Just did the test and realised that the one which reflects as poor is the dynamic IP address I got from struBi
Interesting. Most of my most recent tests only came up with the cache01.ns.iafrica.com server but my second last came up with four again, one of which was wbs-196-2-97-14.wbs.co.za. That's not the dynamic IP address I am assigned at the moment.
Another server listed is bld1.nyc.opendns.com, which is being dragged in somewhere else along the way. I don't have the Open DNS servers set on the router since iBurst Johannesburg ignored the settings and did its own thing anyway. I visited OpenDNS again and now see that OpenDNS reports that it is in use, although I am still taking my DNS server settings automatically from iBurst.
In my very last test wbs-196-2-97-15.wbs.co.za makes its appearance with an "UNKNOWN" rating for both source port and transaction ID randomness.
1. 208.67.217.4 (bld1.nyc.opendns.com) appears to have GREAT source port randomness and GREAT transaction ID randomness.
2. 196.7.142.132 (cache02.ns.iafrica.com) appears to have GREAT source port randomness and GREAT transaction ID randomness.
3. 196.2.97.15 (wbs-196-2-97-15.wbs.co.za) appears to have UNKNOWN source port randomness and UNKNOWN transaction ID randomness.
4. 196.7.0.138 (cache01.ns.iafrica.com) appears to have GREAT source port randomness and GREAT transaction ID randomness.
5. 196.2.97.14 (wbs-196-2-97-14.wbs.co.za) appears to have POOR source port randomness and GREAT transaction ID randomness.
I am confused.
Edit: The original discoverer of the latest DNS vulnerability has a test up on his web site (
http://www.doxpara.com) that returns the following "Your name server, at 196.2.97.14, appears vulnerable to DNS Cache Poisoning."
