Look at a domain and check for DNSSEC records. Naming and shaming included!
- This implementation only checks a domain for signed A, AAAA, CNAME, MX and SOA records. You might want to try another tool for more extensive DNSSEC tests and analysis.
- Lookups are cached in getdns’ context for the duration of the server’s uptime. DNS record TTL should also be in effect.
- Source code, project page.
- Make sure getdns is installed properly, including unbound’s root anchor. If the root anchor isn’t set up properly, all DNS lookups will be labeled insecure.
- Make sure mongodb is running.
# Clone the repository git clone --recursive https://github.com/joelpurra/node-dnssec-name-shame.git node-dnssec-name-shame cd node-dnssec-name-shame # Install dependencies npm install ./node_modules/.bin/bower install # Start the server. Note that logging is in bunyan's json format. npm start
Browse to your local test site, https://localhost:5000/.
# Start the server in debugging mode npm run debug # Test the code npm test --silent
Optionally debug the server, possibly using Chrome DevTools for Node.js.
☐ Fetch Alexa’s top 25 (or more) sites dynamically.
☐ Create pretty-pretty slide show style animations for the listed example domains?
☑ Modify links to the external sites to open in new window, and add link to
/domain/example.com so content can be discovered.
☑ Tweet the results.
☑ Add sounds for pass and fail.
☑ Create a small API.
☑ Download Google Fonts and serve locally:
google-font-download "Quando" "Pacifico" "'Open Sans'".
- Versign Labs.
- NLnet Labs, with special thanks to Willem Toorop (@wtoorop) for all the help with the DNAS server(s).
- Anne-Marie Eklund Löwinder, DNSSEC pioneer and Internet Hall of Fame inductee, for the photo made specially for this site.
- Photo of Anne-Marie Eklund Löwinder by Per-Ola Mjömark, licensed under CC BY 4.0.
- Fail sound buzzer2.wav by hypocore, licensed under CC0 1.0.
- Success sound success.wav by grunz, licensed under CC BY 3.0.
Copyright © 2014, 2015, 2016, 2017, 2018, 2019, 2020, 2021 Joel Purra and Tom Cuddy. All rights reserved.
When using node-dnssec-name-shame, comply to the GNU Affero General Public License 3.0 (AGPL-3.0). Please see the LICENSE file for details.