About a week ago I started noticing several odd entries in the DNS log digest. The entries either looked like:
client 208.76.253.253 query (cache) './NS/IN' denied: 19406 Time(s)
or something like:
client 70.86.80.98 query (cache) 'acihldaaaafwx0000dgaaabaaafbjmok/NS/IN' denied: 1 Time(s)
with the second form repeated possibly hundreds of times with minor changes in the cache query string. I had read about the theoretical possibility of DNS cache poisoning several months ago and had dully updated my DNS software. It looked like several people were attempting "brute force" cache poisoning attacks with the minimum consequence to me being the huge number of rejected queries making my logs difficult to use for diagnosing other problems and possibly much more serious consequences if the cache poisoning attcks succeeded.