I discovered on our solaris 2.4 boxes, that if you telnet to the discard port, then quit telnet (using control-right-bracket and quit), you leave a single inetd running in an infinite read loop. Do this twice, and you get two inetds running... obviously you can quickly bog the machine down to a standstill.. This doesnt happen on solaris 2.5, so I guess it is some inetd bug thats been fixed? anyone know a 2.4 patch for this? Also: what I havent seen mentioned yet, the denial of service attack is not just to bring down a box.. if one is employed on Host A, which is trusted by Host B, then this allows the network clear for the bad guy to impersonate Host A, (the real Host A being effectively muzzled), thus get into Host B. If I remember correctly, this was one of Mitnicks tricks against Shimomuras collection of machines. -- Justin@fp.cibc.com