Just something a little bit different

Here is a little test for you to test if your ISP’s namesavers are vulnerable to deficiencies in the DNS protocol and implementations that can facilitate cache poisoning attacks. Try it Web-based DNS Randomness Test | DNS-OARC

I’m using OpenDNS, and it passes the test perfectly. :slight_smile:

1. 208.69.34.8 (bld3.lon.opendns.com) appears to have GREAT source port randomness and GREAT transaction ID randomness.

Number of samples: 59
Unique ports: 59
Range: 1310 - 65451
Modified Standard Deviation: 18268
Bits of Randomness: 16
Values Seen: 40005 30814 15845 6754 50340 33090 17705 17710 3635 27817 36468 8571 32431 60221 9969 34281 28128 61859 62672 45108 13114 32831 9412 18043 64464 51957 42932 54856 49524 53551 57249 22217 50854 27010 23568 22270 65451 50771 27336 10500 23243 41121 31852 35117 17379 58579 46791 32081 25476 11568 17511 41965 47102 26941 30802 8643 65074 1830 1310

Yeah I did one of those tests when the vulnerability was published, didn’t pass it, so I changed to OpenDNS.

Well, I tested and passed all of it without extra software :-TU

Xan

I am on wifi in a yacht marina in Spain which I think is supplied by Telefonica. I certainly get good results here.

OpenDNS means no extra software, just changing your connection’s configuration so that it uses their server’s IP.

The server I had earlier (Orange) will probably have already patched the vulnerability… :stuck_out_tongue: I hope.

(Actually you can create an account and use OpenDNS to filter sites, but I’ve never used that.)