I had something weird happen last night. I have norton firewall and antivirus 2003, used 2002 before. Around 8:45 till 9:45, my firewall kept going off with a high risk inbound tcp. Now, not only did it go on for the whole time, it was non stop. Every 4 to 5 seconds, sometimes every second, i was getting inbound tcp at a high risk. Now, only one or two of the numbers are the same, the rest are all different numbers of the computers. Now when I called my isp, they told me that they could trace the calls but thats about all they could do as there were about 245 hits. They checked out a few and they were from allover the place. One, a highway state maintenance in Alabama? an aol subscriber, and another one from a hotmail in atlanta. Weird, anyway, they said that it might be one of my programs. wouldn't it be the same tcp number if it was? my firewall is set up to automatically allow updates to enter so it should not be that, also they can access whenever, but the above items are monitored before access. Any ideas? suggestions?