Hi, Mike. Thanks for taking the time to review the template! ] An attacker can easily convince a client with access to the trusted view to ] perform queries on its behalf, in countless ways. He can send the trusted I never claimed that this template would provide 100% security. This is the Internet; it shall never be 100% secure. The goal of the template is to mitigate or block the more obvious attack vectors, and provide an increased degree of security. While it is certainly possible to install trojans such as Sub7 (more popular than BO) or BO on a host, that is an issue for a different template and/or policy to address. :) ] So I am not quite sure what the trusted view protects against. Anyone can It protects against the script kiddies, which are the bulk of the miscreants we face. I spend a LOT of time lurking in the underground, and most of them (most, NOT all) try only the easy or scripted hacks, then move on to easier targets if the hacks fail. Two men are camping in the woods. Suddenly, in the dead of night, a bear rips through their tent. The first fellow takes off running. The second fellow runs for a bit, then stops to put on his running shoes. The first fellow says: "What are you doing?! You can't outrun the bear!" To which the second fellow replies: "I don't have to outrun the bear; I just have to outrun YOU." :) This joke, told to me by Detective Bittenbinder of the CPD, still holds true in many instances of probes, particularly when some miscreant is attempting to build a botnet or DoSnet. It doesn't at all hold true if the miscreant has targeted the site, of course. ] still get a malicious recursive query to the internal view if they really ] want to. But why would a determined attacker do this? If they have sufficient clue, they will simply "0wn" the system through the most recent [SSH|WU-FTP|etc.] hack. I have yet to see the site that can withstand the attention of a determined and clueful attacker. Thanks, Rob. -- Rob Thomas http://www.cymru.com/~robt ASSERT(coffee != empty);