gfwleak/zengmeng-240825dnssecpool
Archived
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
No description
This repository has been archived on 2026-06-16. You can view files and clone it, but you cannot make any changes to its state, such as pushing and creating new issues, pull requests or comments.
3 commits 1 branch 0 tags 36 KiB
  • Go 100%
Find a file
Exact
galaxyzm eed71ef5e1 240825
2024-08-25 22:20:45 +08:00
cmd Initial commit 2024-08-25 22:18:55 +08:00
internal Initial commit 2024-08-25 22:18:55 +08:00
.DS_Store Initial commit 2024-08-25 22:18:55 +08:00
.gitignore Initial commit 2024-08-25 22:18:55 +08:00
go.mod Initial commit 2024-08-25 22:18:55 +08:00
go.sum Initial commit 2024-08-25 22:18:55 +08:00
main.go Initial commit 2024-08-25 22:18:55 +08:00
readme.md 240825 2024-08-25 22:20:45 +08:00

readme.md

本代码对现有进行DNSSEC验证的解析器池进行探测

输入

所有活跃的Do53入口四十多万个

输出

支持DNSSEC验证的部分

步骤:

1.首先在自己权威服务器配置资源记录 dnssec-true.ncache.site A 1.2.3.4 dnssec-false.ncache.site A 1.2.3.4 2.对区文件签名生成db.ncache.site.signed 3.修改后者的RRSIG记录随便改一个字母 4.restart服务在服务器上跑着 5.在客户端(即该服务器)发送对两个域名的查询 先对所有服务器发送一遍true的查询看看有没有ad?必要吗 筛掉所有没有ad的输出列表 再对所有剩下的服务器发送一遍false的查询看看是否返回fail响应

涉及的技术: 多线程发起DNS查询