In what way are they 'seeing' your server? Are unauthorized people = attempting to log on? >>> Adam_Baum@xxxxxxxxxxxxx 08/21/02 02:56PM >>> HI Folks, On a W2K SP2, XPe FR2 system. I've disabled all the "respond to ICA broadcasts" and I've unchecked all the the "Create browser listener on ...". I'm still getting invalid logons. These don't look targeted. More like something is broadcasting/responding. My MF 1.8 server doesn't do this and I can't determine what is different between them. I should mention that these servers are used for remote access so they are Internet connected. Other than the farm checkbox of repsonding to RAS broadcasts (won't let me disable it), everything appears to be setup correctly. Given that my servers are 1 ip address away from each other, I can't see how one is getting hit (on purpose) and not the other. I've also made sure the router is configured the same for both ports. Any ideas? adam =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D This weeks Sponsor: ThinPrint - High resolution, DRIVER FREE PRINTING with no loss of quality in color. - Removes print spooling and rendering tasks from your terminal server. http://www.thinprint.com=20 =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D For Archives, to Unsubscribe, Subscribe or=20 set Digest or Vacation mode use the below link. http://thethin.net/citrixlist.cfm =================================== This weeks Sponsor: ThinPrint - High resolution, DRIVER FREE PRINTING with no loss of quality in color. - Removes print spooling and rendering tasks from your terminal server. http://www.thinprint.com =================================== For Archives, to Unsubscribe, Subscribe or set Digest or Vacation mode use the below link. http://thethin.net/citrixlist.cfm