Notes:
|
|
|
|
Softpanorama |
May the source be with you, but remember the KISS principle ;-)
|
| Old News ;-) | See Also | Recommended Links | Audit_scripts | Zone Generators |
|
Classic tools (nslookup, dig, etc) |
Web-based tools | DNS Security | Humor | Etc |
There is an old slides by Cricket Liu A Survey of DNS Tools It contains a comparison of nslookup, dig, host, doc, dnswalk, dnsparse and h2n. Slides were presented in February 1993 so they are really old.
Personally I prefer Perl-based DNS tools and this page is devoted almost exclusively to them. For more general page please see an excellent DNS tools site.
There are two supplementary pages for this:
Dr. Nikolai Bezroukov
|
About: The DNSSEC-Tools package is a collection of tools, scripts, Perl modules, C libraries, and application patches that are useful for DNS zone administrators and end users to deploy DNS Security (DNSSEC).
Changes: Many improvements were made to the documentation, trust anchor management, key rollover, and zone signing. The validating library has received a number of improvements. There is a new shim library that can be used to bring any application into DNSSEC compliance without recompiling it. Many other changes were made
Net::DNS is a DNS resolver implemented in Perl. It allows the programmer to perform nearly any type of DNS query from a Perl script. For details and examples, please read the Net::DNS manual pages. To read about the latest features, see the Changes file. To find out about known bugs and to see what's planned for future versions, see the TODO file.
Net::DNS does not depend on any C libraries. However, if possible Net::DNS tries to link to the libresolv library. This provides a notable speed increase.
The author invites feedback on Net::DNS. If there's something you'd like to have added, please let me know. If you find a bug, please follow the instructions below.
The current release version of Net::DNS is: 0.58
New releases and developments are announced on the "Bl
With both a command-line interface and a web interface, sleuth will check whether the configuration of your DNS complies with the RFCs. It will give you warnings for some things and errors when it sees something completely wrong. The best part is it will tell you what is wrong and reference the RFC so you can see for yourself why it's bad and how to fix it. No more guessing if it's correct or not--fast and thorough. It requires Perl and the Net::DNS Perl module.
Perl is a fantastic tool for system administrators -- even on Windows. Though the shiny GUI is astonishingly useless (or at least too mouse-friendly) for all but the simplest changes, there's plenty to automate under the shell. Thomas Herchenroeder explains how he wrapped dnscmd with Perl to make changes easily. [Perl.com]
Simple Dynamic DNS is a very light and simple set of Perl scripts to provide DNS support for users with dynamic IPs. The server is a CGI which waits for a client connection, then authenticates and changes the user IP. The cron script will check every N minutes for changes in the zones specified in the config files, and if any, it rebuilds the Bind zone from the latest updated IPs.
DNSSEC Walker is a tool to recover DNS zonefiles using the DNS protocol. The server does not have to support zonetransfer, but the zone must contain DNSSEC "NXT" or "NSEC" records. Optionally, it can also verify DNSSEC signatures on the RRsets within the zone.
ldapdns is a robust DNS server that forwards DNS requests to your LDAP directory. This means that changes to your LDAP directory will take affect immediately (no intermediate commands to run, and no cron jobs to wait for).
Sauron is a free DNS/DHCP management system with Web and command line interfaces. It is able to manage multiple DNS/DHCP servers. Complete dhcpd and named configurations are generated from a central SQL database.
This version works with BIND 9, but there is also a version for BIND 8. (version 2.2.3 of 25-Jul-2001, checked 08-Sep-2004)
Sauron is a free DNS/DHCP management system with Web and command line interfaces. It is able to manage multiple DNS/DHCP servers. Complete dhcpd and named configurations are generated from a central SQL database.
DNSDusty is an uncomplicated Web-based DNS management tool. It does all of its modifications via signed dynamic updates, and gets info on zones via zone transfers. Thus, it does not require any external databases, and plays along well with other tools that do dynamic updates (such as DHCP). DNSDusty is written as a Perl CGI script, so it should work with most Web servers.
dnswalk is a DNS debugger. It performs zone transfers of specified domains, and checks the database in numerous ways for internal consistency, as well as accuracy.
Name Server Configurator -- A set of scripts for easy DNS configuration.
dnsutil 1.5 -- The dnsutil package is a collection tools designed to make administering DNS easier.
About: mkrdns is a small Perl script that helps automate changes to your DNS zone files. It does this by reading your named.boot/named.conf file to find all the domains/networks for which you are authoritative. It then reads all of the forward zone files and generates PTR records which it inserts in the reverse zone maps.
Changes: mkrdns incorrectly assumed that commands in named.conf files would be on seperate lines in some cases. This could cause mkrdns to ignore other multiple commands on a single line.
nslint is a lint-like program that checks DNS files for errors. DNS or Domain Name System generally maps names to IP addresses and E-mail addresses in a hierarchical fashion. Errors detected include missing trailing dots, illegal characters (RFC 1034), records without matching PTR records and vice-versa, duplicate names in a subnet, duplicate names for an address, names with cname records (RFC 1033), missing quotes, and unknown keywords.
AIM from Andy Farrior is a set of perl scripts using dbm files and keeps track of hardware addresses, hostnames, primary managers, dns, bootp, etc. Link is broken
Commercial products
DNS Boss -- is a commercial Java product that allows you to rapidly setup and maintain one or many DNS domains
Copyright © 1996-2008 by Dr. Nikolai Bezroukov. www.softpanorama.org was created as a service to the UN Sustainable Development Networking Programme (SDNP) in the author free time. Submit comments This document is an industrial compilation designed and created exclusively for educational use and is placed under the copyright of the Open Content License(OPL). Original materials copyright belong to respective owners. Quotes are made for educational purposes only in compliance with the fair use doctrine.
Standard disclaimer: The statements, views and opinions presented on this web page are those of the author and are not endorsed by, nor do they necessarily reflect, the opinions of the author present and former employers, SDNP or any other organization the author may be associated with. We do not warrant the correctness of the information provided or its fitness for any purpose.
Created May 16, 1996; Last modified: June 19, 2008