Deploy360 Domain Name System Security Extensions (DNSSEC)

Need A Weekend Project? Install The New DNSSEC-Trigger 0.10 Release

Dnssec TriggerLooking for a quick weekend project to learn more about DNSSEC? Want to set up your home network to correctly validate DNSSEC info?

If so, the NLnet Labs team just announced the 0.10 release of DNSSEC-Trigger, a local DNSSEC-validating resolver you can run on your Linux, Windows or Mac OS X system.

Per the change log on the project page, version 0.10 includes the following changes:

  • truncate pidfile (just like NSD fix, in case directory not owned).
  • If hotspot-signon, set override servers right away on a network change, so the user does not have to wait for 10 seconds after a change of the wifi.
  • Attempt to add DHCPv6 support for windows.
  • Use Processes.dll code (can be freely used, source provided) for kill process in windows NSIS installer. Compiled to 6kb (not 50kb). Processes.dll was made by Andrei Ciubotaru.
  • show version number in add-removeprograms configpanel (windows).
  • install script removes leftover trayicons using direct windows API.
  • dnssec-trigger-control uses registry config location (for windows).
  • fix dnssec-trigger-control error printout if SSL files fail.
  • show package version in probe results dialog.
  • updated acx.nlnetlabs.m4 for gcc 4.6 compat for portability tests.
  • Do not show the insecure and hotspot windows at the same time.
  • Fix for OSX to show the popups on top of the other windows.
  • alert icon easier to read.

I just updated my local MacBook Pro and the installation went perfectly fine. (To “update” on Mac OS X, you simply download the latest version and run through the installation process again.)

How will you know if DNSSEC-Trigger is working? Well, one simple test is to try to go to either of the “bad” websites we mention on the DNSSEC Tools page in your web browser: or If DNSSEC-Trigger is working correctly, your web browser will probably tell you that it can’t find either of those sites. DNSSEC-Trigger is determining that the sites do not correctly validate and is therefore not providing any DNS information for those domains.

Anyway, the new 0.10 release of DNSSEC-Trigger is available now for download for Windows, Mac OS X or Linux. Download it now and get started using DNSSEC validation!