For those who sent e-mail, sorry I didn't include enough information about Pingware. Pingware is a commercial product from Bellcore, which employs the hacking techniques that Bellcore employees have observed as being widely used. It is more agressive than ISS (which we also use). Pingware is usually noticed whereas ISS often isn't. It is sold with two different prices, one includes consulting to interpret the results, the other price does not include consulting. As a simple country boy who only learned to read the road signs that lead away from the farm (really was a hog farmer), I bought Pingware with consulting then found I didn't really need the consulting. The Bellcore contact is June Ralph, (908) 699 4647, who did a very convincing demo for us. We had spent a month tightening up a machine we planned to put on the Internet. June installed Pingware on a nearby machine and it promptly stole the password file from the machine we had just finished tightening up. However, it was not able to crack any passwords because we were using pass phrases. Using various software packages including Pingware to routinely check the security of every Unix box we can find on our network has provided some surprising results. Several times, secure machines got a software upgrade and the software upgrade included a Guest account with no password or a mail account with no password, that had not been there before and was not mentioned anywhere in the upgrade documentation. If all this sounds like I know what I'm talking about, don't let that fool you. I simply read everything I could get on computer and network security from CERT, SRI, NSA and CIAC. Hog Farmer Tropical Hog Improvement Programme