Abstract: Some security analysts say that removing all kind of information provided by a server about the installed software, might limit the information a attacker could reuse in order to attack a server. So they mentioned to remove the DNS Software Version information which is provided by a Microsoft DNS server.
Solution: To remove the DNS Software Version information there are two possible options.
Option one is to open a CMD comandprompt with admin rights and entering the command:
dnscmd /config /EnableVersionQuery 0
Option two is to edit the registry (which is changed as well by the command above)
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\DNS\Parameters\EnableVersionQuery to 0
Possible values (as seen on the MS Website):
|No version information will be returned.
|The server responds with major operating system version, minor operating system version, and operating system revision.
|The server responds with major operating system version and minor operating system version.
Note: On Windows Server 2008 / Windows Server 2008 R2 the default value is 0x00000001. On Windows Server 2012 / Windows Server 2012 R2 the default value is 0x00000000.