Howto find DNS Server Version remotely using fpdns (Finger printing DNS servers)
Sponsored Link
The reality is quite different though. fpdns uses a series of borderline DNS queries to determine the vendor, product and version of a nameserver.
A nameserver basically responds to a query. Interoperability is an obvious requirement here. The standard protocol behaviour of different DNS implementations is expected to be the same.
Requirements for protocol behaviour of DNS implementations is widely documented in the case of ‘common' dns messages. The DNS protocol is over 20 years old and since its inception, there have been over 40 independent DNS implementations, while some implementations have over 20 versions.
The methodology used to identify individual nameserver implementations is based on "borderline" protocol behaviour. The DNS protocol offers a multitude of message bits, response types, opcodes, classes, query types and label types in a fashion that makes some mutually exclusive while some are not used in a query messages at all. Not every implementation offers the full set of features the DNS protocol set currently has. Some implementations offer features outside the protocol set, and there are implementations that do not conform to standards.
Also, new features added to -- or bugs removed allow for differentiations between versions of an implementation.
Install fpdns in Ubuntu
sudo aptitude install fpdns
This will complete the installation
Using fpdns
fpdns [-c] [-d] [-f] [-p port] [-Q srcaddr] [-r retry] [-s] [-t timeout] [-v] server
Where: server is an ip address or a resolvable name
or ‘-‘ to read list of servers from stdin
-c (where appropriate check CH TXT version) [off]
-d (debug) [off]
-f (force check CH TXT version) [off]
-F (maximum forked processes) [10]
-p port (nameserver is on this port) [53]
-Q srcaddr (source IP address) [0.0.0.0]
-r retry (set number of attempts) [1]
-s (short form) [off]
-t time (set query timeout) [5]
-v (show version)
fpdns Examples
BIND Version 8 Example
fpdns -D google.com
fingerprint (google.com, 216.239.34.10): ISC BIND 8.3.0-RC1 --- 8.4.4
fingerprint (google.com, 216.239.36.10): ISC BIND 8.3.0-RC1 --- 8.4.4
fingerprint (google.com, 216.239.38.10): ISC BIND 8.3.0-RC1 --- 8.4.4
fingerprint (google.com, 216.239.32.10): ISC BIND 8.3.0-RC1 --- 8.4.4
BIND Version 9 Example
fpdns -D debianhelp.co.uk
fingerprint (debianhelp.co.uk, 212.67.202.2): ISC BIND 9.2.3rc1 --- 9.4.0a0 [recursion enabled]
fingerprint (debianhelp.co.uk, 212.67.203.246): ISC BIND 9.2.3rc1 --- 9.4.0a0 [recursion enabled]
TinyDNS Example
fpdns ns1.eu.dedicatedserver.com.
fingerprint (ns1.eu.dedicatedserver.com., 213.198.65.226): DJ Bernstein TinyDNS 1.05
Microsoft windows 2003 Example
fpdns -D microsoft.com
fingerprint (microsoft.com, 207.68.160.190): Microsoft Windows DNS 2003
fingerprint (microsoft.com, 65.54.240.126): Microsoft Windows DNS 2003