[124295] in North American Network Operators' Group
DNSSEC deployment testing and awareness (Was: Re: IPv4 ANYCAST setup)
daemon@ATHENA.MIT.EDU (Phil Regnauld)
Tue Mar 30 05:29:37 2010
Date: Tue, 30 Mar 2010 11:29:04 +0200
From: Phil Regnauld <regnauld@nsrc.org>
To: Randy Bush <randy@psg.com>
In-Reply-To: <m2fx3i8aj6.wl%randy@psg.com>
Cc: "nanog@nanog.org" <nanog@nanog.org>
Errors-To: nanog-bounces+nanog.discuss=bloom-picayune.mit.edu@nanog.org
Randy Bush (randy) writes:
>
> i.e. what can we do to maximize the odds that the victim will quickly
> find the perp, as opposed to calling our our tech support lines?
Ah yes, there was the second good reason for actually helping netops
and security officers :)
Tools:
https://www.dns-oarc.net/oarc/services/replysizetest
https://www.dnssec-deployment.org/wiki/index.php/Tools_and_Resources,
under troubleshooting:
http://labs.ripe.net/content/testing-your-resolver-dns-reply-size-issues
http://secspider.cs.ucla.edu/
Info sheets:
http://www.afnic.fr/actu/nouvelles/240/l-afnic-invite-les-responsables-techniques-reseaux-a-se-preparer-a-la-signature-de-la-racine-dns-en-mai-2010
(click English, top right)
... plenty of links there too.
Cheers,
Phil
