I'm running a little web-server under CentOS-5.4 , with shorewall as firewall. I used to get messages about attempted intrusions, with the IP addresses of those attempting to connect. This stopped some time ago, and my logwatch reports now are very bare. I don't recall changing the settings of logwatch or shorewall. Has there been some default change? I should say that I'm not sure if I mind losing these warnings, as I never used to do anything about them. -- Timothy Murphy e-mail: gayleard /at/ eircom.net tel: +353-86-2336090, +353-1-2842366 s-mail: School of Mathematics, Trinity College, Dublin 2, Ireland