Google has generally begun to allow case randomization in domain queries sent to authoritative name servers in an effort to make hidden domain poisoning attacks less effective. μνήμη(cache poisoning attacks).
This means that queries for a domain like iguru.gr, if handled by Google Public DNS, could be reconfigured to IgUrU.gr when the request is transmitted to DNS servers for lookup. Although this will be detectable by administrators controlling network traffic, the specific formatting it is not visible to the general public.
When users try to visit a page like iguru.gr – with whatever program περιήγησης ή εφαρμογή χρησιμοποιούν, ουσιαστικά ρωτούν το domain name του ιστότοπου χρησιμοποιώντας το Domain Name System (DNS) για να ανακαλύψουν τις διευθύνσεις IP των διακομιστών που φιλοξενούν τον ιστότοπο. Ένα τέτοιο ερώτημα DNS συνήθως περνά μέσα από μια αναδρομική υπηρεσία DNS που έρχεται σε επαφή με άλλους διακομιστές ονομάτων μέχρι να λάβει τελικά μια απάντηση από έναν έγκυρο διακομιστή ονομάτων.
To speed up this multi-step process, DNS query responses may be cached by these intermediate name servers. This opens up the possibility of cache poisoning attacks.
One such attack involves attacking one of these intermediate name servers with too many DNS queries for uncached domains. The victim server then contacts other name servers that can help it answer these queries. At the same time, the attacker floods the victim's server with false responses that are disguised to look like legitimate responses from these other name servers.
The hacker's goal is to get the victim's server to accept one or more of these bogus responses – and cache that wrong response – so that he can take advantage of the misdirection.
All of this is possible because DNS servers are based on UDP – a network protocol that is faster than TCP, but offers no guarantees on connections and is therefore more vulnerable to spoofing. It also works because DNS query IDs are 16-bit fields, meaning their possible values can only range from 0 to 65.535 – a small enough range to guess with a flood of malicious requests.
There is one detailed analysis of this attack here if you are curious. And, yes, DNSSEC is supposed to prevent these kinds of cache poisoning attacks, when supported and usestai.