"it's not like this hasn't been reported, and fixed, many times by many others" - so if it's fixed so many times, how come it was still vulnerable, and ISC had to issue their patches?
Because its just a 16-bit field. DNS is broken. Cache poisoning will happen. Those are the facts on the ground. The only argument left
is the degree of brokenness.
-Amit
Tim Newsham http://www.thenewsh.com/~newsham/