Abstract: Some security analysts say that removing all kind of information provided by a server about the installed software, might limit the information a attacker could reuse in order to attack a server. So they mentioned to remove the DNS Software Version information which is provided by a Microsoft DNS server.

Solution: To remove the DNS Software Version information there are two possible options.

Option one is to open a CMD comandprompt with admin rights and entering the command:

dnscmd /config /EnableVersionQuery 0

Option two is to edit the registry (which is changed as well by the command above)

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\DNS\Parameters\EnableVersionQuery to 0

 Possible values (as seen on the MS Website):

0x00000000DNS_VERSION_QUERY_OFFNo version information will be returned.
0x00000001DNS_VERSION_QUERY_FULLThe server responds with major operating system version, minor operating system version, and operating system revision.
0x00000002DNS_VERSION_QUERY_MINIMALThe server responds with major operating system version and minor operating system version.

Note: On Windows Server 2008 / Windows Server 2008 R2 the default value is 0x00000001. On Windows Server 2012 / Windows Server 2012 R2 the default value is 0x00000000.

 

Leave your comments

Post comment as a guest

0

Comments

    • No comments found