[128745] in cryptography@c2.net mail archive
Re: how to check if your ISP's DNS servers are safe
daemon@ATHENA.MIT.EDU (John Denker)
Wed Jul 23 14:09:16 2008
Date: Wed, 23 Jul 2008 08:04:32 -0700
From: John Denker <jsd@av8n.com>
To: "Steven M. Bellovin" <smb@cs.columbia.edu>,
cryptography@metzdowd.com
In-Reply-To: <20080723034436.5ac0953b@cs.columbia.edu>
On 07/23/2008 12:44 AM, Steven M. Bellovin wrote:
>> Niels Provos has a web page up with some javascript that automatically
>> checks if your DNS caching server has been properly patched or not.
>>
>> http://www.provos.org/index.php?/pages/dnstest.html
>>
>> It is worth telling people to try.
>>
> Those who prefer command lines can try
>
> dig +short porttest.dns-oarc.net TXT
Thanks, that's helpful.
Note that the command-line version accepts the "@server" option,
which is useful if you have to deal with a mess of primaries,
secondaries, forwarders, et cetera:
dig @NS1 +short porttest.dns-oarc.net TXT
dig @NS2 +short porttest.dns-oarc.net TXT
dig @NS3 +short porttest.dns-oarc.net TXT
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo@metzdowd.com
