Multicast DNS

Sorry, not available in this language yet

English
日本語
简体中文

AppSec SaaS Platform | Integrated, cloud-based AST solution optimized for development and DevSecOps teams.
AppSec IDE Plug-ins | Secure code as you write it in your IDE
Software Risk Management | Manage application security programs at enterprise scale
DevSecOps Integrations | Integrate AppSec tools into DevOps workflows

Static Analysis (SAST) | Address security and quality defects in code as it's being developed
Software Composition Analysis (SCA) | Secure and manage open source risks in applications and containers
Interactive Analysis (IAST) | Automate web security testing within your DevOps pipelines
Dynamic Analysis (DAST) | Continuous web application security testing in production.
Penetration Testing | Identify business-critical vulnerabilities with on-demand testing expertise.
Protocol Fuzzing | Identify defects and zero-day vulnerabilities in services and protocols

Program Strategy & Planning | Measure, scale, and optimize your AppSec program
Threat & Risk Assessments | Understand and address internal and external security risks
Security Training | Equip development teams with the skills they need to produce more secure software
Implementation & Deployment | Optimize utilization, management and deployment of AppSec tools
Security Testing Services | On-demand AppSec testing resources and expertise

Open Source & Security Audits | Comprehensive technical due diligence services for M&A

AI-generated code | Harness the power of AI coding assistants while managing the risks
API Security Testing | Manage software risks with a holistic API security testing program.
AppSec Consolidation | Simplify your application security program
Application Security Testing | Solutions to address security risks at all stages of the application life cycle.
DevSecOps | Solutions to help shift security left without slowing down your development teams.
Software Supply Chain Security | Solutions to identify and manage software supply chain risks end-to-end.
Manage AppSec Risk | Scale your application security program without increasing complexity or adding friction.
Cloud & Container Security | Optimize your applications for secure deployment and operation in the cloud
Open Source License Compliance | Effective solutions for ensuring open source license compliance
M&A Due Diligence | Identify software risks that could negatively impact the value of acquired IP.
Quality & Security Standards Compliance | Ensure your software complies with the standards critical to customers and regulators

Dev and DevOps Teams | Build secure software while maintaining developer productivity and pipeline velocity.
Security Teams | Align people, processes, and technology to minimize software risk and transform your business.
Legal Teams | Solutions to protect your IP and manage risk.

Financial Services | Protect sensitive customer and financial data from rapidly evolving security threats.
IoT & Embedded | Ensure your embedded and IoT devices are safe, secure, and reliable.
Automotive | Build software security & reliability into the modern connected car.
Telecommunications | Create seamless and safe mobile experiences, from silicon to software.
Aerospace & Defense | Solutions for automating mission-critical development.
Public Sector | Application security for government agencies and their suppliers.
Medical Device | Safeguard medical devices and applications.

Multicast DNS Test Suite Data Sheet

Test Suite:

Multicast DNS Test Suite

Direction:

Server

Multicast DNS (mDNS) and its companion technology DNS-Based Service Discovery (DNS-SD) were created to provide IP networking with ease-of-use and auto-configuration. Multicast DNS borrows heavily from the existing DNS protocol, using the existing DNS message structure, name syntax, and resource record types.

Used specifications

Specification

Title

Notes

rfc1035

Domain Names - Implementation and Specification

Anomaly only

rfc1183

New DNS RR Definitions

rfc1706

DNS NSAP Resource Records

rfc1712

DNS Encoding of Geographical Location

rfc1876

A Means for Expressing Location Information in the Domain Name System

rfc1995

Incremental Zone Transfer in DNS

Anomaly only

rfc1996

A Mechanism for Prompt Notification of Zone Changes (DNS NOTIFY)

Anomaly only

rfc2136

Dynamic Updates in the Domain Name System (DNS UPDATE)

Anomaly only

rfc2163

Using the Internet DNS to Distribute MIXER Conformant Global Address Mapping (MCGAM)

rfc2230

Key Exchange Delegation Record for the DNS

rfc2535

Domain Name System Security Extensions

Anomaly only

rfc2782

A DNS RR for specifying the location of services (DNS SRV)

rfc2874

DNS Extensions to Support IPv6 Address Aggregation and Renumbering

Obsolete

rfc2930

Secret Key Establishment for DNS (TKEY RR)

Anomaly only

rfc3123

A DNS RR Type for Lists of Address Prefixes (APL RR)

rfc3403

Dynamic Delegation Discovery System (DDDS) Part Three: The Domain Name System (DNS) Database

rfc3596

DNS Extensions to Support IP Version 6

rfc3629

UTF-8, a transformation format of ISO 10646

rfc3986

Uniform Resource Identifier (URI): Generic Syntax

rfc4025

A Method for Storing IPsec Keying Material in DNS

rfc4034

Resource Records for the DNS Security Extensions

rfc4255

Using DNS to Securely Publish Secure Shell (SSH) Key Fingerprints

Anomaly only

rfc4398

Storing Certificates in the Domain Name System (DNS)

Anomaly only

rfc4431

The DNSSEC Lookaside Validation (DLV) DNS Resource Record

Obsolete (Anomaly only)

rfc4701

A DNS Resource Record (RR) for Encoding Dynamic Host Configuration Protocol (DHCP) Information (DHCID RR)

Anomaly only

rfc5001

DNS Name Server Identifier (NSID) Option

rfc5155

DNS Security (DNSSEC) Hashed Authenticated Denial of Existence

rfc5936

DNS Zone Transfer Protocol (AXFR)

Anomaly only

rfc6376

DomainKeys Identified Mail (DKIM) Signatures

Anomaly only

rfc6672

DNAME Redirection in the DNS

rfc6698

The DNS-Based Authentication of Named Entities (DANE) Transport Layer Security (TLS) Protocol: TLSA

Anomaly only

rfc6742

DNS Resource Records for the Identifier-Locator Network Protocol (ILNP)

rfc6762

Multicast DNS

mDNS specification

rfc6891

Extension Mechanisms for DNS (EDNS(0))

rfc6975

Signaling Cryptographic Algorithm Understanding in DNS Security Extensions (DNSSEC)

rfc7043

Resource Records for EUI-48 and EUI-64 Addresses in the DNS

rfc7208

Sender Policy Framework (SPF) for Authorizing Use of Domains in Email, Version 1

rfc7314

Extension Mechanisms for DNS (EDNS) EXPIRE Option

rfc7344

Automating DNSSEC Delegation Trust Maintenance

Anomaly only

rfc7477

Child-to-Parent Synchronization in DNS

rfc7553

The Uniform Resource Identifier (URI) DNS Resource Record

rfc7828

The edns-tcp-keepalive EDNS0 Option

Anomaly only

rfc7830

The EDNS(0) Padding Option

rfc7871

Client Subnet in DNS Queries

rfc7873

Domain Name System (DNS) Cookies

rfc7901

CHAIN Query Requests in DNS

rfc8005

Host Identity Protocol (HIP) Domain Name System (DNS) Extension

Anomaly only

rfc8145

Signaling Trust Anchor Knowledge in DNS Security Extensions (DNSSEC)

rfc8162

Using Secure DNS to Associate Certificates with Domain Names for S/MIME

Anomaly only

rfc8490

DNS Stateful Operations

Anomaly only

rfc8659

DNS Certification Authority Authorization (CAA) Resource Record

rfc8764

Apple's DNS Long-Lived Queries Protocol

rfc8765

DNS Push Notifications

rfc8777

DNS Reverse IP Automatic Multicast Tunneling (AMT) Discovery

rfc8914

Extended DNS Errors

rfc8945

Secret Key Transaction Authentication for DNS (TSIG)

Anomaly only

rfc8976

Message Digest for DNS Zones

Anomaly only

draft-bellis-dnsop-edns-tags-01

DNS EDNS Tags

draft-cheshire-edns0-owner-option-01

EDNS0 OWNER Option

draft-durand-doa-over-dns-03

DOA over DNS

Anomaly only

draft-eastlake-kitchen-sink-02

The Kitchen Sink Resource Record

draft-ietf-dnsop-svcb-https-02

Service binding and parameter specification via the DNS (DNS SVCB and HTTPS RRs)

draft-ietf-nimrod-dns-01

DNS Resource Records for Nimrod Routing Architecture

draft-sekar-dns-ul-02

Dynamic DNS Update Leases

draft-wijngaards-dnsop-trust-history-02

DNSSEC Trust Anchor History Service

Anomaly only

af-dans-0152.000

ATM Name System V2.0

Anomaly only

identifying-dns-traffic2

Umbrella - Identifying DNS traffic

Anomaly only

ini1999-19

Deploying DNSSEC Without a Signed Root. Technical Report 1999-19, Information Networking Institute, Carnegie Mellon University, April 2004.

Anomaly only

Tool-specific information

Tested messages

Specifications

Notes

mDNS Query

rfc6762

A standard query request & response.

Supported features

Specification

Notes

UDP multicast messages over IPv4 network

rfc6762

Multicast DNS with UDP over IPv4 network.

UDP multicast messages over IPv6 network

rfc6762

Multicast DNS with UDP over IPv6 network.

Unsupported features

Specification

Notes

Unicast response messages

rfc6762

Suite doesn't support sending unicast response messages to mDNS requests.

RRSIG digest & validation

rfc4034

Suite doesn't support calculating or validation of DNSSEC Signatures.

TSIG digest & validation

rfc8945

Suite doesn't support calculating or validation of DNS Transaction Signatures.

SIG(0) digest & validation

rfc2931

Suite doesn't support calculating or validation of DNS Request and Transaction Signatures ( SIG(0)s ).

SSH key fingerprints

rfc4255

Suite doesn't support generating SSH key fingerprints.

DHCID digest & validation

rfc4701

Suite doesn't support calculating DHCID digest.

ZONEMD digest & validation

rfc8976

Suite doesn't support calculating message digest for DNS zones

DNS message specific timeout parameters

rfc7314, rfc7828, rfc8490

Defensics uses its own connection timeout mechanism and doesn't use timeout values from DNS message specific parameters.

Test tool general features

Fully automated black-box negative testing
Ready-made test cases
Written in Java(tm)
GUI command line remote interface modes
Instrumentation (health-check) capability
Support and maintenance
Comprehensive user documentation
Results reporting and analysis