Chuck, I once logged into one of my linux boxes and found a home directory for someone called dave, who intalled stuff that goes out on the net and scans other machines. This is very serious business. That means my machine is actually doing the scanning. Nobody with any brains does hacking from their own machine, they log in five, ten or more machines deep. The topic of detecting breaches is a very deep one, and if I was to have any ports pemanently open I'd look into software that monitors changes to files like tripwire or similar. Also set up firewall with logging rules. I have been hacked more than once, trust me it is not fun. Hackers look for easy entry. It's just like home security, they say you should have bars on your basement windows not because they are unbreachable but because they are deterrent, they make the criminals go to someone else's home without bars. Same is true for network security, don't make it easy for them. If you ask any security guru they will say there is no such thing as guaranteed network security. It is a trade off of risk versus cost, where cost is the effort expended in securing your system. The only way to be truly secure is too be off the net. Not viable for most but having ports open when you don't to is an invitation. If you do that, get on security alert lists and follow the known exploits, update your network software (dns, ftp, etc) as soon as new versions are created to fix exploit bugs. -- Doug
