Recently, a friend of mine (who actually runs BSD, and has one windows box behind his firewall) observed something and warned me about it, and I thought I should pass the warning along. My friend Chris had set up his windows box, but, being more than usually sensible, he configured his firewall to check *OUTGOING* packets and filter them on content -- specifically, not allowing packets to go out if they contained identifying information about his windows machine or the software installed on it, or cleartext passwords. This is good practice simply because if something behind your firewall gets infected, odds are that it's going to try to send out lots and lots of packets, or report configuration/passwords/etc back to its creator, and a well-configured firewall is supposed to stop it. But when he started up Media Player, the firewall, in his words, "lit up like a christmas tree." As it turns out there are some windows applications that "phone home" with information you'd really rather not have people outside your firewall pawing through, including passwords in cleartext, lists of software installed, etc. And media player is one such. Increasingly, as commercial and closed-source software for linux becomes available, monitoring for this kind of abuse will become even more relevant. It seems that it's already quite a problem if you run windows boxes behind your firewall. So set up a good firewall that filters outgoing packets on content, as well as incoming packets on port number. Bear