Phreebird是一个DNSSE代理工具,它可以工作在现有DNS服务(例如BIND,Unbound,PowerDNS或QIP)的前端,补充了它 们的纪录与DNSSEC应答。Phreebird的特色包括:自动key生成、实时签名纪录、支持任意响应、零配置、 NSEC3 "White Lies"、缓存和速率限制以防止DOS攻击,并且同时支持通过DNS和HTTP虚拟通道的Coarse Time。套件还包括了大量的示例代码,包括支持基于OpenSSH的联合身份认证。最后,"Phreeload"增强了现有OpenSSL应用程序对 DNSSEC的支持。
注:域名系统安全扩展(DNSSEC)是Internet工程任务组 (IETF)的对确保由域名系统 (DNS)中提供的关于互联网协议 (IP)网络使用特定类型的信息规格套件。 它是对DNS提供的DNS客户端(解析器)的DNS数据来源,数据完整性验证,但不提供或机密性和认证的拒绝存在扩展集。
介绍内容来自 http://www.pulog.org/tools/1758/Phreebird
---------------
Phreebird is a DNSSEC proxy that operates in front of an existing DNS server (such as BIND, Unbound, PowerDNS, Microsoft DNS, or QIP) and supplements its records with DNSSEC responses. Features of Phreebird include automatic key generation, realtime record signing, support for arbitrary responses, zero configuration, NSEC3 "White Lies", caching and rate limiting to deter DoS attacks, and experimental support for both Coarse Time over DNS and HTTP Virtual Channels. The suite also contains a large amount of sample code, including support for federated identity over OpenSSH. Finally, "Phreeload" enhances existing OpenSSL applications with DNSSEC support.
from http://freecode.com/projects/phreebird