Hi, I know alot of people have done this, so why not ask? I'm playing with Mysql which listens on TCP port 3306. For the time being, I only am using it for tests and learning and stay on my localhost and local lan. BUT, when I go online and have the server still running, I would like to know if anyone is trying to gain access to the port, and their ip address. I figure that tcpdump is the thing to use, but what would the syntax be to monitor the single port and write it to a log file? The perl script Courtney seems to do this, but it has been designed to detect Satan-style attacks, and dosn't report a single port request. I wish the man pages had better examples. :-) - To get out of this list, please send email to majordomo@suse.com with this text in its body: unsubscribe suse-linux-e