Is Your ISP patched?
Is your ISP patched against the DNS cache poisoning (US CERT advisory) exploit? There are confirmed attacks in the wild. My ISP is patched. I asked them, and actually got an intelligent response. They escalated my ticket and a day later came the response:
“Thank you for contacting us And again thanks for the posted information , can assure you that all the necessary security measurements from our side are taken i order to prevent this "DNS Cache Poisining" ,there is nothing that you should worry about ,once again I thank you for your advise.”
These people (Be Unlimited, www.bethere.co.uk, a subsidiary of O2) actually seem to know what they are doing, even if the Bulgarian call-centre staff are a bit shaky on English grammar.
If your ISP isn’t patched, or you can’t get a sensible reply out of them, see the SBS Diva for a mitigation.