Better Safe Than Sorry

DNS Poisoning

DNS servers the world over have been targeted by evil doers. Flaws in these servers could allow creeps to silently redirect your browser sessions to anywhere.

To check to see if your ISP is vulnerable go here.

If the results (above) are less then satisfactory do contact your ISP and complain bitterly.

You could also use DNS servers that are patched. I suggest OpenDNS.com - they even have a handy application that corrects your settings when your ISP's DHCP server changes your IP.

Here is a good synoposis from the blog Security Fix:

At issue is a basic design flaw in the domain name system. DNS is the communications standard that acts as a kind of telephone book for the Internet, translating human-friendly Web site names like example.com into numeric addresses that are easier for networking equipment to handle and route. When people type a Web site name into their Internet browser, the process of routing of that name to Internet address is generally handled through DNS servers managed by Internet service providers and corporations. But according to research released this month, most of those DNS servers are vulnerable to a security flaw that allows miscreants to silently alter the virtual road maps that those systems rely on to route traffic. As a result, a cyber criminal could trivially rewrite those records so that when customers of a vulnerable ISP or network provider try to visit a particular Web site, they are instead taken to a counterfeit site created by the bad guys.

Security begins at home. Never assume your ISP has a clue.