Dear Suser's, Yesterday morning, I experienced my very first attempt of a hacker trying to sneak into my system. I have a SuSE9.1 fully patched, acting as a web server for a small comany. The user tried to ssh into my box, but since I have disabled keyboard interaction and only work with public keys, the hacker didn't have too much of a chance to play around... I have his IP and ran a tracepath on it. After node 19 which I got some IP indication I ended up with the following messages: 20: no reply 21: no reply 22: no reply 23: no reply 24: no reply 25: no reply 26: no reply 27: no reply 28: no reply 29: no reply 30: no reply 31: no reply Too many hops: pmtu 1500 Resume: pmtu 1500 Can someone help me out here? Can someone explain why I see "no reply" in this tracepath?? Any good ideas how I can find who this person is via IP?? Thanx. Chris