>>>It is an email and web server. >>> >>> >>> Does it happen to be running PHPNuke or anything similar to that? PHPNuke and other web content portals can have holes in them that allow users to view your /etc/passwd file or basically any file on your filesystem that your apache user can view. _______________________________________________ TCLUG Mailing List - Minneapolis/St. Paul, Minnesota http://www.mn-linux.org tclug-list at mn-linux.org https://mailman.real-time.com/mailman/listinfo/tclug-list