Doug, You make a strong case for caution. Any simple way to detect the possible compromise? I presently examine my daily log of incoming and outgoing emails for anomalies, check for rootkits, etc., and have so far been fortunate (I think). BTW, the answer to my original question seems to be that I ought to open ports on the server side to support passive mode. The only possible benefit seems to be I could close port 20. Not much of a benefit, and way too much risk. Chuck -- The Moon is Full My home page with some downloads is at http://www.mhcable.com/~chuckh The early bird may get the worm, but the second mouse gets the cheese.
