A curious article: http://www.wired.com/news/technology/0,1282,55795,00.html
It says that the Messenger Service Spammers are using port 135, which means that they're not using regular WinPOPUP stuff (the <03> names on port 139). I do, in fact, see connect attempts to port 135 in my home firewall logs. (I think they should be called slimewalls.) I'm guessing that they're doing something RPC-related that has, basically, the same effect. I'm just curious to know what it is... Chris -)----- -- Samba Team -- http://www.samba.org/ -)----- Christopher R. Hertel jCIFS Team -- http://jcifs.samba.org/ -)----- ubiqx development, uninq. ubiqx Team -- http://www.ubiqx.org/ -)----- [EMAIL PROTECTED] OnLineBook -- http://ubiqx.org/cifs/ -)----- [EMAIL PROTECTED]