Do the big companies use DNSSEC yet? Are you really safe online? We know who's been naughty and who's been nice -- and now it's time to name and shame them!
JavaScript HTML CSS
Switch branches/tags
Nothing to show
Clone or download
Fetching latest commit…
Cannot retrieve the latest commit at this time.
Permalink
Failed to load latest commit information.
app
lib
public
.bowerrc
.eslintrc.json
.gitignore
.node-inspectorrc
LICENSE
Procfile
README.md
bower.json
package-lock.json
package.json

README.md

Photo of Anne-Marie Eklund Löwinder, DNSSEC pioneer, when she's angry

dnssec-name-and-shame.com

Look at a domain and check for DNSSEC records. Naming and shaming included!

Initially developed during The Next Web's Kings of Code Hack Battle 2014 in Amsterdam, The Netherlands.

Notes

  • This implementation only checks a domain for signed A, AAAA, CNAME, MX and SOA records. You might want to try another tool for more extensive DNSSEC tests and analysis.
  • Lookups are cached in getdns' context for the duration of the server's uptime. DNS record TTL should also be in effect.
  • Source code, project page.

Requirements

Getting started

  • Make sure getdns is installed properly, including unbound's root anchor. If the root anchor isn't set up properly, all DNS lookups will be labeled insecure.
  • Make sure mongodb is running.
# Clone the repository
git clone --recursive https://github.com/joelpurra/node-dnssec-name-shame.git node-dnssec-name-shame
cd node-dnssec-name-shame

# Switch to node.js v0.12, if necessary
nvm use 0.12

# Install dependencies
npm install
./node_modules/.bin/bower install

# Start the server. Note that logging is in bunyan's json format.
npm start

Browse to your local test site, https://localhost:5000/.

Development

# Start the server in debugging mode
npm run debug

# Test the code
npm test --silent

Optionally debug the server, possibly using Chrome DevTools for Node.js.

Todo

☐ Fetch Alexa's top 25 (or more) sites dynamically. ☐ Create pretty-pretty slide show style animations for the listed example domains? ☑ Modify links to the external sites to open in new window, and add link to /domain/example.com so content can be discovered. ☑ Tweet the results. ☑ Add sounds for pass and fail. ☑ Create a small API. ☑ Download Google Fonts and serve locally: google-font-download "Quando" "Pacifico" "'Open Sans'".

Thanks

License

Copyright © 2014, 2015, 2016, 2017, 2018 Joel Purra and Tom Cuddy. All rights reserved.

When using node-dnssec-name-shame, comply to the GNU Affero General Public License 3.0 (AGPL-3.0). Please see the LICENSE file for details.