New Sandia DNSSEC Visualization Tool Simplifies DNS Security for IT Managers
NEWS ANALYSIS: Domain Name System Security Extensions (DNSSECs), which have been mandated for all .gov sites and are moving into the commercial Internet, protect DNS servers against hacking and other malicious acts. Unfortunately, it's very complex. The new Sandia tool will make it easier for IT staff to deal with it.The progress has been slow and painful, but network managers for government sites on the Internet are on their way to implementing Domain Name System Security Extensions, which is a system for providing authenticated Domain Name System information for IP address requests. The reason for DNSSEC is that hackers are able to insert bogus DNS information into the network and, as a result, direct users to fraudulent Websites. Unfortunately, DNSSEC is highly complex. Few IT managers understand its workings, and even fewer understand why DNSSEC might fail. This complexity was made worse by the lack of any means of seeing what was happening within the DNSSEC process to discover why things weren't working. Now, Sandia National Laboratories has developed a tool called DNSViz for visualizing and troubleshooting problems with DNSSEC.
Computer scientist Casey Deccio decided that understanding the ins and outs of DNSSEC was probably beyond the experience of most IT managers and he designed DNSViz to graphically display the DNS security status of any Website, including the full chain of trust down to and including the actual site itself. Anyone can use the tool to examine their own or any other site. If you use Opera or Firefox to run the tool, you can get detailed information from each step of the trust chain by simply mousing over it.