[Denial of service possible by remote host putting multiple connections to a port into the SYN_RCVD state, thereby precluding further (legitimate) connection attempts.] It's even worse. The same thing was done deliberately by Kevin Mitnick during his packet-spoofing attack on Shimomura's machines in San Diego. Mitnick put lots of connections into the SYN_RCVD state on machine A, thereby "jamming" machine A and preventing it from interfering (by sending RST packets) with his attack on machine B, impersonating machine A. Jim Shankland Flying Fox Computer Systems, Inc.