≡ Menu


Download Of The Day: OpenSSH 5.1

OpenSSH server and client version 5.1 has just been released and available for download. New features in OpenSSH 5.1:
=> Introduce experimental SSH Fingerprint ASCII Visualisation to ssh(1) and ssh-keygen(1).

=> sshd now support CIDR address/masklen matching.

=> Added an extended test mode (-T) to sshd(8) to request that it write its effective configuration to stdout and exit.

=> ssh(1) now prints the number of bytes transferred and the overall connection throughput for SSH protocol 2 sessions when in verbose mode.

=> Added a MaxSessions option to sshd_config(5) to allow control of the number of multiplexed sessions supported over a single TCP connection.

Download OpenSSH 5.1

=> Visit offical site to grab latest OpenSSH 5.1

By hiding out DNS server version number you can improve server security. fpdns is a program that remotely determines DNS server versions. It does this by sending a series of borderline DNS queries which are compared against a table of responses and server versions. (just like nmap command’s remote OS detection facility).

A nameserver basically responds to a query. Interoperability is an obvious requirement here. The standard protocol behavior of different DNS implementations is expected to be the same.

Install fpdns

Debian / Ubuntu user, enter the following command:
$ sudo apt-get install fpdns
FreeBSD user, either use ports or binary package:
$ pkg_add -v -r fpdns
Alternatively grab source code from official web site.

Howto remotely determine DNS server version

To determine DNS server version for domain nixcraft.com, enter:
$ fpdns -D nixcraft.com

fingerprint (nixcraft.com, bboy MyDNS
fingerprint (nixcraft.com, bboy MyDNS 

You can easily find out if recursion enabled or not:
$ fpdns ns1.vnsl.com.

fingerprint (ns1.vnsl.com., ISC BIND 9.2.3rc1 -- 9.4.0a0 [recursion enabled]  

To read list of servers from key board, enter:
$ fpdns -

fingerprint (ns2.vnsl.com, ISC BIND 9.2.3rc1 -- 9.4.0a0 [recursion enabled]
fingerprint (ns1.softlayer.com, ISC BIND 9.2.3rc1 -- 9.4.0a0
fingerprint (ns.yahoo.com, ISC BIND 8.3.0-RC1 -- 8.4.4
fingerprint (ns1.google.com, ISC BIND 8.3.0-RC1 -- 8.4.4 

Further readings

=> Read fpdns man page.