≡ Menu


Download Of The Day: OpenSSH 5.1

OpenSSH server and client version 5.1 has just been released and available for download. New features in OpenSSH 5.1:
=> Introduce experimental SSH Fingerprint ASCII Visualisation to ssh(1) and ssh-keygen(1).

=> sshd now support CIDR address/masklen matching.

=> Added an extended test mode (-T) to sshd(8) to request that it write its effective configuration to stdout and exit.

=> ssh(1) now prints the number of bytes transferred and the overall connection throughput for SSH protocol 2 sessions when in verbose mode.

=> Added a MaxSessions option to sshd_config(5) to allow control of the number of multiplexed sessions supported over a single TCP connection.

Download OpenSSH 5.1

=> Visit offical site to grab latest OpenSSH 5.1

Find out DNS Server Version With DNS Server Fingeprinting tool

By hiding out DNS server version number you can improve server security. fpdns is a program that remotely determines DNS server versions. It does this by sending a series of borderline DNS queries which are compared against a table of responses and server versions. (just like nmap command’s remote OS detection facility).

A nameserver basically responds to a query. Interoperability is an obvious requirement here. The standard protocol behavior of different DNS implementations is expected to be the same.

Install fpdns

Debian / Ubuntu user, enter the following command:
$ sudo apt-get install fpdns
FreeBSD user, either use ports or binary package:
$ pkg_add -v -r fpdns
Alternatively grab source code from official web site.

Howto remotely determine DNS server version

To determine DNS server version for domain nixcraft.com, enter:
$ fpdns -D nixcraft.com

fingerprint (nixcraft.com, bboy MyDNS
fingerprint (nixcraft.com, bboy MyDNS 

You can easily find out if recursion enabled or not:
$ fpdns ns1.vnsl.com.

fingerprint (ns1.vnsl.com., ISC BIND 9.2.3rc1 -- 9.4.0a0 [recursion enabled]  

To read list of servers from key board, enter:
$ fpdns -

fingerprint (ns2.vnsl.com, ISC BIND 9.2.3rc1 -- 9.4.0a0 [recursion enabled]
fingerprint (ns1.softlayer.com, ISC BIND 9.2.3rc1 -- 9.4.0a0
fingerprint (ns.yahoo.com, ISC BIND 8.3.0-RC1 -- 8.4.4
fingerprint (ns1.google.com, ISC BIND 8.3.0-RC1 -- 8.4.4 

Further readings

=> Read fpdns man page.