Sandia Labs Offers Online DNSSEC ToolSandia Labs Offers Online DNSSEC Tool
Free visualization tool helps government agencies, businesses in their DNSSEC implementations
January 13, 2012
A Sandia National Laboratories computer scientist has developed a free visualization tool to help the federal government and other organizations with their Domain Name System Security (DNSSEC) implementations.
Casey Deccio built the Web-based tool, DNSViz, as a way for network administrators implementing DNSSEC to be sure they are deploying it correctly. The tool serves up a visual analysis for the user of the DNSSEC authentication chain for a domain and its path to the DNS.
Deccio came up with the idea for the tool after noticing that federal agencies were struggling to properly deploy DNSSEC. “DNSSEC is hard to configure correctly and has to undergo regular maintenance,” he said. “It adds a great deal of complexity to IT systems, and if configured improperly or deployed onto servers that aren’t fully compatible, it keeps users from accessing .gov sites. They just get error responses.”
DNSSEC has been gradually rolling out across the Internet during the past year or so. Several major top-level domains, in addition to .gov -- including .com, .org, and .net -- are now DNSSEC-enabled. Now it’s up to the individual organizations under those top-level domains to move to the protocol. DNSSEC basically prevents attackers from redirecting users to malicious websites by redirecting them; it ensures DNS entries remain unchanged in transit and are digitally signed to ensure their authenticity.
The online tool analyzes the DNS zone's status, and finds any DNSSEC configuration errors.
Deccio plans to add alerts and APIs to the tool so that network administrators can integrate it with other tools besides via the Web. He plans to keep it as an open-source project and evolve it into a scalable monitoring system.
Have a comment on this story? Please click "Discuss" below. If you'd like to contact Dark Reading's editors directly, send us a message.
About the Author(s)
Hacking Your Digital Identity: How Cybercriminals Can and Will Get Around Your Authentication MethodsOct 26, 2023
Modern Supply Chain Security: Integrated, Interconnected, and Context-DrivenNov 06, 2023
How to Combat the Latest Cloud Security ThreatsNov 06, 2023
Reducing Cyber Risk in Enterprise Email Systems: It's Not Just Spam and PhishingNov 01, 2023
SecOps & DevSecOps in the CloudNov 06, 2023
Passwords Are Passe: Next Gen Authentication Addresses Today's Threats
How to Deploy Zero Trust for Remote Workforce Security
How to Use Threat Intelligence to Mitigate Third-Party Risk
Everything You Need to Know About DNS Attacks
How Enterprises Are Managing Application Security Risks in a Heightened Threat Environment
9 Traits You Need to Succeed as a Cybersecurity Leader
The Ultimate Guide to the CISSP
Get the Gartner Report: SOC Model Guide
The Evolving Ransomware Threat: What Business Leaders Should Know About Data Leakage
Building Immunity: The 2021 Healthcare and Pharmaceutical Industry Cyber Threat Landscape Report