[HN Gopher] IBDNS: Intentionally Broken DNS server
___________________________________________________________________
IBDNS: Intentionally Broken DNS server
Author : patadune
Score : 164 points
Date : 2024-05-29 16:28 UTC (6 hours ago)
(HTM) web link (www.afnic.fr)
(TXT) w3m dump (www.afnic.fr)
| ResearchAtPlay wrote:
| The purpose of this tool is testing if a domain name system
| follows (or does not follow) the correct specifications:
|
| _IBDNS fills a gap in the universe of DNS test tools by offering
| the possibility of deviating intentionally and on demand from the
| DNS specifications, and thus simulating incorrect behaviour of
| authoritative name servers._
| ivan888 wrote:
| To be pedantic, its purpose is for verification testing of
| systems that allow for testing of the type you describe
| lelandfe wrote:
| Slides from a talk in 2022: https://indico.dns-
| oarc.net/event/44/contributions/949/attac...
| kachapopopow wrote:
| I absolutely love this. This will be amazing to trigger
| unexpected behavior in CoreDNS when working with dnsmasq pods
| that are resolved via wireguard.
|
| I've had so many issues where I'd lose DNS inside pods and had to
| reschedule CoreDNS in order for it to start working again,
| hopefully I can finally trigger this on demand and find a
| solution for it.
| ixau wrote:
| Excellent!
|
| This is core infrastructure testing at its finest. I'm sure it
| will reveal bugs and behaviors noone expected.
| nmz wrote:
| At first glance I thought this was a randomizer, like writing
| facebook and landing on X.
| LeoPanthera wrote:
| Alas, https certificates prevent this idea from being possible.
| OfficialTurkey wrote:
| Which is a good thing! It's great that we've eliminated
| certain classes of bugs through protocol design.
| Severian wrote:
| Perfect addition for me. I use with badssl.com in my toolbox for
| training and coding tests. Need more "bad example" tools to cover
| corner cases and understand common failure modes.
| maicro wrote:
| In case anyone is looking for similar tools needs one for HTTP
| status codes:
|
| https://httpstat.us https://httpstat.us/404
| whalesalad wrote:
| Very happy to see another Elixir application doing work.
| SoftTalker wrote:
| Writing servers like this is a joy using Erlang and OTP. I
| assume the same holds for Elixir though I have not used it.
| whalesalad wrote:
| If I were to declare a religion on my Census or other data -
| it would be "OTP"
|
| Elixir to some extent is just syntactic sugar on top of
| Erlang.
|
| Elixir is to Erlang as Kotlin is to Java. At the end of the
| day, it's the same thing. There are some conveniences added,
| like less verbose ways to deal with GenServer or other
| abstractions on top of it - but all-in-all it is pretty
| similar aside from the syntax parts.
|
| You might consider taking it for a spin.
| tonetegeatinst wrote:
| Somewhat related....I think that while fiber needs to become
| faster and more affordable and accessable, the other big factor
| is speed is the latency in DNS. DNS is such a pain to
| troubleshoot personally,and factors like how fast DNS takes plays
| a big role in network speed.
|
| Also, for the love that all that is holy, some ISP DNS servers
| just break if you try using ipv6 only which is just saddening.
| sevenseventen wrote:
| As opposed to all of the other unintentionally broken DNS
| servers. SK
___________________________________________________________________
(page generated 2024-05-29 23:00 UTC)