Hi, I did an nmap scan on my computer itself on thee ways and realized that both the cups and nfs services are in fact listening on the external interfaces (last case as MYCOMP.MYDOMAIN): ########################### # nmap localhost && nmap 192.168.0.1 && nmap IP.IP.IP.IP Starting nmap 3.81 ( http://www.insecure.org/nmap/ ) at 2006-09-02 16:34 CEST Interesting ports on localhost (127.0.0.1): (The 1658 ports scanned but not shown below are in state: closed) PORT STATE SERVICE 25/tcp open smtp 111/tcp open rpcbind 631/tcp open ipp 930/tcp open unknown 2049/tcp open nfs Nmap finished: 1 IP address (1 host up) scanned in 0.564 seconds Starting nmap 3.81 ( http://www.insecure.org/nmap/ ) at 2006-09-02 16:34 CEST Interesting ports on trinity.skynet (192.168.0.1): (The 1657 ports scanned but not shown below are in state: closed) PORT STATE SERVICE 22/tcp open ssh 111/tcp open rpcbind 631/tcp open ipp 930/tcp open unknown 2049/tcp open nfs 3128/tcp open squid-http Nmap finished: 1 IP address (1 host up) scanned in 0.562 seconds Starting nmap 3.81 ( http://www.insecure.org/nmap/ ) at 2006-09-02 16:34 CEST Interesting ports on MYCOMP.MYDOMAIN (IP.IP.IP.IP): (The 1659 ports scanned but not shown below are in state: closed) PORT STATE SERVICE 111/tcp open rpcbind 631/tcp open ipp 930/tcp open unknown 2049/tcp open nfs Nmap finished: 1 IP address (1 host up) scanned in 0.559 seconds ########################### Previously I could successfully stop smtp/ssh/squid to listen on my external interface; would you please have an advise, how to stop the above two to do the same?! I'm not afraid too much, because the fire- wall is on, but... Thank you, Pelibali