Package: wnpp Severity: wishlist * Package name : dnsdiag Version : 1.3.4 Upstream Author : Babak Farrokhi <ba...@farrokhi.net> * URL : https://dnsdiag.org/ * License : 2-clause BSD Programming Lang: Python Description : DNS Diagnostics and Performance Measurement Tools
Ever been wondering if your ISP is hijacking your DNS traffic? Ever observed any misbehavior with your DNS responses? Ever been redirected to wrong address and suspected something is wrong with your DNS? Here we have a set of tools to perform basic audits on your DNS requests and responses to make sure your DNS is working as you expect. You can measure the response time of any given DNS server for arbitrary requests using dnsping. Just like traditional ping utility, it gives you similar functionality for DNS requests. You can also trace the path your DNS request takes to destination to make sure it is not being redirected or hijacked. This can be done by comparing different DNS queries being sent to the same DNS server using dnstraceroute and observe if there is any difference between the path. dnseval evaluates multiple DNS resolvers and helps you choose the best DNS server for your network. While it is highly recommended to use your own DNS resolver and never trust any third-party DNS server, but in case you need to choose the best DNS forwarder for your network, dnseval lets you compare different DNS servers from performance (latency) and reliability (loss) point of view. ---- Similar to SMTP ping, this tool can also be used to run network diagnostics in restricted environment. It can also be used to detect DNS hijacking and tampering. I also hope it can eventually replace commercial tools like DNSstuff or intodns.com: https://github.com/farrokhi/dnsdiag/issues/16 It has all the components to build such a tool already factored in. Speaking of which, dnsdiag has two dependencies that could be an issue in Debian. It depends on python-dnspython which is packaged already, but dnstraceroute requires a modification to the code. It is unclear for now which exactly are the modifications required, so I asked upstream for clarification in that regard: https://github.com/farrokhi/dnsdiag/issues/17 The other bit of the puzzle is the "cymruwhois" package. It seems it is only used to do IP to ASN lookups: https://github.com/farrokhi/dnsdiag/blob/b2dab7affcb9a535bbf0e9f7bb4cac5d330a6368/dnstraceroute.py#L86 Yet the current python-whois package in Debian doesn't support that: >>> import whois >>> domain = whois.query('199.58.80.1') Traceback (most recent call last): File "<stdin>", line 1, in <module> File "/usr/lib/python3/dist-packages/whois/__init__.py", line 47, in query if tld not in TLD_RE.keys(): raise Exception('Unknown TLD: %s\n(all known TLD: %s)' % (tld, list(TLD_RE.keys()))) Exception: Unknown TLD: 1 (all known TLD: ['biz', 'org', 'name', 'me', 'at', 'us', 'de', 'co', 'jp', 'lv', 'ru', 'be', 'net', 'co_jp', 'uk', 'eu', 'nz', 'com', 'fr', 'it', 'info', 'pl', 'cz']) ... so it would seem that library would need to be packaged separately. The thing is on pipy so it should be fairly simple to ship: https://pypi.python.org/pypi/cymruwhois however, the releases on pypi are out of date because the author can't seem to ship new packages there: https://github.com/JustinAzoff/python-cymruwhois/issues/4 so care should be taken in using the github packages (1.5+), and not the pypi ones: https://github.com/JustinAzoff/python-cymruwhois/releases
