The DNS Institute is an consulting, auditing, training, and documentation service covering the Domain Name System and its security. We are a privately-funded company headquartered in the United States. We built our exhaustive DNS auditing and DNSSEC diagnostics system from the ground up, starting in 2008, with over four years of continuous daily DNSSEC and DNS monitoring of various government domains.
Our principal expert has over 20 years of advanced related experience, starting professionally as an DNS administrator in 1999 for a recursive caching service for 500+ customer ISP and 400+ authoritative DNS domains for business customers. Taught over 20 in-person DNSSEC or BIND training courses (including Rackspace, Air Force, VA hospitals, and various ISPs). As a documenter: co-authored and edited DNS content for five published books and official documentation for a significant DNS implementation. Key collaborator in design and development of a modular, extensible DNS software system. Designer and implementor of a DNS server comparative performance (and resource usage) build and test farm targetting over 30 architecture/operating system/compiler combinations for five different DNS implementations. As a consulting level three backend support engineer, provided in-depth and advanced needs for several Fortune 500 companies and the largest ISPs in several countries. Expertise in historical and bulk live DNS analysis, passive DNS taps, and near-real-time DNS-based RPZ firewalls. Incident process management for at least 22 separate DNS-related security vulnerabilities. Hands-on DNS server and client development experience and introduced thorough and unique diagnostic server-side logging (especially for issues reported to clients) for a leading DNS implementation. As QA expert: implemented and extended hundreds of tests for DNS server behavior and configurations and for DNS data.
DNS Institute's offerings include: automated DNS monitoring, DNS server and client configuration reviews, custom DNS development, DNS server installations, DNS server conformance and regression testing, DNS zone data auditing, DNS vulnerability testing, server penetration testing, DNSSEC deployments, DNS performance evaluations, DNS installation and management instruction, DNS documentation, and more.
DNS Institute performs detailed audits of DNS domain names and nameservers owned by the US government, S&P Global Top 100 Banks, and Fortune 500 (US) companies. This analyzes for requirements for DNS registries, government mandates, and Internet specifications. The DNS Institute enables domain owners and DNS professionals to monitor and check conformance and vulnerabilities of their DNS infrastructure, through scheduled protocol tests, vulnerability tests, alerts, news, and statistics with complete reporting. Our DNS auditing solutions enable organizations to proactively identify and remediate DNS misconfigurations and vulnerabilities, measure and manage risk, and ensure accuracy and compliance with no to little additional software or infrastructure costs.