I checked my DNS ("XYZ" via ISP COX broadband internet) and it IS still identified as vulnerable to this threat. Note: your ISP may have more than one DNS available.

If you want additional details on the IP address that was provided by the tool at doxpara.com (if any) you go to this page, http://www.ip2location.com/ and enter that number into the field provided at the upper right-hand side of the web-page, and then click on the "Find Location" button. It will ID the DNS and service provider information.
====================================


http://www.breitbart.com/article.php?id=080709124916.zxdxcmkx&..._article=1
Internet flaw could let hackers take over the Web
Jul 9 08:49 AM US/Eastern

Recently, a significant threat to DNS, the system that translates names you can remember (such as http://www.doxpara.com) to numbers the Internet can route (66.240.226.139) was discovered, that allows malicious people to impersonate almost any website on the Internet.

To find out if the DNS server you use is vulnerable, go to the doxpara website below, and click on the "Check My DNS" button.

Kaminsky built a web page, http://www.doxpara.com, where people can find out whether their computers have the DNS vulnerability.

Automated updating should protect most personal computers. Microsoft released the fix in a software update package Tuesday.


edit-add instructs on finding more details about the DNS IP address.

Wednesday July 9, 2008
Microsoft DNS Patch Grounds ZoneAlarm Users

One of Tuesday's Microsoft patches causes ZoneAlarm users to lose Internet connectivity. The patch appears to be MS08-037 (Vulnerabilities in DNS Could Allow Spoofing), which was part of an Internet-wide fix of a common design flaw in DNS implementations

ZoneLabs has issued a workaround for users suffering from the problem. You have three options:

1.Move Internet Zone slider to Medium

Navigate to the "ZoneAlarm Firewall" panel

Click on the "Overview" tab

Move the "Internet Zone" slider to medium


2. Uninstall the hotfix

Click the "Start Menu"

Click "Control Panel", or click "Settings" then "Control Panel"

Click on "Add or Remove Programs"

On the top of the add/remove programs dialog box, you should see a checkbox that says "show updates". Select this checkbox

Scroll down until you see "Security update for Windows (KB951748)"

Click "Remove" to uninstall the hotfix



3. (advanced technical skills required): Add your DNS servers to trusted zone

From the "Overview" panel, select the "Firewall" panel then click on the "Zones" tab

Click "Add", then select "IP address" from the shortcut menu. The Add IP Address dialog appears. Select "trusted" from the Zone drop-down list

Type the IP address and a description in the boxes provided, then click "OK"

If you are not sure what IP addresses to add:

Click the Start Menu

Click on Run. Type "cmd.exe"

In the command prompt type: "ipconfig /all". Look for DNS Server(s) in the output of the command

For each IP address listed, navigate to the "Zones" panel of the "Firewall" tab, add the IP address, select "Trusted Zone", and press "Apply"

After you are done adding DNS servers click the "Apply" button

Also chck with zone alarm for fixes.
Source:http://snipurl.com/2wcry

LOL So what else is new?

DNS has always been an issue with security on the internet.
For unsecured DNS, the practice of increasing the record number in the DNS entry would actually permit the override of any other DNS record, with no checks to the primary owners record base. This could, would, does lead to a malicious user to hijack at least some if not all of your traffic based upon DNS name resolution.
If you maintain a DNS server that supports a all record lookup via nslookup or dig, then you are vulnerable. Do you know there are still folks out there running buisnesses with static IPs that are still supporting the finger protocol?!?!
Whats the most scary to me, is that Developers and the Companies associated with them seem to be the most "accessable" or vulnerable to these types of attacks, and they have entry points into major corporations. Most Coders do not understand the underlying risk that they are exposing thier clientelle to. This is one of the reasons I have a job.