: Thu, 08 Feb 2001 18:10:55 EST
From: Angie Kelic <sly@MIT.EDU>

You can tell people to run the bind version query on their machine
to see what version they're running.  This can be done from
any host, and it is worhty of note that these commands dump core
under RedHat with the 8.2.3 version of bindutils.  (It is unclear
if it happens on other OS's as well).

Basically:

Command 1:

athena% host -c chaos -t txt version.bind nighthawk.mit.edu
Using domain server:
Name: nighthawk.MIT.EDU
Address: 18.33.0.171
Aliases:

VERSION.BIND CHAOS descriptive text "8.2.3-REL"

Command 2:

athena% dig @nighthawk.mit.edu -c chaos -t txt version.bind 

; <<>> DiG 8.1 <<>> @nighthawk.mit.edu -c -t version.bind 
; (1 server found)
;; res options: init recurs defnam dnsrch
;; got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 10
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0
;; QUERY SECTION:
;;      version.bind, type = TXT, class = CHAOS

;; ANSWER SECTION:
VERSION.BIND.           0S CHAOS TXT    "8.2.3-REL"

;; Total query time: 2 msec
;; FROM: airfoil.mit.edu to SERVER: nighthawk.mit.edu  18.33.0.171
;; WHEN: Thu Feb  8 18:05:32 2001
;; MSG SIZE  sent: 30  rcvd: 64

(The version you see above is the latest version.  Non sipb-athena
Athena hosts are running 8.1.2).  Since the commands do seg fault
and dump core, we may suggest to people that they execute the
test to their machine from any athena machine. Also, we need to
point out that bind needs to be restarted for the change to take 
effect.


******************************************************
The goal of engineering is to build better mousetraps.
The goal of nature is to build better mice.
******************************************************