This document summarizes Dan Kaminsky's talk at Black Hat 2008 about DNS cache poisoning vulnerabilities. It describes how an attacker could spoof DNS responses to redirect traffic to malicious servers by guessing transaction IDs and bait-and-switch techniques. It also discusses ways to trigger DNS lookups from internal resolvers and extended the attacks to target firewall-protected networks. The talk highlighted major security issues in the DNS infrastructure and spurred an industry-wide effort to deploy patches.