Skip to content

Dinusha599/DNSSEC-Configuration-and-Validation-Tool

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

38 Commits
assets
assets
 
 
config
config
 
 
logs
logs
 
 
src
src
 
 
tests
tests
 
 
.gitignore
.gitignore
 
 
COMPLIANCE.md
COMPLIANCE.md
 
 
LICENSE.md
LICENSE.md
 
 
README.md
README.md
 
 
dnssec-runner.sh
dnssec-runner.sh
 
 
main.py
main.py
 
 
requirements.txt
requirements.txt
 
 

Repository files navigation

DNSSEC Configuration and Validation Tool

Overview

A Python-based GUI tool that helps users configure and validate DNSSEC on DNS zones.
It automates DNSSEC key generation (KSK/ZSK), zone signing, and validation through a simple interface.

Features

  • GUI for DNSSEC operations
  • Create and edit BIND zone files with SOA, NS, and A records
  • Generate DNSSEC keys (KSK & ZSK) with RSA-SHA256 as the report-aligned default
  • Add DNSKEY $INCLUDE lines before signing
  • Sign DNS zones automatically
  • Generate DS records and build a simulated local. parent zone for lab trust-chain testing
  • Validate DNSSEC responses
  • Detect common validation issues such as missing DS / broken trust chain and expired signatures
  • Real-time logging

Requirements

  • Ubuntu Linux recommended
  • Python 3.8+
  • Tkinter
  • BIND9
  • bind9-dnsutils (dig, delv)
  • bind9utils (dnssec-keygen, dnssec-signzone, dnssec-dsfromkey, named-checkconf, named-checkzone, rndc)

Testing

Run the lightweight compliance tests:

PYTHONPYCACHEPREFIX=/tmp/dnssec_pycache python3 -m unittest discover -s tests

Author

Dinusha Amarasinghe
University of Plymouth
Email: dinushaamarasinghe599@gmail.com

About

A GUI Tool for Configure and Validate DNSSEC

Resources

Readme

License

View license
Activity

Stars

0 stars

Watchers

0 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

 
 
 

Contributors

Languages