said by jlivingood :

The Comcast DNS servers were patched in advance of the CERT advisory. Some of the test tools may have limitations that do not show all of the possible protections. The NAT issue you see may be because you are behind a NAT box.

Your name server, at 68.87.68.165, may be safe, but the NAT/Firewall in front of it appears to be interfering with its port selection policy. The difference between largest port and smallest port was only 297.
Please talk to your firewall or gateway vendor -- all are working on patches, mitigations, and workarounds.

------------------------------------------
Requests seen for 3fb39d027c49.toorrr.com:
68.87.68.165:16992 TXID=62773
68.87.68.165:16929 TXID=3653
68.87.68.165:17226 TXID=4680
68.87.68.165:16972 TXID=28772
68.87.68.165:17178 TXID=669

Your name server, at 209.244.5.159, appears to be safe, but make sure the ports listed below aren't following an obvious pattern.
------------------------------------------
Requests seen for c1a7d2cdc9d8.toorrr.com:
209.244.5.159:50422 TXID=20587
209.244.5.159:43684 TXID=36013
209.244.5.159:44105 TXID=38976
209.244.5.159:42347 TXID=31019
209.244.5.159:41916 TXID=1615

Your name server, at 208.69.32.13, appears to be safe, but make sure the ports listed below aren't following an obvious pattern.
------------------------------------------
Requests seen for b74008fa640a.toorrr.com:
208.69.32.13:31506 TXID=29292
208.69.32.13:10035 TXID=41242
208.69.32.13:23535 TXID=46244
208.69.32.13:40148 TXID=29386
208.69.32.13:39546 TXID=26965