I think a basic point is being overlooked here.. B of A.. A company that handles untold amounts of cash on a daily basis. Sure, there are valid needs for people to reach both the internet and the corporate secure net from inside the company. Might be very hard to get things done, such as doenloading and installing MS SQL patches otherwise. But since databases in use supposedly contain highly critical data, how did their servers get infected in the first place? How did traffic get through to what ought to be designated a secure port on a secure server? You would also expect that the MOST critical servers would also be issolated within the secure net as well, that is, network segmentation. (Just 'cause they're in the same company doesn't mean the secretary in Ohio needs to access the servers in San Diego.) I think that it demonstrates shortcomings in the company's overall network security policy. Things CAN be easily overlooked and this may well be a case of something that just didn't get thought about (it happens) but it deffinitely bears review by those involved, I should think. I mean, FDIC aside, if your money and account numbers, SS info, etc, etc are in that database, wouldn't you want them to make a few revisions? And the scary thought for the night: How about the other banks? Credit card companies? The credit agencies themselves? What vulnerabilities exist in those agencies? (Please note, it is not my intent to criticize the company or the security folk. My hat goes off to any good security admin. These folks generally do a good job of making sure that us losers can conduct our menial business with a reasonable surety that there is no one listening in.) --- Wayne Bouchard web@typo.org Network Dude http://www.typo.org/~web/resume.html