This got me to thinking... there's no reason a centralized, automated database would need to be "yea/nay". Perhaps it's time for a "vulnerability info" RRTYPE. Of course, DNS might not be the protocol of choice; focus on concept and ignore details. ;-) One of the fields could be severity. Let minor things be logged, moderate troubles cause nagging, and major issues (e.g., worm spreading via known exploit) trigger a shutdown. Note that BIND could be written so any given instantiation knows what subsystems (TSIG, recursive queries, etc.) it's actually using. Eddy -- Brotsman & Dreger, Inc. - EverQuick Internet Division Bandwidth, consulting, e-commerce, hosting, and network building Phone: +1 (785) 865-5885 Lawrence and [inter]national Phone: +1 (316) 794-8922 Wichita ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Date: Mon, 21 May 2001 11:23:58 +0000 (GMT) From: A Trap <blacklist@brics.com> To: blacklist@brics.com Subject: Please ignore this portion of my mail signature. These last few lines are a trap for address-harvesting spambots. Do NOT send mail to <blacklist@brics.com>, or you are likely to be blocked.