Hi this is a result of Marc's daily seccheck script (on a SuSE 7.0 / kernel 2.2.16): ... * Changes (+: new entries, -: removed entries): - ipchains root UDP *:3828 * Changes (+: new entries, -: removed entries): + squid root UDP *:4441 ... Why should ipchains be able to open a udp port ? Do you think this a sign of being cracked and the ipchains executable being tampered with evil code ? Bjoern Engels LANWORKS AG --------------------------------------------- E-Mail: Bjoern Engels <bengels@lanworks.de> www.lanworks.de ---------------------------------------------