Skip to content

Latest commit

 

History

History
94 lines (57 loc) · 4.23 KB

README.md

File metadata and controls

94 lines (57 loc) · 4.23 KB

Photo of Anne-Marie Eklund Löwinder, DNSSEC pioneer, when she's angry

Look at a domain and check for DNSSEC records. Naming and shaming included!

Initially developed during The Next Web's Kings of Code Hack Battle 2014 in Amsterdam, The Netherlands.

Notes

  • This implementation only checks a domain for signed A, AAAA, CNAME, MX and SOA records. You might want to try another tool for more extensive DNSSEC tests and analysis.
  • Lookups are cached in getdns' context for the duration of the server's uptime. DNS record TTL should also be in effect.
  • Source code, project page.

Requirements

Getting started

  • Make sure getdns is installed properly, including unbound's root anchor. If the root anchor isn't set up properly, all DNS lookups will be labeled insecure.
  • Make sure mongodb is running.
# Clone the repository
git clone --recursive https://github.com/joelpurra/node-dnssec-name-shame.git node-dnssec-name-shame
cd node-dnssec-name-shame

# Install dependencies
npm install
./node_modules/.bin/bower install

# Start the server. Note that logging is in bunyan's json format.
npm start

Browse to your local test site, https://localhost:5000/.

Development

# Start the server in debugging mode
npm run debug

# Test the code
npm test --silent

Optionally debug the server, possibly using Chrome DevTools for Node.js.

Todo

☐ Fetch Alexa's top 25 (or more) sites dynamically. ☐ Create pretty-pretty slide show style animations for the listed example domains? ☑ Modify links to the external sites to open in new window, and add link to /domain/example.com so content can be discovered. ☑ Tweet the results. ☑ Add sounds for pass and fail. ☑ Create a small API. ☑ Download Google Fonts and serve locally: google-font-download "Quando" "Pacifico" "'Open Sans'".

Thanks

License

Copyright © 2014, 2015, 2016, 2017, 2018, 2019, 2020, 2021 Joel Purra and Tom Cuddy. All rights reserved.

When using node-dnssec-name-shame, comply to the GNU Affero General Public License 3.0 (AGPL-3.0). Please see the LICENSE file for details.