FWIW, we've seen several failed exploits from APNIC addresses in the last two months. I generally ping flood them for a couple of minutes to encourage them to go away. The ping flood responses usually show modem level connectivity although one appeared to have T1 bandwidth. The FBI has never shown the slightest interest when we've told them of compromised systems in the US or told them where rootkits are being stored on public FTP servers in the US. What are they going to do when the crackers are working via systems in Korea or Japan? ---------------------------------------------------------- Mike Bird Tel: 209-742-5000 FAX: 209-966-3117 President POP: 209-742-5156 PGR: 209-742-9979 Iron Mtn Systems http://member.yosemite.net/