If you consider yourself a security guru and dont need iss then dont buy it. If you dont have the time to write your own code, or expertise to do so but want to check to see if you're vunerable to a large amount of holes then you may be interested. As for the suspicion of binaries, I dont see anyone not running Iftp or Itelnet binaries because "I dont have src code". Be sensible people, just because it isnt from the suns or decs or ciscos of the world is it a reason to throw it away as an option? Mark mark@netsys.com