DNS resources A collection of DNS related resources
DNS Servers
| Name | Description |
|---|---|
| BIND | The most widely used DNS software on the Internet |
| Bundy | Integrated authoritative DNS and DHCP server (the continuation of BIND 10) |
| Dnsmasq | A lightweight, easy to configure DNS forwarder and DHCP server |
| Knot DNS | Knot DNS is a high-performance authoritative-only DNS server |
| Knot Resolver | Caching DNS resolver scalable from huge resolver farms down to home network routers |
| MaraDNS | A small open-source DNS server |
| NSD | NSD (Name Server Daemon): authoritative only, high performance name server |
| PowerDNS | A versatile nameserver which supports a large number of backends |
| Unbound | A validating, recursive, and caching DNS resolver |
| YADIFA | A name server implementation developed from scratch by .eu |
DNS Libraries
| Name | Description |
|---|---|
| c-ares | C library that performs DNS requests and name resolves asynchronously |
| dns.c | Asynchronous DNS and SPF Resolver |
| dnsjava | An implementation of DNS in Java |
| dnspython | A DNS toolkit for Python |
| getdns | A modern and asynchronous DNS API with DNSSEC support |
| GNU adns | Advanced, easy to use, asynchronous-capable DNS client library and utilities |
| Go DNS | DNS library in Go |
| JDNS | A simple DNS implementation written in C with no direct dependencies |
| ldns | C library to simplify DNS programming, supporting DNSSEC |
| Net::DNS | DNS resolver implemented in Perl |
| simdzone | Fast and standards compliant DNS zone parser |
DNS Tools
| Name | Description |
|---|---|
| Atomia DNS | An open source and free to use DNS management system |
| dines | The definitive DNS packet forger |
| dnscap | Network capture utility designed specifically for DNS traffic |
| dnscat2 | DNS tunnel, allowing two hosts over the Internet to talk to each other |
| dnstap | A flexible, structured binary log format (using Protocol Buffers) for DNS software |
| DNSChef | A highly configurable DNS proxy for Penetration Testers and Malware Analysts |
| DNSCurve | Usable security for DNS |
| DNSCrypt | A tool for securing communications between a client and a DNS resolver |
| dnsdist | Highly DNS-, DoS- and abuse-aware loadbalancer |
| dnslogger | A tool for doing Passive DNS Replication |
| dnsmap | Passive DNS network mapper a.k.a. subdomains bruteforcer |
| DNSmezzo | A framework for the capture and analysis of DNS packets |
| Dq | DNS and DNSCurve related software package |
| DNSPerf | A tool to gather accurate latency and throughput metrics for DNS |
| DNSQuerySniffer | DNSQuerySniffer is a network sniffer utility that shows the DNS queries sent on your Windows system |
| DNSSEC-Tools | A set of tools and plugins that will help ease the deployment of DNSSEC |
| dnsSnoopy | A tool made to snoop DNS cache and check if some domains have been resolved before |
| dnstop | A curses-based application that displays various tables of DNS statistics |
| DNSViz | A DNS visualization tool |
| DNSwitness | DNSwitness is a AFNIC scientific program to gather information from the DNS |
| Domain Name Relay Daemon | Domain Name Relay Daemon is a caching, forwarding DNS proxy server |
| DSC | A system for collecting and exploring statistics from busy DNS servers |
| dnsmeter | A tool for testing performance of a nameserver and the infrastructure around it |
| ext-Dns | A toolkit to build DNS servers |
| fpdns | A fpdns is a program that remotely determines DNS server versions |
| GitNamed | A project that manage name servers with Git |
| iodine | Tunnel IPv4 data through a DNS server (IP over DNS) |
| namebench | Open source DNS Benchmark Utility |
| NicTool | An open source DNS management solution |
| nsdiff | Create an "nsupdate" script from DNS zone file differences |
| nsnotifyd | Handle DNS NOTIFY messages by running a command |
| openresolv | DNS management framework |
| PassiveDNS | A network sniffer that logs all DNS server replies for use in a passive DNS setup |
| RRDA | REST API written in Go allowing to perform DNS queries over HTTP |
| Sentry | A DNS proxy that allows you to inspect, block, rewrite, redirect and resolve queries in-flight |
| sshfp | Generate DNS SSHFP records from SSH public keys |
| StatZone | DNS zone file analyzer targeted at TLD zones |
| validns | A high performance DNS/DNSSEC zone validator |
| Zonemaster | Major rewrite of DNSCheck from .SE and Zonecheck from AFNIC |
DNSSEC Resources
| Name | Description |
|---|---|
| DNSSEC Infrastructure Audit Framework | A framework under which to conduct a review or audit of the DNSSEC related aspects of a registry and authoritative DNS name server service operation |
| DNSSEC Reference Card | A DNSSEC reference card covering BIND, NSD, Unbound, and PowerDNS |
| DNSSEC Signer migration | Signer migration: a step-by-step guide |
| Deploying DNSSEC: what, how and where | An introduction guide about DNSSEC released by AFNIC |
| Costs of DNSSEC Deployment | A study on the costs of DNSSEC deployment |
| Good Practices on deploying DNSSEC | A good practices guide for deploying DNSSEC |
| Recommendations for DNSSEC deployment | Recommendations for DNSSEC deployment at municipal administrations and similar organisations |
| Secure DNS Deployment Guide | NIST Secure Domain Name System (DNS) Deployment Guide |
DNSSEC Tools
| Name | Description |
|---|---|
| OpenDNSSEC | Open Source software that manages the security of domain names on the Internet |
| ZKT (Zone Key Tool) | A tool to manage keys and signatures for DNSSEC-zones |
DANE Tools
| Name | Description |
|---|---|
| DANE Validator | A tool attempting to perform validation of a TLSA/PKI pair, according to the DANE internet standard |
| danish | A tool for generating TLSA records and checking certain properties of certificates |
IANA Resources
| Name | Description |
|---|---|
| DNS Parameters | Domain Name System (DNS) Parameters |
| DNSSEC Algorithm Numbers | Domain Name System Security (DNSSEC) Algorithm Numbers |
| IANA TLD list | List of all TLDs in the root zone, updated daily |
| Root Zone Database | The Root Zone Database represents the delegation details of top-level domains |
Other resources
| Name | Description | |
|---|---|---|
| AS112 Project | Providing a clean, well lit destination for DNS queries concerning RFC1918 and other Special Use networks | |
| DNSCurve Community | A community for DNSCurve users | |
| DNS Census 2013 | Public dataset of registered domains and DNS records | |
| DNS LOC | Geo-enabling the Domain Name System | |
| DNS LOC | Create DNS LOC records using Google Maps | |
| DNS RRs | Zone files offering all types of resource records | |
| DNS workbench | A set of different nameservers that run a known set of configurations and zones | |
| EE Zone Data | Latest .ee zone files | |
| FRED | A set of open source software for running distributed domain registry | |
| GOV Data | Official list of .gov domains | |
| Hello DNS | A warm welcome to DNS | |
| IIS Zone Data | Latest .se and .nu zone files | |
| Internet-Wide Scan Data Repository | Public archive of research datasets that describe the hosts and sites on the Internet | |
| Internic Zone Data | Latest .arpa and .root zone files | |
| OpenINTEL | Active DNS Measurement Project | |
| Public Suffix List | A cross-vendor initiative to provide an accurate list of domain name suffixes | |
| Root Servers | Root Server Technical Operations Association | |
| Russian Domains | Statistics in each and every segment of Russian domain industry | |
| SWITCH Open Data | Latest .ch zone files | |
| Yeti DNS Project | A Live Root DNS Server System Testbed |
Organizations
| Name | Description |
|---|---|
| APTLD | Asia Pacific Top Level Domain Association |
| ccNSO | Country Code Names Supporting Organisation |
| CENTR | Council of European National Top Level Domain Registries |
| DNS-OARC | The DNS Operations, Analysis, and Research Center |
| IANA | Internet Assigned Numbers Authority |
| ICANN | Internet Corporation for Assigned Names and Numbers |
| ICANN | ICANN DNS Operations |
| InterNIC | Public Information Regarding Internet Domain Name Registration Services |
Audio resources
| Name | Description |
|---|---|
| Ask Mr. DNS Podcast | Matt Larson and Cricket Liu expound on DNS and other topics |
| BSDtalk 206 | Interview with Peter Losher from the Internet Systems Consortium |
| HPR 1413 | Interview with Bert Hubert from PowerDNS |
Books
| Name | Description |
|---|---|
| Alternative DNS Servers | A very complete book covering open source DNS Servers and running DNS operations |
| DNS for Rocket Scientists | An Open Source book about DNS, offering a very good and detailed introduction on the topic |
Video resources
| Name | Description |
|---|---|
| DNS explained | A short movie explaining very simply how the DNS works |
| DNSSEC Introduction | A video introduction to the Domain Name System Security Extensions |
| The DANE Protocol | What is the DANE protocol and how does it help make the Internet more secure? |
| What is DNSSEC? | A short movie aimed at raising public awareness on DNSSEC |