Hi, List. I have a question regarding the setup of our Webserver, well actually two. Is there a save way other than sftp/scp to let people update their webpages? Clients are using lots of Windows-Computers. After an Intrusion last week we don't like the idea anymore, that people use ftp to put their pages on the server. Does it make sense, with our setup, to use SuSE Firewall at all? Setup is : WWW---->FW---->(eth0) Webserver (eth1)<--->LAN ^ | ^ |------------------------v-----------------| Weird, I know. Incomming Traffic will go throug FW, but outgoing not. The Webserver-machine runs two instances of apache, to serve the www-pages and the local www-pages. That's the reason for the two NIC's. But by design we have to look at both NIC's as hostile Networks, because any computer is connected any time to the Inter- net (University). If using the Firewall, how would a setup look like? Or better IPChains? And what would the Rules be ? We are serving only ports 80, 443, and 22 (http, https, ssh) to the "outside" and at the moment to the "inside" also. If people would insist to use ftp from inside, what then ? Thanks in advance, A. Meinerzhagen