Last week’s big news was the DNS vulnerability announcement by Dan Kaminsky.  The sage of IOActive has been taken very seriously by the industry, several vendors have already released patches, and we can expect several more in the coming week.  The robustness of the Internet’s DNS infrastructure merits serious analysis.  Despite the fact that the Internet itself cannot work with out DNS, over half of the DNS servers allow recursion, a weakness that can lead to cache poisoning, sending your traffic to a criminal’s website.  Many other vulnerabilities exist, and some readers might be amazed at the poor shape of many cobbled together DNS servers in production today.  DNS vulnerabilities were cited as a key concern for 2008 at the eBay internal conference earlier this year, it looks like this prediction is coming true.  Let’s hope Kaminsky’s DNS warning creates momentum to raise the bar for DNS security.