< overview
DNS Server Suite Data Sheet
Test Suite:
DNS Server SuiteDirection:
ServerDomain Name Service (DNS) is a protocol originally intended to translate Internet domain names to Internet Protocol(IP) addresses and vice versa, evolved since to provide many additional types of information related to hosts, networks, and domains. Since the proper functioning of DNS is vital to many Internet application services such as WWW and email, the dependability of DNS implementations must be verified. This test application can be used to test DNS server implementations for security flaws and robustness problems.
Used specifications
Specification
Title
RFC1035
Domain Names - Implementation and Specification
RFC1183
New DNS RR Definitions
RFC1348
DNS NSAP Resource Records
RFC1706
DNS NSAP Resource Records
RFC1712
DNS Encoding of Geographical Location
RFC1876
A means for expressing Location information in the Domain Name System
RFC1995
Incremental Zone Transfer in DNS
RFC1996
A Mechanism for Prompt Notification of Zone Changes (DNS NOTIFY)
RFC2136
Dynamic Updates in the domain name system (DNS UPDATE)
RFC2163
Using the Internet DNS to Distribute MIXER Conformant Global Address Mapping (MCGAM)
RFC2230
Key Exchange delegation record for the DNS
RFC2535
Domain Name System Security Extensions
RFC2671
Extension Mechanisms for DNS (EDNS0)
RFC2672
Non-Terminal DNS Name Redirection
RFC2673
Binary Labels in the Domain Name System
RFC2782
A DNS RR for specifying the location of services (DNS SRV)
RFC2845
Secret Key Transaction Authentication for DNS (TSIG)
RFC2874
DNS Extensios to support IPv6 Address Aggregation and renumbering
RFC2930
Secret Key Establishment for DNS (TKEY RR)
RFC3123
A DNSS RR Type for Lists of Address Prefixes (APL RR)
RFC3226
DNSSEC and IPv6 A6 aware server/resolver message size requirements
RFC3403
DDDS Part Three DNS Database
RFC3490
Internationalizing Domain Names in Applications (IDNA)
RFC3492
Punycode: A Bootstring encoding of Unicode for Internationalized Domain Names in Applications (IDNA)
RFC3596
DNS extensions to support IPv6
RFC3761
The E.164 to Uniform Resource Identifiers DDDS
RFC4025
A Method for Storing IPsec Keying Material in DNS
RFC4034
Resource Records for the DNS Security Extensions
RFC4255
SSHFP RR types for fingerprint types
RFC4398
Storing Certificates in the Domain Name System (DNS)
RFC4255
SSHFP RR types for fingerprint types
RFC4398
Storing Certificates in the Domain Name System (DNS)
RFC4408
Sender Policy Framework (SPF) for Authorizing Use of Domains in E-Mail, Version 1
RFC4635
HMAC SHA TSIG Algorithm Identifiers
RFC4701
DHCID RR type codes
RFC5001
DNS Name Server Identifier (NSID) Option
RFC5155
DNS Security (DNSSEC) Hashed Authenticated Denial of Existence
RFC5205
Host Identity Protocol (HIP) Domain Name System (DNS) Extension
RFC5855
Nameservers for IPv4 and IPv6 Reverse Zones
RFC5864
DNS SRV Resource Records for AFS
RFC5936
DNS Zone Transfer Protocol (AXFR)
RFC6116
The E.164 to Uniform Resource Identifiers (URI) Dynamic Delegation Discovery System (DDDS) Application (ENUM)
draft-sekar-dns-llq-01.txt
DNS Long-Lived Queries
draft-sekar-dns-ul-01.txt
Dynamic DNS Update Leases
draft-cheshire-edns0-owner-option-00
EDNS0 OWNER Option
Tool-specific information
Tested messages
Notes
Specifications
DNS Query
RFC1035
DNS IQuery
Obsolete
RFC1035
DNS Notify
RFC1996
DNS Update
RFC2136
Supported SafeGuard Checks
Amplification
Unexpected Data
Compressed Signer's name in RRSIG record
Test tool general features
- Fully automated black-box negative testing
- Ready-made test cases
- Written in Java(tm)
- GUI command line remote interface modes
- Instrumentation (health-check) capability
- Support and maintenance
- Comprehensive user documentation
- Results reporting and analysis