DNSSEC is the recent answer to DNS cache poisoning . So it definitely is something a web site’s admin would want to have monitored. And we are happy to tell you that AlertFox is able to do so.
While we don’t have an explicit DNSSEC sensor type, our HTTP sensor suffices, when used correctly on a publicly available DNSSEC test site hosted at VeriSign.
Here’s how to do it:
The sensor will report an error if any DNSSEC error is found for the given URL’s DNS data.
What does that sensor actually do? It starts a DNSSEC test on the VeriSign test page, then checks for the icon the page uses to display errors.
(Things are made slightly more complicated by the fact that the site always contains at least one of the error icons in an explanatory part of that page. That’s why the keyword looks so strange: we want the real errors to match, but not the explanatory one.)
- For some time now, our https sensors have had t...
- An AlertFox iDrone3 beta version installer is a...
- On Friday the 22nd, between 15:38 and 16:43 UTC...