On Wed, Sep 10, 2003 at 08:53:40PM +0900, itojun@iijlab.net wrote:
> 	i would suggest you to see what dnsspoof(8) in dsniff package is
> 	capable of.  the attacks are real, and unpredictable ID is an important
> 	protection.  the real world is much scarier place than you think.

an important protection in the real world where you can't rely on
someone else's server infrastructure supporting stronger protections
(like TSIG), unfortunately.

--
Dan.