Domain Name System Security Extensions - Tools

Tools

DNSSEC deployment requires software on the server and client side. Some of the tools that support DNSSEC include:

  • Windows 7 and Windows Server 2008 R2 include a "security-aware" stub resolver that is able to differentiate between secure and non-secure responses by a recursive name server.
  • BIND, the most popular DNS name server (which includes dig). Version 9.3 implemented the newer DNSSEC-bis (DS records) although it did not support NSEC3 records. BIND 9.6 was released in December 2008 and has full support for NSEC3 records.
  • Drill is a DNSSEC-enabled dig-like tool bundled with ldns.
  • Drill extension for Firefox adds to Mozilla Firefox the ability to determine if a domain can be verified using DNSSEC.
  • DNSSEC-Tools aims at providing easy to use tools for helping all types of administrators and users make use of DNSSEC. It offers tools for administrators of Authoritative Zones, Authoritative Server, and Recursive Servers as well as a library and tools for Application Developers and existing patches for extending common applications.
  • Phreebird is a DNS proxy that can add DNSSEC support on top of any other DNS server.
  • Zone Key Tool is a software designed to ease the maintenance of DNSSEC aware zones. It's primarily designed for environments with a small to medium number of zones and provides a full automatic zone signing key rollover as well as automatic resigning of the zone.
  • Unbound is a DNS name server that was written from the ground up to be designed around DNSSEC concepts.
  • GbDns is a compact, easy-to-install DNSSEC name server for Microsoft Windows.
  • mysqlBind The GPL DNS management software for DNS ASPs now supports DNSSEC.
  • OpenDNSSEC is a designated DNSSEC signer tool using PKCS#11 to interface with Hardware Security Modules.
  • SecSpider tracks DNSSEC deployment, monitors zones, and provides a list of observed public keys.
  • DNSViz and DNSSEC Analyzer are Web-based tools to visualize the DNSSEC authentication chain of a domain.
  • DNSSEC Validator is a Mozilla Firefox addon for visualization of DNSSEC status of the visited domain name.
  • DNSSHIM or DNS Secure Hidden Master is an open-source tool to automatize DNSSEC supported zones provisioning process.
  • Net::DNS::SEC is a DNS resolver implemented in Perl.

Read more about this topic:  Domain Name System Security Extensions

Famous quotes containing the word tools:

    Armies, though always the supporters and tools of absolute power for the time being, are always the destroyers of it too; by frequently changing the hands in which they think proper to lodge it.
    Philip Dormer Stanhope, 4th Earl Chesterfield (1694–1773)

    Justice and truth are too such subtle points that our tools are too blunt to touch them accurately.
    Blaise Pascal (1623–1662)

    Think of the tools in a tool-box: there is a hammer, pliers, a saw, a screwdriver, a rule, a glue-pot, nails and screws.—The function of words are as diverse as the functions of these objects.
    Ludwig Wittgenstein (1889–1951)