I have finally taken some time to polish off my DNS zone checker and upload to Nagios Exchange.

check_zone.pl will query each published nameserver for a domain, reporting any problem it finds. It checks for serial # mismatches, non-authoritative answers, unreachable or other lameness.

Please try it out and rate or review!

Here is my DNS on Linux presentation I gave just over a year ago at LinuxFest Northwest.
How nice that I can embed it in my blog, thanks to Slideshare.

Hearing some noise today about Microsoft's faulty implementation of WPAD DNS record search. Seems they forgot to consider vast portions of the namespace including ccTLDs (like .cc) and the 3LD space (like amazon.co.uk).

I write about my personal experiences with WPAD here.

Looks like ISC is finally retiring bind 8. I remember when bind 4 was retired, and it still took a couple of years for vendors to move to bind 8 at the time. Then of course are all the legacy systems that could not upgrade by nature.

In other words, retired or not bind 8 is going to be around for a while yet.

Proof positive that M$ thinks they (can) own the Net.

There's been alot of buzz on the NANOG list as of late, regarding the "new" DNS resolution service from a company/site called OpenDNS.

There are many comparisons being made to Sitefinder, and optimistic distinctions such as "this is better because it's voluntary". Well as Steve Bellovin pointed out, it is not voluntary because the choice to use it will be made, in most cases, by enterprise & ISP adminstrators and not the end-users.

I can only ask what the "open" in opendns is, and how is this venture not ripe for corruption.

Corruptable because they will in essence be circumventing openness by hijacking portions of the namespace for what boils down to greed - this is for-profit entity after all! Follow the $$$!

The irony is, OpenDNS states "We're going to put more control in your hands" - yeah right!javascript:void(0)

Nice interview. Noteworthy is that ISC will begin shipping BIND with recursion off with the release of BIND 9.4.0. About time.

Not so much a vulnerability advisory than an announcement about their new test tool. Hmm, I'll to give it a try.

Nice write-up (with photos!) on the three-day conference about and involving the Domain Name industry. Organized by my good friend and colleague Jothan Frakes on behalf of Name Intelligence.

Way to go JF!

To paraphrase...
"This is yet another example of the sheer breathtaking arrogance of
Microsoft's belief that they have the right to control your computer and
misdirect the normal flow of operations if they believe doing so to be in
their own financial advantage."