Hi Dan,
I agree with bob3160 and you that DNS is broken(ish) at the moment, and the exploit was already out in the open after Dan Bernstein published about the gigantic flaw Dan Kaminsky found. In IE you can set your browser to use reliable DNS name servers, you can even set the specific url to a specific domain name in your hosftile. OpenDNS can be a good option, never saw a hassle for people that used it.
But again folks, this affair is huge and hanging over us, because the actual exploit code is out on the web (CAU), also for the client side. Getting back to Dan Kaminsky's and his efforts. He was also able to convince Yahoo to publicly ditch an unpatchable system (BIND
. Yahoo are the world’s biggest user of BIND 8 so this is a massive undertaking and highlights the seriousness of the issue.
Anyways all our webforum users have been alerted here to this issue, can check or ask their ISP to fully patch or implement a reliable DNS service themselves, you have no excuse anymore to delay..
polonus