Fetching latest commit…
Cannot retrieve the latest commit at this time
|Failed to load latest commit information.|
dnswalk 2.0 - August 4, 1997 Author: David Barr <email@example.com> $Id: README,v 1.6 1997/08/04 19:09:34 barr Exp barr $ INTRO dnswalk is a DNS debugger. It performs zone transfers of specified domains, and checks the database in numerous ways for internal consistency, as well as accuracy. dnswalk requires perl and the Net::DNS Perl package. If you do not have these, get them. (perl is assumed to be in /usr/local/bin, edit the first line of dnswalk if it is not) They can be found by at: http://www.perl.com/perl/ dnswalk used to require 'dig' (part of the BIND distribution). However, different versions of dig gave output which was ever so slightly different, causing dnswalk to break. (This is usually easy to fix, even in a backward-compatible fashion, but it was annoying nonetheless) Also, using an external program made error checking more difficult and not very reliable. Since error checking is the heart of what dnswalk is about, this wasn't good. I finally got off my duff and ported dnswalk to Michael Fuhr's Net::DNS package, something I've been wanting to do for a while. (actually another reason I waited so long was the Net::DNS package wasn't complete enough initially for for a complete port.) dnswalk is not for the faint of heart. It should NOT be used without a firm knowledge of the DNS RFC's. The warnings and errors must be interpreted within the context they are being used. Something may be flagged as a warning, but in reality it is a really bad error. Conversely dnswalk will flag things as warnings and possibly even errors, but they may actually be perfectly "legal" or normal in your specific situation. dnswalk is not an AI engine. It just provides useful information which you need to interpret. If you use this tool for cracking or otherwise evil purposes, the author hereby considers you a slime-ball. See the end of this README file for a list of good reading material. dnswalk is not a replacement for doc, although dnswalk is starting to incorporate some of the things doc checks for. dnswalk was written to check individual database entries, while 'doc' ensures that the overall database structure and authority records are consistent. dnswalk may not even function correctly (or find real problems) if authority records are missing or incorrect. This program may be freely distributed, as long as this notice and documentation are distributed with the program. This program is released as-is, with no warranty expressed or implied. Some assembly required, contents may settle during shipment. This program can be found at http://www.cis.ohio-state.edu/~barr/dnswalk/ dnswalk tends to produce lots of output, so I'd suggest redirecting this into a file of your choice. I debated using doc's strategy of automatically putting it in a logfile, but decided not to. (The author reserves the right to change his mind) For small, mostly-correct domains it is pretty manageable, however. For larger domains, use the included 'do-dnswalk' script as a guide. Please refer to the man page on what dnswalk checks for, and the format of the output. *** NOTICE *** I fully realize that while some of the rules are not in violation of an RFC, it might be wise to reconsider their usage anyway. dnswalk was written to be a tool to let the hostmaster decide what are troublesome areas, not as a program that has all the answers. *** NOTICE *** This program was originally tested with data from the psu.edu domain. If your site does things differently than the way we do things, then you may see it report things as errors, when in fact they are "okay". If you notice something not being reported, or something reported that is not an error, please send me output! I fully admit that I'm not an expert in DNS and the requirements. My rules tend to be skewed to my personal feelings about what "nice" DNS databases look like. Others are free to differ. (and tell me so) Author: David Barr <firstname.lastname@example.org> Lead System Administrator The Ohio State University, Department of Computer and Information Science Thanks: Bill Fenner - tips with perl Michael Fuhr - for writing Net::DNS! Dave Crocker - for providing the spark necessary for me to pick up developement of dnswalk-2.0 again.