Most ISPs don't provide users with a heavy-duty client that replaces or patches lots of the operating system's functions, though may will offer friendly customized browsers for users who want them, and a few misguided carriers will provide drivers for PPPoE or other evil excuses for protocols (:-) Generally, ISPs tell you the network settings to use on Windows, and tell you or let you guess for other popular operating systems, and they may give you a friendly dialer program that knows how to find their nearest POP but doesn't mess around much. Making major changes to a user's OS violates the principle of Least Astonishment (which is usually a policy problem, not an operational one, though you could argue that having a random network protocol not work quite right on Windows is less astonishing to most users than a flood of popups), but it also often fails to work successfully on security-compromised machines, which is an operational issue. So it won't stop viruses or trojans or spammerbots or crackers or spyware or worms or bad ActiveX or Javascripts. On the other hand, it could reduce some risks on machines that aren't cracked, and could reduce the spam level they receive, and can protect most of the users who aren't doing anything fancy, so as long as it's part of some friendly user interface menu and can be turned on and off it's ok. The alternative place to provide this kind of protection is in the network edge, which is probably the dial POP for most AOL users. If you implement it in a way that can be turned on or off per user, that's usually much cleaner, usually more scalable, and can work even when user machines are compromised. Bill Stewart, bill.stewart@pobox.com