All, As an FYI: Austrian CERT used data from one of their authoritative DNS server to measure the rate at which the http://it.slashdot.org/article.pl?sid=08/07/08/195225&tid=172 latest DNS patch (source port randomization) is being rolled out to larger recursive name servers. While about http://cert.at/static/cert.at-0802-DNS-patchanalysis.pdf half the traffic (PDF) they receive is now using source port randomization, their data suggest that this is due to ISPs who roll out such fixes immediately. The rate of patching has fallen to disappointingly low levels since. If your ISP isn't patched, perhaps it is time to switch." After details of the DNS vulnerability http://it.slashdot.org/article.pl?sid=08/07/21/2212227&tid=172 leaked, researchers |)ruid and HD Moore [4]released attack code; ZDNet's security blog has http://blogs.zdnet.com/security/?p=1546 an analysis. Regards, Spokesman for INEGroup LLA. - (Over 281k members/stakeholders strong!) "Obedience of the law is the greatest freedom" - Abraham Lincoln "Credit should go with the performance of duty and not with what is very often the accident of glory" - Theodore Roosevelt "If the probability be called P; the injury, L; and the burden, B; liability depends upon whether B is less than L multiplied by P: i.e., whether B is less than PL." United States v. Carroll Towing (159 F.2d 169 [2d Cir. 1947] =============================================================== Updated 1/26/04 CSO/DIR. Internet Network Eng. SR. Eng. Network data security IDNS. div. of Information Network Eng. INEG. INC. ABA member in good standing member ID 01257402 E-Mail jwkckid1@ix.netcom.com My Phone: 214-244-4827