The flaw allows hackers to sabotage DNS servers and send web users to sites set up to hack into their systems.
Cricket Liu, architecture vice president at Infoblox, explained that the survey used the same tests as last year, but added a check on whether servers had patched against the Kaminsky flaw by performing source port randomisation.
"The number of name servers out there has increased slightly from 11.7 to 11.9 million, and firms are using more secure up-to-date versions of the Berkeley Internet Name Daemon package," he said.
The survey also found that companies are still not migrating to IP version 6 (IPv6), the replacement for the current IPv4 addressing protocol.
"IPv6 only increased from 0.27 to 0.44 per cent, although I have seen estimates for the IPv4 address space running out as early as 2011," warned Liu.
Other areas flagged up by the survey was that unsecure Microsoft DNS server usage dropped from 2.7 to 0.17 per cent, and support for the anti-spam Sender Policy Framework for validating email senders increased from 12.6 to 16.7 per cent.
However, Liu was less enthusiastic about the fact that more than 40 per cent of name servers allow recursive queries, leaving them vulnerable to DNS cache poisoning and distributed denial-of-service attacks. Other targets are the 30 per cent of DNS servers that allow zone transfers to arbitrary requestors.
The Infoblox 2008 DNS Survey was performed in conjunction with performance testing and protocol compliance vendor The Measurement Factory.
.png&w=120&c=1&s=0)
Tech in Gov 2025
Forrester's Technology & Innovation Summit APAC 2025
.png&w=120&c=1&s=0)
Security Exhibition & Conference 2025
Integrate Expo 2025
Digital As Usual Cybersecurity Roadshow: Brisbane edition
.jpg&h=140&w=231&c=1&s=0)
.jpg&h=140&w=231&c=1&s=0)
