DNSSEC
What should you run, if you need to verify whether a DNS response is signed by DNSSEC?
July 13th, 2015 8:06am

Hi Mityie,

You can try: http://dnssec-debugger.verisignlabs.com/


Regards,

Matthijs

  • Proposed as answer by M. ter Horst 17 hours 44 minutes ago
Free Windows Admin Tool Kit Click here and download it now
July 13th, 2015 9:22am

Hi MITYIE,

Thanks for your post.

If you want to check the validation of dns response. You could refer to the article.

In the example, a DNS client computer queries a recursive (caching) DNS server, which in turn queries authoritative DNS servers before returning a response. This example assumes that DNS data is not yet cached on the client or server. If a zone is signed with DNSSEC, and if DNS servers and clients are DNSSEC-aware, then DNSSEC data can be used to validate that DNS responses are genuine.

https://technet.microsoft.com/en-us/library/jj200221.aspx?f=255&MSPPError=-2147217396

Best Regards,

Mary Dong

July 14th, 2015 2:05am

This topic is archived. No further replies will be accepted.

Other recent topics Other recent topics