Slashdot carried this story yesterday on a BIND vulnerability: <http://it.slashdot.org/story/09/07/29/0028231/New-DoS-Vulnerability-In-All-Versions-of-BIND-9> The upstream report: <https://www.isc.org/node/474> Red Hat's Bugzilla: <https://bugzilla.redhat.com/show_bug.cgi?id=514292> >From what I'm reading, if one has an Internet-facing master for a zone, one is vulnerable, even if dynamic DNS isn't being used.