"You might be interested in the response of simply telnetting to the finger port on most systems. It displays all the users on the system." He's right. Commenting it out ( or replacing it with a wrapper that applies some countermeasures to filter out misuse and abuse ) is suggested. ... SunOS 4.1.3 manual says : < start quoted material > NAME fingerd, in.fingerd - remote user information server SYNOPSIS /usr/etc/in.fingerd DESCRIPTION . . . . If the line is null (only a LINEFEED is sent) then finger returns a "default" report that lists all people logged into the system at that moment. If a user name is specified (for instance, ericLINEFEED) then the response lists more extended information for only that particular user, whether logged in or not. Allowable "names" in the command line include both "login names" and "user names". If a name is ambiguous, all possible deriva- tions are returned. SEE ALSO finger(1) . . . . < end quoted material > To cut through the inevitable arguement in the least amount of time ... finger(1) and fingerd(8) were evolved in a university environment. If your primary concern is security ... comment it out. If your primary concern is connectivity ... 'wrap' it. If your primary concern is attention ... complain about it. (-: -- richard "I gathered I wasn't very well liked. Somehow, the feeling pleased me." _Nine Princes In Amber_, by Roger Zelazny richard childers san francisco, california pascal@netcom.com