The greatest number of hits on my ZAP logs are from my ISP - IP Protocl 89 and 103 being the most recent. There seems to be an enormous number of different types of intrusions - ICMP, Finger, UDP, etcetera. Either that or I'm being probed by other users on my ISP's network. Is that likely? Why would my ISP try so many different ways to probe me? I've noticed similar things with CompuServe too, when I've used it as an ISP - mostly probes from CompuServe France. I'm sure this is all so-called 'background noise' but what's it trying to achieve?