The discovery of a highly-effective cache poisoning attack that can affect name servers providing recursive name service has made it important that such servers be patched to mitigate against the problem. Furthermore, the risk of cache poisoning for servers that share recursive and authoritative functions can cross-pollinate the authoritative function with incorrect data. This tool is designed to assess the authorities for a given domain and determine whether they provide vulnerable recursive service.
This tool has been implemented quickly to assist name server operators. It may have problems as it has not been thoroughly tested, so you should also perform your own tests and use this only as a guide. We appreciate any comments or bug reports on this tool — please drop a note to iana@iana.org. Port entropy results provided by DNS-OARC.
