DNS Spy enters public beta

Mattias Geniar, Wednesday, March 1, 2017 - last modified: Tuesday, February 28, 2017

Here's an exciting announcement I've been dying to make: DNS Spy, a new DNS monitoring and alerting tool I've been working on, has entered public beta!

After several months of development and a 3 month private, invite-only, alpha period, DNS Spy is now publicly available to anyone to try it out.

What is DNS Spy?

I'm glad you ask!

DNS Spy is a custom solution for monitoring, alerting and tracking your DNS changes. It was built primarily out of convenience for the following use cases;

  • Get notified when a project I'm working on changes its DNS (usually for the go-live of a new website or application)
  • Get notified when one of my domains has nameserver records that are out-of-sync because zone transfers failed or the SOA didn't get updated properly
  • Get a back-up of all my DNS records per domain in a convenient format, a necessity that became clear after the massive Dyn DNS DDoS attacks

DNS Spy will never be a tool for the masses. It's a tool for sysadmins, developers and managers that are paranoid about their DNS.

In fact, it's built upon a tool I created more than 6 years ago that did one, simple thing: send me an e-mail whenever a DNS record I cared about, changes value. This is the same tool, on steroids.

Free for Open Source projects

One thing I'm very paranoid about, is the current state of our Open Source projects. While a lot of them have big companies supporting them, the majority is run by volunteers doing everything they can to keep things running.

But due to the nature of Open Source, those projects might become hugely popular on purpose or by accident. Imagine operating a project that's used as a library in an OS, a popular tool or a framework. Suddenly your code gets used in thousands if not millions of applications or hardware.

What would happen if someone managed to hijack your DNS records and set up a phishing site, similar to yours? Would you know? Would your auto-updaters know? Or the package builders that download your .tar.gz files and include your code in their own projects?

I seriously worry about the current state of our DNS and domain names for open source projects. That's why I offer a lifetime premium account to DNS Spy for any open source project maintainer to help secure and monitor their projects.

If someone hijacks your DNS or you make modifications with unexpected results, I hope DNS Spy can offer a solution or guidance.

Feedback, please!

Since it's still in active development, I'm very much looking for feedback, bug reports and enhancements! If you spot anything, do let me know!

And if you'd like to do me a favor, spread word of DNS Spy to colleagues, open source maintainers and internet geeks -- I can use all the publicity in the world. ;-)

Hi! My name is Mattias Geniar. I'm a Support Manager at Nucleus Hosting in Belgium, a general web geek & public speaker. Currently working on DNS Spy & Oh Dear!. Follow me on Twitter as @mattiasgeniar.

Share this post

Did you like this post? Will you help me share it on social media? Thanks!


Trouble Wednesday, March 1, 2017 at 13:02 - Reply

Great news! I’m glad someone other than me cares about DNS. :-)

Obviously I do my own monitoring already, but I’ll be sure to give your DNS Spy a try so I can recommend it to the less obsessed.

T.Suzuki Friday, April 21, 2017 at 04:14 - Reply

You are stupid.
> “All your nameservers are being operated from a single domain. If that domain gets compromised or goes offline, your DNS will be unavailable”

    Mattias Geniar Friday, April 21, 2017 at 10:30 - Reply

    You are stupid.

    Aah, the internet. Gotta love it.

    Call me stupid again when you’ve experienced outages after your registrar messes up their own domain (*cough* DNSSEC) and then takes your nameservers down. It’s not a random check, it’s happened 3x to me in the last 10 years, across multiple registrars. It happens. That’s why even Amazon and others spread their nameserver domains across multiple domains & TLDs.

Leave a Reply

Your email address will not be published. Required fields are marked *