vaheeD khoshnouD

linux, mikrotik, macosx

Find out DNS Server Version With DNS Server Fingeprinting tool

Written by vaheeD on January 6, 2013
4.00 avg. rating (83% score) - 1 vote

By hiding out DNS server version number you can improve server security. fpdns is a program that remotely determines DNS server versions. It does this by sending a series of borderline DNS queries which are compared against a table of responses and server versions.

A nameserver basically responds to a query. Interoperability is an obvious requirement here. The standard protocol behavior of different DNS implementations is expected to be the same.

Install fpdns

Debian / Ubuntu user, enter the following command:
$ sudo apt-get install fpdns
FreeBSD user, either use ports or binary package:
$ pkg_add -v -r fpdns
Alternatively grab source code from official web site.

Howto remotely determine DNS server version

To determine DNS server version for domain nixcraft.com, enter:
$ fpdns -D yahoo.com
Output:

fingerprint (yahoo.com, 68.142.196.63): ISC BIND 9.2.3rc1 — 9.6.1-P1
fingerprint (yahoo.com, 68.180.131.16): ISC BIND 9.2.3rc1 — 9.6.1-P1
fingerprint (yahoo.com, 202.43.223.170): ISC BIND 9.2.3rc1 — 9.6.1-P1
fingerprint (yahoo.com, 202.165.104.22): ISC BIND 9.2.3rc1 — 9.6.1-P1
fingerprint (yahoo.com, 119.160.247.124): ISC BIND 9.2.3rc1 — 9.6.1-P1
fingerprint (yahoo.com, 68.142.255.16): ISC BIND 9.2.3rc1 — 9.6.1-P1
fingerprint (yahoo.com, 121.101.152.99): ISC BIND 9.2.3rc1 — 9.6.1-P1

 

Further readings

=> Read fpdns man page.

4.00 avg. rating (83% score) - 1 vote