Resolver source port behaviour checker

In light of the CERT VU#800113 announcement, DNS-OARC has created a special DNS name and server that you can query to determine if your resolver is at risk.

Usage:
dig @4.2.2.3 +short porttest.dns-oarc.net TXT

Replace 4.2.2.3 with your resolvers address. The result will either return FAIR, GOOD or POOR based on the observed deviation of the source ports.

Full details of DNS-OARC test can be seen here.