All, All is still not well with Apple.com even after Apple finnaly patched the original DNS problem. It seems that industry leaders are again showing their lack of knowledge in IT related issues that effect the security of their clients and who knows how many other unsuspecting users. Shame on Apple! Has the ISC or the SSAC gotten in touch with Apple and expressed that they need to do better? Well I don't know, but it sure doesn't seem so. See: Glenn Fleishman sends word that SANS Institute testing indicates that, even after installing http://it.slashdot.org/article.pl?sid=08/08/01/1215209&tid=172 Apple's latest patch for the DNS vulnerability, http://db.tidbits.com/article/9721 Leopard desktops (not servers) are still vulnerable or at least perpetuate risky behavior that makes exploitation easier. This matters because "With servers rapidly being patched worldwide, it's likely that the low-hanging fruit disappears, and vectors [will be] designed to attack massive numbers of clients on ISP networks." Regards, Spokesman for INEGroup LLA. - (Over 281k members/stakeholders strong!) "Obedience of the law is the greatest freedom" - Abraham Lincoln "Credit should go with the performance of duty and not with what is very often the accident of glory" - Theodore Roosevelt "If the probability be called P; the injury, L; and the burden, B; liability depends upon whether B is less than L multiplied by P: i.e., whether B is less than PL." United States v. Carroll Towing (159 F.2d 169 [2d Cir. 1947] =============================================================== Updated 1/26/04 CSO/DIR. Internet Network Eng. SR. Eng. Network data security IDNS. div. of Information Network Eng. INEG. INC. ABA member in good standing member ID 01257402 E-Mail jwkckid1@ix.netcom.com My Phone: 214-244-4827