1 - Netcat has as one of its features the ability to do port scanning. But it is a command line utility with dozens of features. 2 - The logs would not provide much. There ARE several scripts that come with the lastest version to automate probing and are mainly intended as an example, and I suppose some lame idiot might run those, but a serious undetected probe using Netcat would require some adjustments. 3 - Any ids that looks for odd repeated port connections might detect it, although Netcat does allow you to randomly scan a range of ports which would defeat some of those. Since it is completely adjustable, you can get around any ids that 1) looks for sequential port scans 2) does not look for UDP scanning which Netcat does and 3) any detection based off of times between connections since you can adjust the time between each connection probe. BTW I mainly use Internet Security Scanner for testing. Netcat is nice for some quick stuff but I mainly use Netcat for some of its other features. I find the UDP stuff very useful. Mark.Loveless@bnsf.com [Quoted Message Deleted]