Hi, If you are running syslogd on your machine and you dont receive remote logging to that machine you should probably consider removing the remote function of the program. Besides being another possible security risk a person may easily corrupt your audit logs though this port. It is quite easy to send fake messages to the syslogd at any facility and level. An easy way to fix this would probably be to change the line: int nfds, readfds = FDMASK(funix) | inetm | klogm; to int nfds, readfds = FDMASK(funix) | klogm; This will keep the inet socket from ever getting selected and read. I have not tested this however. An access control list would do no good here since the packets are UDP and source address is quite easy to forge. Tim N.