Alexander Dalloz wrote: > > http://www.cipherdyne.com/projects/psad/faq.html#diff_portsentry Thanks for that, never had heard of it -- seeing as how I never use the linux firewall code itself (opting for the hardware instead), there's really only the following issue: * portsentry cannot detect any probes that utilize the icmp protocol. IMHO, the rest of the things on that list are fluff - nice things to have, but not important. For a dead project, it still works swimmingly well to this day. Who knows though, some day I may try psad. -te -- Troy Engel | Systems Engineer Fluid, Inc | http://www.fluid.com