pageoneresults - 3:29 am on Jul 9, 2008 (gmt 0)

He's got a tool available to check if you are open to this particular exploit...

To find out if the DNS server you use is vulnerable, click below.
[doxpara.com...]

Hmmm, guess what the results show me? My provider is vulnerable. And guess what they are vulnerable to?

Your name server, at ***.***.***.***, appears vulnerable to DNS Cache Poisoning.

Remember all those topics I ran on DNS Recursion and all that stuff that doesn't happen to many so it gets blown off? I have to wonder if this is related? I just don't know if I can wait a whole month to find out. ;)

Please Note

There is absolutely no reason to panic; there is no evidence of current malicious activity using this flaw, but it is important everyone follow their vendor's guidelines to protect themselves and their organizations.

Cisco just released information...

Cisco Security Advisory: Multiple Cisco Products Vulnerable to DNS Cache Poisoning Attacks
2008-07-08 - [cisco.com...]

Multiple Cisco products are vulnerable to DNS cache poisoning attacks due to their use of insufficiently randomized DNS transaction IDs and UDP source ports in the DNS queries that they produce, which may allow an attacker to more easily forge DNS answers that can poison DNS caches.

US-CERT has all the details...

Multiple DNS implementations vulnerable to cache poisoning
National Cyber Alert System
Technical Cyber Security Alert TA08-190B
2008-07-08 - [us-cert.gov...]