Unfortunately, I'm not sure the problems is in tcp-wrappers, but that's as close as I can get. Above URL describes what happened. http://gtoft.dynip.com/worm/worm.tar is the worm after it infected my system. I think it is important to note that SuSE Linux 5.3 was unaffected by this worm. ------- Email Received From George Toft <LinuxAdvocate> 05/25/99 11:29 -------