Guys Just a very quick question! I met a new client that was infected by teh 2 latest worms going around the streets! They are running SBS2k with ISA setup, however the worm still got into the System. Is there a way to prove TCP135 was being protected? I have now patched the Server, and ALL workstations, as they were all infected! Finally, if the client PC's have the ISA Firewall Client turned OFF, are they still able to access teh Internet, WITHOUT Firewall Protection? Thanks for your help Simon Weaver Technical Consultant MCSE+Internet / MCSE Windows 2000 Integrated Solutions Corp. Ltd http://www.iscl.net <http://www.iscl.net/>