Massive, coordinated DNS patch released

On the NetworkWorld article about the issue there's a link to Kaminsky's page with a DNS checker, would both links be appropriate to post here?

 

NetworkWorld article http://www.networkworld.com/news/2008/070808-dns-flaw-disrupts-internet.html?t51hb

Kaminisky's DNS checker: http://www.doxpara.com/

Thanks, Ron.

 

Another one (that doesn't require Javascript) is https://www.dns-oarc.net/oarc/services/dnsentropy

 

You know what I don´t understand? Why did it needed to be patched on client PC´s? I´m talking about the fix that screwed up ZoneAlarm. I mean you would think that only the DNS servers needed patching, can ayone explain?

 

The problem is in the DNS server not client so it is not related to ZA on your system.

 

From what i have read about the flaw OpenDNS is not affected,good reason to install it. http://www.opendns.com/

 

That's not quite correct - see, e.g., the example here or here. As a matter of fact the client libraries of Windows and all Linux and BSD distributions have been patched in the meanwhile - but NOT Apple! Their client libraries still aren't patched, i.e., they haven't implemented randomization of the query ID and the source port yet.