Didn't J Postel run a test similar to that once <G>...
On a side note, how would you go about testing something like this ?
What would be considered pass/fail metrics - well written applications
vs. people doing silly and stupid things (ie. Would it be consisdered a
failrue that sobig fails because it was incorrectly written ?)
Bill
-----Original Message-----
From: owner-ietf(_at_)ietf(_dot_)org [mailto:owner-ietf(_at_)ietf(_dot_)org] On
Behalf Of
Christian Huitema
Sent: Saturday, August 30, 2003 11:13 AM
To: Zefram; ietf(_at_)ietf(_dot_)org
Subject: RE: FW: Virus alert
By the way, the worm does not only include its own SMTP service. It
seems to also include its own DNS code, probably in order to get the
MX
records of its targets. This DNS agent is parameterized to start any
look-up at the A-root, with the side effect of overloading this root
server.
Does this mean we can stop the virus and associated spam just by
switching
off the A root?
I would suggest that you engage in serious testing before trying
anything like that!
-- Christian Huitema