You have all probably already seen this elsewhere, and you've all got your servers behind impregnable firewalls anyway, but our internal CERT has sent round details of a Linux worm. Details at: http://www.symantec.com/avcenter/venc/data/linux.plupii.c.html Cheers Duncan