The randomness of client ports used by recursive domain name servers to launch external queries affects the security level of domain name’s resolution greatly. If ports’ random algorithm is not secure enough, the domain name server is liable to cache poisoning attack. The well-known Kaminsky Vulnerability is the attack launched by taking advantage of the weak randomness of recursive servers’ client ports. Statistics show that the port randomness of more than 4% of China’s recursive domain name servers is weak, far above the world level of 0.98%. They are liable to DNS hijacking and attack.