Determining version of BIND running on RHEL 4.0 box

Determining version of BIND running on RHEL 4.0 box

Post by MaryJan » Sat, 06 Sep 2008 00:40:51


I'm in the process of learning more about BIND, as I'm now responsible
for DNS running on RHEL box. How do I determine which BIND version is
running? I do not have root privileges.
 
 
 

Determining version of BIND running on RHEL 4.0 box

Post by Jeff Light » Sat, 06 Sep 2008 00:57:15

Run "rpm -qa |grep bind". This should show you which BIND packages are
installed.

To see "version" from BIND's standpoint you'd need to run "named -v" but
you may not have permission to do that without root - you may need
System Admins to setup sudo access to the named command and other BIND
utilities and directories.

Note on RHEL the named version returned by "named -v" doesn't tell the
whole story. There was a recent major vulnerability identified and
RedHat backported the fix to their versions (e.g. 9.3.4-P1) so it is the
package version from rpm -qa above that indicates whether you have the
backported fix.

Of course the above assumes you are not running a version of BIND that
someone downloaded and compiled locally.

-----Original Message-----
From: XXXX@XXXXX.COM [mailto: XXXX@XXXXX.COM ] On
Behalf Of MaryJane
Sent: Thursday, September 04, 2008 11:41 AM
To: XXXX@XXXXX.COM
Subject: Determining version of BIND running on RHEL 4.0 box

I'm in the process of learning more about BIND, as I'm now responsible
for DNS running on RHEL box. How do I determine which BIND version is
running? I do not have root privileges.
----------------------------------
CONFIDENTIALITY NOTICE: This e-mail may contain privileged or confidential information and is for the sole use of the intended recipient(s). If you are not the intended recipient, any disclosure, copying, distribution, or use of the contents of this information is prohibited and may be unlawful. If you have received this electronic transmission in error, please reply immediately to the sender that you have received the message in error, and delete it. Thank you.
----------------------------------

 
 
 

Determining version of BIND running on RHEL 4.0 box

Post by Joe Makowi » Sat, 06 Sep 2008 01:12:21


"man named" leads to:

-v Report the version number and exit.

With many *nix commands, it's worth trying $COMMAND -v or
$COMMAND --version if you want to see the version. If you're on a box
that uses yum, you can use "yum info $PACKAGE". Boxes which use RPM
(which, in general, includes boxes that use yum) have a file called
"rpmpkgs" in their log directory (/var/log on most) which lists currently
installed RPMs and their versions. If your box uses apt-get, you can try
dpkg -l $PACKAGE or dpkg -l|grep $PACKAGE. These methods can, by and
large, be used by an unprivileged user.

--
Joe Makowiec
http://www.yqcomputer.com/
Email: http://www.yqcomputer.com/
Usenet Improvement Project: http://www.yqcomputer.com/
 
 
 

Determining version of BIND running on RHEL 4.0 box

Post by John Horn » Sat, 06 Sep 2008 02:01:03


'dig -v' may give an indication, or perhaps try:

dig -c ch -t txt version.bind


John.

--
---------------------------------------------------------------
John Horne, University of Plymouth, UK Tel: +44 (0)1752 587287
E-mail: XXXX@XXXXX.COM Fax: +44 (0)1752 587001
 
 
 

Determining version of BIND running on RHEL 4.0 box

Post by Mark Andre » Sat, 06 Sep 2008 08:41:08


You missed a few essential arguments.

dig -c ch -t txt version.bind +norec @server

You need to specify the server you are checking.

You need to not recurse or otherwise you may be checking
the version of a forwarder.

Mark


--
Mark Andrews, ISC
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742 INTERNET: XXXX@XXXXX.COM
 
 
 

Determining version of BIND running on RHEL 4.0 box

Post by Sam Wilso » Wed, 10 Sep 2008 00:54:44

In article <g9p4kd$1gh2$ XXXX@XXXXX.COM >,




'dig -v' tells you the version of dig that you're using. *If* it's on
the same system as the BIND you're trying to check, and *if* it's been
installed as part of the same BIND package *then* you might be able to
infer what version of BIND is running, but that's not a very reliable
test. :-)

'dig chaos txt version.bind @server' is the usual way, which is OK so
long as the version hasn't been obscured from the BIND config file.

Sam
 
 
 

Determining version of BIND running on RHEL 4.0 box

Post by Jeff Light » Wed, 10 Sep 2008 01:09:03

Just for the record - I didn't write the part about dig.

In fact dig wouldn't tell you what you need to know any more than named
-v would. This is because it is the exact RPM package version that is
needed to determine what RedHat back ported version you're running and
you'd still have to go to RedHat's site to determine what features are
in the RPM version.

-----Original Message-----
From: XXXX@XXXXX.COM [mailto: XXXX@XXXXX.COM ] On
Behalf Of Sam Wilson
Sent: Monday, September 08, 2008 11:55 AM
To: XXXX@XXXXX.COM
Subject: Re: Determining version of BIND running on RHEL 4.0 box

In article <g9p4kd$1gh2$ XXXX@XXXXX.COM >,



are
but
BIND

'dig -v' tells you the version of dig that you're using. *If* it's on
the same system as the BIND you're trying to check, and *if* it's been
installed as part of the same BIND package *then* you might be able to
infer what version of BIND is running, but that's not a very reliable
test. :-)

'dig chaos txt version.bind @server' is the usual way, which is OK so
long as the version hasn't been obscured from the BIND config file.

Sam
----------------------------------
CONFIDENTIALITY NOTICE: This e-mail may contain privileged or confidential information and is for the sole use of the intended recipient(s). If you are not the intended recipient, any disclosure, copying, distribution, or use of the contents of this information is prohibited and may be unlawful. If you have received this electronic transmission in error, please reply immediately to the sender that you have received the message in error, and delete it. Thank you.
----------------------------------
 
 
 

Determining version of BIND running on RHEL 4.0 box

Post by Sam Wilso » Thu, 11 Sep 2008 20:01:30

In article <ga7crk$fkb$ XXXX@XXXXX.COM >,




There are a couple of problems here. The OP states that s/he doesn't
have root access. S/he therefore may or may not have the necessary
privilege to run "named -v". S/he also needs to know the path to named,
and be sure that that path is to the named that is actually running, in
case there is more than one named executable on the system.

Sorry about the "s/he" stuff - I'm not sure we can trust the name in a
Usenet attribution.

Sam