Hi, Dean. ] Assuming the router is compromised, so is the MD5 key. And presumably, ] the acls and anything else can be changed as well. Agreed. My point was to take a few steps to avoid the compromise. :) It isn't difficult to make things just a *bit* more difficult, and thus avoid the pain caused by the average scan and sploit crowd. Pick good passwords, limit access, keep routing tables clean, etc. Thanks, Rob. -- Rob Thomas http://www.cymru.com ASSERT(coffee != empty);