Hi, I did read that, if a router firewall is on PC flank test that & bit the software FW. 1. Will the software FW pick up (block) what the hardware FW misses? 2. I use KAV 2012 internet security, should I just disable the SPI in the router, and just use KAV? 3. Are we still testing the router with the downloat leak tester? Rico Note with SPI on & FTP server disabled, I get from Shields up ports 20, & 21 closed. Turning the routers SPI off, FTP still disabled, now just KAV FW on, ShieldsUP still says ports 20, 21 closed With SPI ON Pc flank reported ports 21, 135, 137, 138, 139 visible With SPI off pc flank gave: Then I went to GRC ShieldsUp re-run ports & 20 & 21 are still just closed. Why the difference btwn GRC & PC Flanf, who do I trust?