Hi Dar, Interesting. I've noticed the same thing with pings, but I honestly didn't think about the implications. Can you create HTTP/FTP/SMTP/NetBIOS or any other session during this period? Thanks! Tom -----Original Message----- From: Dar Scott [mailto:dsc@xxxxxxxx] Sent: Saturday, December 29, 2001 1:33 PM To: [ISAserver.org Discussion List] Subject: [isalist] Security hole at boot http://www.ISAserver.org For about 22 seconds at boot I can see ports on my external interface before the IP filter kicks in. I can ping the external interface from another computer during this time. I'm assuming I'm doing something wrong concerning when services are started, but I'm at a loss. A search for boot at isaserver.org or in Shinder or Simmons got nowhere. I haven't seen this at shutdown. I haven't tested this for boot after crash or power off. Some of these ports I can shut off other ways (and normally have), but I expect a firewall to protect me from forgetting those things. Dar Scott ------------------------------------------------------ You are currently subscribed to this ISAserver.org Discussion List as: tshinder@xxxxxxxxxxxxxxxxxx To unsubscribe send a blank email to $subst('Email.Unsub')