Well, on the topic of broadcast addresses, here is what my TCP/IP books have to say. The are 3 types of bradcast addresses. Limited Broadcast which is 255.255.255.255. "A datagram destined is *never* forarded by a router under any circumstance. It only appears on the local cable. An unanswered question is: if a host is multihomed and a process sends a datagram to the limited broadcast address, should the datagram be sent out each connected interface that supports broadcast? If not, an application that wants to broadcast out all interfaces must determine all the interfaces on the host that suppport broadcasting, and send a copy out each interface. Most BSD systems treat 255.255.255.255 as an alias for the broadcast address of the first interface that was configured, and don;t provide any way to send a datagram out all attacjed, broadcast-capable interfaces. Indeed, two applications that send UDP datagrams out every interface are routed and rwhod (the server for the BSD rwho client). Both of these applications go through a similar start-up procedure to determine all the interfaces on the host, and which ones are capable of broadcasting. The net-directed broadcast address corresponding to that interface is then used as the destination address for datagrams sent out ther interface. 'The Host Requirements RFC takes no stand on the issue of whether a multihomed host should send a limited broadast out all its interfaces." The second type is Net-directed Broadcast. "The net-directed broadcast address has a host ID of all one bits. A clas A net-direct broadcast address is netid.255.255.255, where netid is the class A network ID. Arouter must forward a net-directed broadcast, but it must also have an option to disable forwarding." The netx type is Subnet-directed Broadcast."The subnet-directed broadcast address has a host ID of all one bits but a specificsubnet ID. Classification of IP address as a subnet-directed broadcast address requires knowledge of the subnet mask. For example, if a router receives a datagram destined for 128.1.2.255, this is a subnet-directed broadcast if the class B network 128.1 has a subnet mask of 255.255.255., bit it is not a broadcast if the subnet mask is 255.255.254.0 (0xfffffe00). The last type of broadcast address if the all-subnets-directed Broadcast address "An all-subnets-directed broadcast address also required knowledge of the destination network's subnet mask, to differentiate this broadcast address from a net-directed broadcast address. Both the subnet Id and the host ID are all ones bits. For example, if the destination's subnet mask is 255.255.255.0, the the IP address 128.1.255.255 is an all subnets-directed broadcast. But if the network is not subnetted, then this is a net-directed broadcast. Currect feeling [Almquist 1993] is that this type of broadcast is obsolete. it is better to use multicasting then an all-subnets-directed broadcast. '[Almquist 1993] notes that RFC 922 requires that an all-subnets directed broadcast be sent to all subnets, but no currect routers do so. This is fortunate since a host that has been musconfigured without its subnet mask sends all its "local" broadcast to all subnets. For examplem ufd the host with IP address 128.1.2.3 doesn't set a subnet mask, then its broadcast address normallu defaults to 128.1.255.255. but if the subnet mask should have been set to 255.255.255.0, then broadcast from this misconfigured host appear directed to all subnets." Sorry if anyone thinks thisis use less but i wanted to set clear certain misunderstanding on the way broadcasting works. To be a bit more precise if your are in a net that is subnetting (specially subnetting a class C netowkr or subnetting a class B network in a non standard way) and if you routers does not pass all-subnets directed broadcasts messages you are rather safe unless the attackers knows your subnet mask (with shoulndt be all that hard to guess by trail and error). a1 http://dfw.net/~aleph1