Sorry, you need to enable JavaScript to visit this website.
Skip to main content

DNSwitness

Last Updated:

DNSwitness platform is a collection of software pieces used for DNS-based multi-purpose measurements. The platform is broken down into two modular components: an active measurements component (DNSdelve) and a passive measurements one (DNSmezzo). Unlike many other measurements platforms where only short term views/reports are considered for a restricted set of aspects, DNSwitness platform aims at studying the evolution of an *open* set of aspects over time thanks to a history of data stored for much longer periods of time. Consequently, DNSwitness platform can be viewed as versatile toolset for studying the evolution of trends and penetration rates for a wide range of technologies based on DNS collected data.

For example, by exploring a (typically large) zone file, DNSdelve allows answering questions such as "How many domains have at least an IPv6 Web server?" or "How many domains have enabled SPF?". As for DNSmezzo, by sniffing the DNS queries and responses exchanged with name servers, it allows answering questions like "What are the top N domains requested which yield a NXDOMAIN answer?" or "How many queries use EDNS0 and for which sizes?" or "How many queries are received over IPv6 transport?".

DNSwitness's components are optimized for periodic, unattended runs, for instance from a cron job. Results are typicallly stored in a database, most of the time a rDBMS, to allow long-term surveys.

For further information and software/presentations download: http://www.dnswitness.net/