Hello, I am reviewing the security on my home desktop and have a question which I hope is simple to answer. I should say that I am on a 56k dial up PPP connection and offer no services to anyone. I am the only user and root. Simple. In fact, I think my security measures are probably over-the-top, but still it sems like good practice and makes interesting learning. I have hardened the system using Marc's hardening script and have set up Firewall2. Now, when I scan my ports with nmap, I have 'canna', 'smtp' and 'squid' showing open. Canna is my Japanese language server and I have squid running to cache pages for web browsing. I also opened up the smtp/sendmail service so I can use fetchmail to fetch my mail. My questions are: 1. Can I close the canna port and still use canna? I see no reason why it should be sitting open to external connections when I am the only person that needs to use it. How do I close it? 2. Is it necessary for squid to be sitting open, when I do not serve any web pages. Can I close the port and still have squid cache pages for my browsing? 3. I fetch mail with fetchmail which requires sendmail to send the mail to my account. Must I have sendmail running as a daemon or can I invoke sendmail when fetchmail needs it. If I shut down sendmail/smtp, I can sendmail, with sendmail -q but fetchmail fails. Basically, how do I close the smtp port but still use fetchmail? I'd be grateful for any help. And if I appear to be barking up the wrong tree, then please do let me know! :-) thanks Joss