Test Suite:
DNS Server SuiteDirection:
ServerDomain Name Service (DNS) is a protocol originally intended to translate Internet domain names to Internet Protocol(IP) addresses and vice versa, evolved since to provide many additional types of information related to hosts, networks, and domains. Since the proper functioning of DNS is vital to many Internet application services such as WWW and email, the dependability of DNS implementations must be verified. This test application can be used to test DNS server implementations for security flaws and robustness problems.
Used specifications
Domain Names - Implementation and Specification
New DNS RR Definitions
DNS NSAP Resource Records
DNS NSAP Resource Records
DNS Encoding of Geographical Location
A means for expressing Location information in the Domain Name System
Incremental Zone Transfer in DNS
A Mechanism for Prompt Notification of Zone Changes (DNS NOTIFY)
Dynamic Updates in the domain name system (DNS UPDATE)
Using the Internet DNS to Distribute MIXER Conformant Global Address Mapping (MCGAM)
Key Exchange delegation record for the DNS
Domain Name System Security Extensions
Extension Mechanisms for DNS (EDNS0)
Non-Terminal DNS Name Redirection
Binary Labels in the Domain Name System
A DNS RR for specifying the location of services (DNS SRV)
Secret Key Transaction Authentication for DNS (TSIG)
DNS Extensios to support IPv6 Address Aggregation and renumbering
Secret Key Establishment for DNS (TKEY RR)
A DNSS RR Type for Lists of Address Prefixes (APL RR)
DNSSEC and IPv6 A6 aware server/resolver message size requirements
DDDS Part Three DNS Database
Internationalizing Domain Names in Applications (IDNA)
Punycode: A Bootstring encoding of Unicode for Internationalized Domain Names in Applications (IDNA)
DNS extensions to support IPv6
The E.164 to Uniform Resource Identifiers DDDS
A Method for Storing IPsec Keying Material in DNS
Resource Records for the DNS Security Extensions
SSHFP RR types for fingerprint types
Storing Certificates in the Domain Name System (DNS)
SSHFP RR types for fingerprint types
Storing Certificates in the Domain Name System (DNS)
Sender Policy Framework (SPF) for Authorizing Use of Domains in E-Mail, Version 1
HMAC SHA TSIG Algorithm Identifiers
DHCID RR type codes
DNS Name Server Identifier (NSID) Option
DNS Security (DNSSEC) Hashed Authenticated Denial of Existence
Host Identity Protocol (HIP) Domain Name System (DNS) Extension
Nameservers for IPv4 and IPv6 Reverse Zones
DNS SRV Resource Records for AFS
DNS Zone Transfer Protocol (AXFR)
The E.164 to Uniform Resource Identifiers (URI) Dynamic Delegation Discovery System (DDDS) Application (ENUM)
DNS Long-Lived Queries
Dynamic DNS Update Leases
EDNS0 OWNER Option
Tool-specific information
Amplification
Unexpected Data
Compressed Signer's name in RRSIG record
Test tool general features
- Fully automated black-box negative testing
- Ready-made test cases
- Written in Java(tm)
- GUI command line remote interface modes
- Instrumentation (health-check) capability
- Support and maintenance
- Comprehensive user documentation
- Results reporting and analysis