Hello, to all ! I have the following problem : I defined the following ipchains rules on a firewall system : ipchains -I input -j DENY -p UDP -s 0.0.0.0/0 -d xxx.xxx.xxx.xxx/xxx 161 -l ipchains -I input -j DENY -p UDP -s 0.0.0.0/0 -d xxx.xxx.xxx.xxx/xxx 162 -l I think that this two commands should block any SNMP querys from world. I tested these rules from a remote host with mrtg. The output was input DENY eth1 PROTO=17 [remote ip]:[remote port] [destination ip]:161 L=141 S=0x00 I=25246 F=0x0000 T=53 (#7) Thats ok, but when i start a security scan with nessus (Version 1.0.1), the final report tells about a security hole at SNMP and SNMP-TRAP ports. The access is seems to be read, write, public..... I do not think, that this is a correct predication Next problem: Nessus reports, that Sendmail (Version 8.9.3) is susceptible against a redirection attack : rcpt to : recipient@hostname1@localhostname I think that sendmail is immun against such attacks (relaying, redirecting) since version 8.9.X. Sendmail is configured as Mail Relay. It forwards external mails to an internal Mail Server (NAT Network). HELP please. Is the system not correctly configured ....? Harald Scharf Softpoint electronic Netzwerksysteme / Firewalls Windows NT/Windows 2000/Linux/Netware/Unix mailto:h.scharf@softpoint.at www.softpoint.at www.simplex.at