Your ISP's DNS server appears vulnerable to DNS Cache Poisoning?

[softtouch]

---

US-CERT's Vulnerability Note VU#800113 describes deficiencies in the DNS protocol and implementations that can facilitate cache poisoning attacks. The answers from a poisoned nameserver cannot be trusted. You may be redirected to malicious web sites that will try to steal your identity or infect your computers with malware. Working exploits for this issue are already widely circulated! Upgrade your nameservers ASAP if you haven't done so already! On August 7, 2008, Dan Kaminsky will release additional details about these poisoning attacks.

Test your ISP's DNS server here: https://www.dns-oarc.net/oarc/services/dnsentropy

The test takes a few seconds to complete. When its done you'll see a page where the transaction ID and source port randomness will be rated either GREAT, GOOD, or POOR. If you see a POOR rating, we recommend that contact your ISP and ask if they have plans to upgrade their nameserver software
before August 7th.

[r0mm3L]

softtouch have tried testing this servers?

208.67.222.222
208.67.220.220

[vern]

I don't know why anyone uses their ISPs DNS servers anymore. They should be used as a last resort ... aka never.

OpenDNS | Providing A Safer And Faster Internet is what everyone should use.

[poldopunk]

I don't know why anyone uses their ISPs DNS servers anymore. They should be used as a last resort ... aka never.

OpenDNS | Providing A Safer And Faster Internet is what everyone should use.

hihihi...i like the last resort aka never. i'm open dns too, everything is faster or so they say.

[softtouch]

I just tested opendns, and its not vulnerable so far...

[vern]

I just tested opendns, and its not vulnerable so far...

Never was and won't be. They patched their servers before anyone had working exploits. If you are a company that does one thing ... DNS ... I'd imagine they'd be right on that.