Look this is a most painful topic for me to put in front of you all and perhaps it is not the right forum but I have been monitoring for a while and I need a place to start... My company uses macintoshes on the LAN but I cannot seem to find much good information on how these annoying little machines impact security. I have scanned them with several tools and I have found a few network services running: SRVLOC (427/tcp), afpovertcp (548/tcp), a warning concerning CVE:CAN-1999-0454, a warning concerning ICMP_MASKREQ, plus I have been able to conduct a ping attack on the macs effectively disconnecting them from the network. They periodically send out packets addressed to 239.255.255.253 a SRVLOC Service Request (apparently part of the SLP protocol. But what's that ip?) On win machines and Linux boxes you can read a ton about how to secure them and you can find zillions of people willing to help but when I try to talk to the mac people about what their machines are doing on my LAN I get slapped in the face with what I like to (angrily) call "Apple Arrogance" (and yet they are unable to find the button that turns off the unneeded services.) Everything I do read, from "official sources" gives one the impression that Apple has thought of everything and I need not worry, Mr.Jobs will take care of everything for me. Unofficially I have found a dozen or so "tools" designed to wreak havoc with a mac and the network its on. Does anyone know what risk these mystery machines really pose to a network? Will I have to settle for putting them behind a firewall and not be able to secure them individually? I know that generally macs are a miniscule part of the problem but for a novice like myself with a number of them to worry about I'd like to have a handle on what the issues actually are instead of leaving it all up to Apple. If you have a better forum for this question let me know and I'll go there. This is just a shot in the dark with this issue. Tim