All, Yet another too soon.knee jerk claim by Apple. See: (August 1, 2008) Apple released a patch for the recently disclosed and exploited DNS vulnerability, but while it fixes Mac OS X systems used as DNS servers, it does not protect Macs being used as client systems. Fully patched versions of both Tiger (version 10.4.11) and Leopard (version 10.5.4) do not adequately randomize DNS source ports. Apple released Security Update 2008-005 on Thursday, July 31 to address 17 flaws in its OS X operating system. - From Internet Storm Center: http://isc.sans.org/diary.html?storyid=4810 A quick packet dump of my fully patched Leopard machine (OS X 10.5.4) shows it is - as a DNS client - still using incrementing ports. http://www.theregister.co.uk/2008/08/01/osx_still_vulnerable/print.html http://www.informationweek.com/news/hardware/mac/showArticle.jhtml?articleID... http://www.computerworld.com/action/article.do?command=viewArticleBasic&arti... Regards, Spokesman for INEGroup LLA. - (Over 281k members/stakeholders strong!) "Obedience of the law is the greatest freedom" - Abraham Lincoln "Credit should go with the performance of duty and not with what is very often the accident of glory" - Theodore Roosevelt "If the probability be called P; the injury, L; and the burden, B; liability depends upon whether B is less than L multiplied by P: i.e., whether B is less than PL." United States v. Carroll Towing (159 F.2d 169 [2d Cir. 1947] =============================================================== Updated 1/26/04 CSO/DIR. Internet Network Eng. SR. Eng. Network data security IDNS. div. of Information Network Eng. INEG. INC. ABA member in good standing member ID 01257402 E-Mail jwkckid1@ix.netcom.com My Phone: 214-244-4827