After running lynis (linux security auditing tool), it said im exposing my bind version number, so here is what worked to hide it:

lynis warning:
Code:
Found BIND version in banner [NAME-4210]
      http://cisofy.com/controls/NAME-4210/
command to test/check bind version of an nameserver
Code:
nslookup -type=txt -class=chaos version.bind ns1.yourdomain.com
example output:
Code:
version.bind    text = "9.8.2rc1-RedHat-9.8.2-0.23.rc1.el6_5.1"
How to fix, hide the BIND version number?

edit file:
Code:
vi /etc/named.conf
Add this line:
Code:
    version "Not disclosed";
into:
Code:
options {
}
example i have:
Code:
options {
     // Put files that named is allowed to write in the data/ directory:
    directory                "/var/named"; // the default
    pid-file                 "/var/run/named/named.pid";
    dump-file                "data/cache_dump.db";
    statistics-file          "data/named_stats.txt";
    allow-transfer {"none";};
    version "Not disclosed";
};
then restarted bind (named service):
rhel:
Code:
service named restart
deb:
Code:
/etc/init.d/named restart
?