> i'm not a dns user (just the client side) on Plan9, is the server part > vulnerable to the recent poisonning attacks?
i think the recent dns cache-poisoning vulnerability is more self promotion than substance. my friends at [dns operator] agree. however, ndb/dns does use randomized query ids. you can use snoopy to verify this or you can read the source. (ndb/dnresolv.c/^queryns) so it is not vulnerable. the other part of this promotion was selling dnssec. i'm not sold. see the five objections to dnssec in the second paragraph. http://en.wikipedia.org/wiki/DNSSEC next up, the exploit remix. - erik
