All, Well it seems that the ISC patch didn't do all that much. Typical. This is what happens when you have less than interested folks attempting to do security related fix's. Lets hope DHS gets on the ball and gets this noted soon! I am relatively sure ICANN won't. Yet, our BindPlus stands up to the test so far! >:) No holes here. I wonder how Berstein's is doing? See: John Markoff of the NYTimes writes about a Russian hacker, Evgeniy Polyakov, who has http://www.nytimes.com/2008/08/09/technology/09flaw.html?partner=rssnyt&emc=... successfully poisoned the latest, patched BIND with randomized ports. Originally, the randomized ports were never supposed to completely solve the problem, but just make it http://it.slashdot.org/article.pl?sid=08/07/08/195225&tid=172 harder to do. It was thought that with port randomization, it would take roughly a week to get a hit. Using his own http://tservice.net.ru/~s0mbre/blog exploit code, two desktop computers and a GigE link, Polyakov reduced the time to 10 hours. Regards, Spokesman for INEGroup LLA. - (Over 281k members/stakeholders strong!) "Obedience of the law is the greatest freedom" - Abraham Lincoln "Credit should go with the performance of duty and not with what is very often the accident of glory" - Theodore Roosevelt "If the probability be called P; the injury, L; and the burden, B; liability depends upon whether B is less than L multiplied by P: i.e., whether B is less than PL." United States v. Carroll Towing (159 F.2d 169 [2d Cir. 1947] =============================================================== Updated 1/26/04 CSO/DIR. Internet Network Eng. SR. Eng. Network data security IDNS. div. of Information Network Eng. INEG. INC. ABA member in good standing member ID 01257402 E-Mail jwkckid1@ix.netcom.com My Phone: 214-244-4827