Info sheets and useful references


  • check_zone_auth is plugin that zone owners can use to make sure all authoritative nameservers for a zone remain in sync.
  • check_whois is plugin that notifies domain owners when a domain is about to expire.
  • check_zone_rrsig_expiration is plugin that notifies domain owners when DNSSEC signatures are about to expire.

Nagios Materials

  • Full Nagios presentation from Network Monitoring Workshop: PDF
  • Nagios exercise set TEXT

SmokePing Materials

  • Full SmokePing presentation from Network Monitoring Workshop: PDF
  • Types of Network Delay presentation: PDF
  • SmokePing presentation: TEXT
  • Sample SmokePing Master/Slave configuration: TEXT

DB-based DNS solutions

Cache Poisoning

This video may help explain cache poisoning


Dnssec-trigger reconfigures the local unbound DNS server. This unbound DNS server performs DNSSEC validation, but dnssec-trigger will signal it to to use the DHCP obtained forwarders if possible, and fallback to doing its own AUTH queries if that fails, and if that fails prompt the user via dnssec-trigger-applet the option to go with insecure DNS only.

Cryptography Review and HSM Summary

HSM (Hardware Security Module) review starts on slide 24.

  • Presentation PDF

DNS Policy

Documents describing the process for signing the .nz zone are here:

Last modified 7 years ago Last modified on Feb 25, 2012, 2:25:13 AM

Attachments (11)