DNS in Danger again [2]: "- The attack works regardless of the cache contains a record for the name that attacker wants to inject.
- Almost all DNS servers can be attacked/poisoned. Even with the patches released by vendors, the attack process can take couple of hours instead of couple of seconds.
- To block this attack using an IDS/IPS, a signature would be multiple DNS reply packets with the same source IP address and the same TXID."
