You use a fuzzing framework. You seed the fuzzer with legal messages and let it generate other inputs but modifying those seeds.
> On 20 Jun 2022, at 17:14, Stephane Bortzmeyer <[email protected]> wrote: > > I maintain an experimental authoritative DNS server and I would like > to test its robustness. dnsperf and flamethrower are great to test its > performance, zonemaster and dnsviz are perfect to test its correctness > in face of legal input but I would like to see how it reacts to > *illegal*, malformed input. (An example of such input is > <https://lists.dns-oarc.net/pipermail/dns-operations/2022-May/021657.html>.) > > Since most DNS libraries are made to prevent the programmer for > issuing illegal DNS requests, it is not obvious to write such a test. > > Are you aware of libraries / programs / frameworks to exercice, in a > hard way, the robustness of a server? > _______________________________________________ > dns-operations mailing list > [email protected] > https://lists.dns-oarc.net/mailman/listinfo/dns-operations -- Mark Andrews, ISC 1 Seymour St., Dundas Valley, NSW 2117, Australia PHONE: +61 2 9871 4742 INTERNET: [email protected] _______________________________________________ dns-operations mailing list [email protected] https://lists.dns-oarc.net/mailman/listinfo/dns-operations
