There has been much tech chatter about Dan Kaminsky's reporting about a major DNS vulnerability. I am not going to rehash all the reporting here. But I do want to mention a few odds and ends observations.

• Dan Kaminsky has some information about the DNS vulnerability, his Defcon presentation, etc. at http://www.doxpara.com/ (IP address:157.22.245.20). The site also has a DNS Checker to see if you Internet connection is particularly vulnerable to DNS mischief. Take a look at his post with "Summaries".
  
• Steve Friedl has "An Illustrated Guide to the Kaminsky DNS Vulnerability". Nice!
• It can be prudent to catalogue the IP addresses of crucial site you use. One way is to use nslookup to find the IP addresses.
• BUT connecting to a server using its IP address is not a 100% guarantee of protection from DNS mischief. If, for example, the server pulls information from other servers using DNS information, the DNS vulnerability could affect this. Mashups could be particularly susceptible to this.
• If you're using Firefox and accessing a site using its IP address instead of the usual URL, you may run into a Secure Connection Failed warning saying something about an "invalid security certificate". This doesn't necessarily mean you've reached a bogus site. See FireFox's support for more information on this.

J.D. Abolins

Clarification NoteAdded 19 Aug 2008:
The mention of noting IP addresses of crucial sites is not the answer to the DNS vulnerability. It is simply mentioned as a helpful thing in general if you're dealing with certain crucial servers. For actual advice on dealing with the DNS vulnerability, follow the links to Dan Kaminisky's site.

Modification on 24 Aug 2008: I applied strikeouts to the observations that are confusing. Although I have a sound basis for those observations, they do look like the main advice given for the DNS vulnerability, rather than peripherial observations for using known IP address as a help for DNS problems in general.  Many aoplogies for the confusion.