[dns-operations] debug tool to generate DNS response?

Warren Kumari warren at kumari.net
Sat Jan 27 20:06:56 UTC 2018

On Sat, Jan 27, 2018 at 2:45 PM, Paul Hoffman <phoffman at proper.com> wrote:
> On 27 Jan 2018, at 10:31, Yang Yu wrote:
>> I am looking for a DNS server/debug tool that can respond to selected
>> queries with a crafted (potentially broken) response, like BadSSL for
>> DNS. Ideally all flags/codes should be customizable. This is quite
>> helpful for testing DNS clients.
>> For example, aaaa-servfail.example.org returns NoError for A but
>> ServFail for AAAA.
> There are a bunch of such tools. CoreDNS (https://coredns.io/) seems pretty
> flexible and easy to use.

I've never used that one, but I've always been partial to Ray Bellis'
evldns - https://github.com/raybellis/evldns It's very flexible,
fairly easy to use, and nice and fast.

Another nice option is the Python scapy tool -
https://github.com/secdev/scapy . Scapy allows you to do all sorts of
dangerous things really easily.


> --Paul Hoffman
> _______________________________________________
> dns-operations mailing list
> dns-operations at lists.dns-oarc.net
> https://lists.dns-oarc.net/mailman/listinfo/dns-operations
> dns-operations mailing list
> https://lists.dns-oarc.net/mailman/listinfo/dns-operations

I don't think the execution is relevant when it was obviously a bad
idea in the first place.
This is like putting rabid weasels in your pants, and later expressing
regret at having chosen those particular rabid weasels and that pair
of pants.

More information about the dns-operations mailing list