Whats the net-filter status as far as stream.c goes (bugtraq recently), are the 2.3* kernels vunerable? is net-filter capable of blocking the attack? (I thought baout it for a bit, but couldn't reach a good conclusion) Richard.