Domain Name System Security Extensions - Tools

Tools

DNSSEC deployment requires software on the server and client side. Some of the tools that support DNSSEC include:

  • Windows 7 and Windows Server 2008 R2 include a "security-aware" stub resolver that is able to differentiate between secure and non-secure responses by a recursive name server.
  • BIND, the most popular DNS name server (which includes dig). Version 9.3 implemented the newer DNSSEC-bis (DS records) although it did not support NSEC3 records. BIND 9.6 was released in December 2008 and has full support for NSEC3 records.
  • Drill is a DNSSEC-enabled dig-like tool bundled with ldns.
  • Drill extension for Firefox adds to Mozilla Firefox the ability to determine if a domain can be verified using DNSSEC.
  • DNSSEC-Tools aims at providing easy to use tools for helping all types of administrators and users make use of DNSSEC. It offers tools for administrators of Authoritative Zones, Authoritative Server, and Recursive Servers as well as a library and tools for Application Developers and existing patches for extending common applications.
  • Phreebird is a DNS proxy that can add DNSSEC support on top of any other DNS server.
  • Zone Key Tool is a software designed to ease the maintenance of DNSSEC aware zones. It's primarily designed for environments with a small to medium number of zones and provides a full automatic zone signing key rollover as well as automatic resigning of the zone.
  • Unbound is a DNS name server that was written from the ground up to be designed around DNSSEC concepts.
  • GbDns is a compact, easy-to-install DNSSEC name server for Microsoft Windows.
  • mysqlBind The GPL DNS management software for DNS ASPs now supports DNSSEC.
  • OpenDNSSEC is a designated DNSSEC signer tool using PKCS#11 to interface with Hardware Security Modules.
  • SecSpider tracks DNSSEC deployment, monitors zones, and provides a list of observed public keys.
  • DNSViz and DNSSEC Analyzer are Web-based tools to visualize the DNSSEC authentication chain of a domain.
  • DNSSEC Validator is a Mozilla Firefox addon for visualization of DNSSEC status of the visited domain name.
  • DNSSHIM or DNS Secure Hidden Master is an open-source tool to automatize DNSSEC supported zones provisioning process.
  • Net::DNS::SEC is a DNS resolver implemented in Perl.

Read more about this topic:  Domain Name System Security Extensions

Famous quotes containing the word tools:

    The besetting sin of able men is impatience of contradiction and of criticism. Even those who do their best to resist the temptation, yield to it almost unconsciously and become the tools of toadies and flatterers. “Authorities,” “disciples,” and “schools” are the curse of science and do more to interfere with the work of the scientific spirit than all its enemies.
    Thomas Henry Huxley (1825–95)

    There is a great satisfaction in building good tools for other people to use.
    Freeman Dyson (b. 1923)

    A life I didn’t choose
    chose me: even
    my tools are the wrong ones
    for what I have to do.
    Adrienne Rich (b. 1929)