early 1990s as described by Christopher Schuba [1] and Paul Vixie [2].
In 1997 a practical implementation of a blind remote DNS cache poisoning
attack that relies solely on exploiting the predictability of the ID
field of DNS query packets was described by Arce and Kargieman [3]. This
was followed up by further refinements and advancement of attack
techniques by Vagner Sacramento [4] and Joe Stewart [5] in 2002. Amit
Klein further investigated query Id predictability in BIND version 9[6]
and Windows DNS[7] server implementations in 2007. In 2008 a much
publicized advancement of the DNS cache poisoning technique was
disclosed by Dan Kaminsky [8] in conjunction with the release of
security fixes by several vendors. Microsoft's MS08-037
‣ Daniel Mende, Simon Rich ; ERNW GmbH ; Germany
‣ Dr. Anton Chuvakin ; LogLogic, Inc ; USA
‣ Haroon Meer ; SensePost ; South Africa
‣ Heikki Kortti and Jukka Taimisto ; Codenomicon Ltd ; Finland
‣ Jason Steer ; IronPort, a division of Cisco Systems ; UK
‣ Joe Stewart ; SecureWorks ; USA
‣ José Nazario ; Arbor Networks ; USA
‣ Kurt Grutzmacher ; Pacific Gas & Electric ; USA
‣ Luciano Bello ; CITEFA/Si6 , Debian Project ; Argentina
‣ Marc Schoenefeld ; University of Bamberg ; Germany
‣ Matt Jonkman ; Emerging Threats.net (formerly bleedingthreats.net) ; USA
