The recently released (early july) advisory on the DNS exploits discovered earlier this year have caused a bit of stir on the BIND mailing lists, and rightly so. Everybody on board with this one?
CERT Bulletin: http://www.kb.cert.org/vuls/id/800113 Dan Kiersky's own description, and web-based nameserver checker: http://www.doxpara.com/ Alternate web-based nameserver checker (recommended by me! ) https://www.dns-oarc.net/oarc/services/dnsentropy If your nameservers aren't updated, do so! If your ISP's nameservers aren't updated, hound them relentlessly until they are! This is the only way we can all protect the validity of our clients and our own data.
