Re: [DSA 1605-1] DNS vulnerability impact on the libc stub resolver
Quoting Vincent Deffontaines (firstname.lastname@example.org):
> And the Linux kernel (Netfilter) implements NAT source port randomization
> since 2.6.21, which can make it a conveninent way to protect your natted
> hosts without any patching.
> See http://software.inl.fr/trac/wiki/contribs/RandomSkype for details.
I believe this works on UDP traffic only starting with 2.6.24. See: