Didn't J Postel run a test similar to that once <G>... On a side note, how would you go about testing something like this ? What would be considered pass/fail metrics - well written applications vs. people doing silly and stupid things (ie. Would it be consisdered a failrue that sobig fails because it was incorrectly written ?) Bill -----Original Message----- From: owner-ietf@ietf.org [mailto:owner-ietf@ietf.org] On Behalf Of Christian Huitema Sent: Saturday, August 30, 2003 11:13 AM To: Zefram; ietf@ietf.org Subject: RE: FW: Virus alert >> By the way, the worm does not only include its own SMTP service. It >> seems to also include its own DNS code, probably in order to get the MX >> records of its targets. This DNS agent is parameterized to start any >> look-up at the A-root, with the side effect of overloading this root >> server. > > Does this mean we can stop the virus and associated spam just by switching > off the A root? I would suggest that you engage in serious testing before trying anything like that! -- Christian Huitema