I wonder if this question should go on a programming forum but I'm giving this a shot here first. Over the past couple of days as I have been going through as much posts as I can on this forum since they seem informative and some here seem to really know their stuff. Besides learn of a whole bunch of methods and software I happen to run across this concept of port knocking. http://en.wikipedia.org/wiki/Port_knocking Apparently net administrators & some malware use this access method. It just made me wonder of the following: 1.a. when a tcp packet is sent, does it arrive with date & time sent data from origin? 1.b. is a knock similar to a ping? how? 1.c. in consideration of the port "knocked" on... is a port "knockable" even if its "stealthed"? 1.d. when a port is stealth or closed,, is the data in the tcp packet rejected or can the port be publicly perceived to be stealth or closed and at the same time be aware of any string data that can be sent with this tcp knock. 2. does anyone know if any of the firewalls discussed in this forum have some type of port knocking functionality built in? 3. cryptographic hashes in the port knocking sequence sounds very interesting.... has anyone ever ran across a harware or software solution that handles this? got a link? 4. can anyone recommend software for testing server, firewall, HW or software load capacity on your own? I used to know of a site site that would perform some great benchmarks of different hardware and server software configurations... but... it would always reflect an enterprise environment of sorts... I just thought it would be great to be able to atleast know how to test load capacity/user experience in-house for anything as simple as a blog, webpage or even dynamic site or db on my own cheap hardware... to fiddle around... In simple terms, did you ever flood your own network to find out how much it can take and how did you do it? Thank you for your time, attention and valuable info.