Hello Firewall Experts, I was wondering if you could answer a few questions. I am running Winxp and the software involved in my questions are 1. ZA pro with internet zone and trusted zone both set to high. 2. visual zone 3. Simple portscanner(from Blackcode) 4. TDS-3 licensed Okay, I ran the port scanner with target host the machine address 127.0.0.1. The scan showed that ports 135,,389, 1002, 1025, 1720, and 3001-3004 were open. The port scanner had 1025 highlighted as a trojan port and TDS seems to agree, although I"m not sure what "RAT" means. I'm assuming then that this is a vulnerablility. Question 1: Should I block 1025? If so, how do I do this? I've done some of the online scans(gibson, pcflank, etc). They alll say that all common ports are "stealth." 2. Question 2: Why the discrepancy between the online scans and the results of my scan? 3. Should I block the other open ports? If so, how do I do this? Visual zone shows that my isp scans 135 or 445 about every 5-10 minutes. If I block 135, will that create a problem with my internet service?. (Apologies if some of these are dumb questions, as I'm still learning).