Security of Patched DNS
In spite of the availability of DNSSEC, which protects against cache poisoning even by MitM attackers, many caching DNS resolvers still rely for their security against poisoning on merely validating that DNS responses contain some 'Unpredictable' values, copied from the re-quest. These values include the 16 bit identifier field, and other fields, randomised and validated by different 'Patches' to DNS. The authors investigate the prominent patches, and show how attackers can circumvent all of them. They present countermeasures preventing their attacks; however, they believe that their attacks provide additional motivation for adoption of DNSSEC (or other MitM-secure defenses).