mh. icmp messages are vital to most traffic on the network and they cannot really be used for hacking. of course, icmp floods (i.e. ping of death etc.) are based on them, but your system should be immune. anyway, destination-unreachable for instance is what you get back when you point netscape to http://i.dont.exist.com. it's a very low-level protocol, called the internet (protocol) control message protocol, so it is used at a level far below tcp/udp to handle control messages. i don't know where you firewall is setup. i assume you are using ipchains to configure it. so check /etc/rc.d/init.d/ipchains, /etc/ipchains*, and /etc/sysconfig/ipchains for lines similar to the ones below. let me know when you find a file that lists rules with or without the 'ipchains' in the beginning of the line. martin ps: even better signature :) madduck@madduck.net (greetings from the heart of the sun)