11

Every now and again I like to run checks on my DNS servers to make sure they are running right and to RFC spec. I used to use the DNSTools website to do this as it gave me a pretty good picture of what was going on - are all my servers responding to the outside world, and the important (NS, MX especially ) records still up and replicated right. Also to see if my MX records have managed to make it onto any blacklists.

Blacklists have always been kind of a pain as I haven't been able to find a reliable "one stop shop" that lets you check against most of the major blacklists out there.

I haven't used DNS tools in a while and now they are requiring you to pay (which I have nothing against, just hard to justify to the superiors when you have invested in a large internal monitoring solution and I'm just doing a "feel good check")

What do my fellow sysadmins uses to check on their DNS records?

Paul
  • 2,755
  • 6
  • 24
  • 35
Zypher
  • 36,995
  • 5
  • 52
  • 95
  • http://serverfault.com/questions/7489/free-service-for-checking-for-dns-errors-on-your-domain – l0c0b0x Jul 13 '09 at 15:25
  • @l0c0b0x: My search foo must have been off i did search first. Although i'm still very interested in the Blacklist check part of my question. – Zypher Jul 13 '09 at 15:57

7 Answers7

4

It's not like the old DNSStuff but http://www.iptools.com/ and http://www.mxtoolbox.com are good replacements.

hdanniel
  • 4,253
  • 22
  • 25
2

I've found http://clez.net/net.dns to be good replacement has some other tools which are worth looking at too.

Frenchie
  • 1,272
  • 9
  • 14
2

I use zonecheck (http://www.zonecheck.fr/). It doesn't do everything that some paid DNS checking services do, but it does do many check, is both free and Free, and is available in many distros' standard repositories (see here and here for Debian/Lenny) so is relatively easy to install on your own internal services instead of relying on other sites.

David Spillett
  • 22,534
  • 42
  • 66
1

What about intodns.com ? It's a really good site an provides a really good analysis of your DNS.

alfredocambera
  • 446
  • 2
  • 12
0

There is a long list of current online DNS checking services (with explanations of why some are better than others) in my paper.

Executive summary: Zonecheck and DNScheck.

bortzmeyer
  • 3,903
  • 1
  • 20
  • 24
0

http://www.squish.net/dnscheck/ is what i used even before dnstools limited their services. it's really good, reports open recursive dns and possible misconfigurations straight from root dnses down to your server.

http://robtex.com/ has also some nice dns tool - mostly for checking blacklists, although this site is mainly useful for whois and bgp ASNs lookups.

pQd
  • 29,561
  • 5
  • 64
  • 106
0

I've used http://atrey.karlin.mff.cuni.cz/~mj/sleuth/ before. You can use the online form or download the program used to do the checks.

David Pashley
  • 23,151
  • 2
  • 41
  • 71
  • Does not work with IPv6 name servers (it spits a spurious error, saying they don't have A records). But its biggest problem is that it reports an error when the tested server is NOT recursive! A tool to avoid. – bortzmeyer Jul 16 '09 at 12:17