Search Exchange
Search All Sites
Nagios Live Webinars
Let our experts show you how Nagios can help your organization.Login
Directory Tree
check_dnssecurity
Meet The New Nagios Core Services Platform
Built on over 25 years of monitoring experience, the Nagios Core Services Platform provides insightful monitoring dashboards, time-saving monitoring wizards, and unmatched ease of use. Use it for free indefinitely.
Monitoring Made Magically Better
- Nagios Core on Overdrive
- Powerful Monitoring Dashboards
- Time-Saving Configuration Wizards
- Open Source Powered Monitoring On Steroids
- And So Much More!
Monitoring of DNSSEC configurations.
Domain Name Server Security Extension (DNSSEC) adds security to DNS protocol by providing authentication to DNS traffic, using asymmetric encryption to ensure the authenticity and integrity of the exchanged information. DNSSEC improves system reliability, prevents man-in-the-middle attacks, fixes DNS protocol fragilities, and reduces the likelihood of manipulation of information.
However, when poorly configured or with DNSSEC expired signatures of a false protection, exposing the servers.
This Nagios plugin monitors the state of the DNSSEC configurations and points out with the critical state in case vulnerabilities (poor configuration, expired signatures, not using DNSSEC) be detected. The domain to be monitored is passed as an argument, and can also be defined the DNS to be used, and that by default is used the Google (8.8.8.8).
Mandatory arguments: The following argument must be specified when the module is executed:-H or – domain used to specify domain name to be monitored.
Optional arguments: The following arguments are invoked optionally, as required by the user:-D or – dnsserver used to specify the DNS server to use, by omission the query is made in Google DNS (8.8.8.8).
-V or – version used to query the module version.
-A or – author used to query the author's data.
Command-Line Execution Example:
./check_dnssec.py -H www.state.gov
Domain Name Server Security Extension (DNSSEC) adds security to DNS protocol by providing authentication to DNS traffic, using asymmetric encryption to ensure the authenticity and integrity of the exchanged information. DNSSEC improves system reliability, prevents man-in-the-middle attacks, fixes DNS protocol fragilities, and reduces the likelihood of manipulation of information.
However, when poorly configured or with DNSSEC expired signatures of a false protection, exposing the servers.
This Nagios plugin monitors the state of the DNSSEC configurations and points out with the critical state in case vulnerabilities (poor configuration, expired signatures, not using DNSSEC) be detected. The domain to be monitored is passed as an argument, and can also be defined the DNS to be used, and that by default is used the Google (8.8.8.8).
Mandatory arguments: The following argument must be specified when the module is executed:-H or – domain used to specify domain name to be monitored.
Optional arguments: The following arguments are invoked optionally, as required by the user:-D or – dnsserver used to specify the DNS server to use, by omission the query is made in Google DNS (8.8.8.8).
-V or – version used to query the module version.
-A or – author used to query the author's data.
Command-Line Execution Example:
./check_dnssec.py -H www.state.gov
Reviews (0)
Be the first to review this listing!