[dns-operations] Any good name server fingerprinting software nowadays, and flag day prep
dougb at dougbarton.email
Thu Jan 31 07:16:42 UTC 2019
On 1/30/19 7:14 PM, Mark Andrews wrote:
>> On 31 Jan 2019, at 12:19 pm, Doug Barton <dougb at dougbarton.email> wrote:
>> I'm trying to lend a hand on flag day stuff for my peeps, and so I was looking to fingerprint a server we have questions about. It seems fpdns has not been updated in a wee bit, so I'm wondering if anyone has suggestions for a more up to date tool?
>> Also, I'm curious if anyone is expecting a DNS-pocalypse on 2/1? There has been surprisingly little chatter here on the runup to the big day, so I'm hoping that is a sign that it's going to be mostly a non-event? (Thanks in large part of course to the efforts of many here over the past year.)
> It was always going to be mainly a non event, in terms of sites failing. Really old windows servers that should have been upgraded a decade ago and firewalls that block EDNS(0) queries. They are the DNS flag day problems and there where very few of them before we even started. 20 years of EDNS and 4 years of sending out DNS COOKIE requests had cleared most of them out.
Thanks, Mark. That confirms my understanding, I just wanted to be doubly
sure that my assurances to folks have a solid foundation.
More information about the dns-operations