Hi; I need some help understanding how network or TCP ports work. I am particularly confused by the concept that something is "listening" on certain ports. I hope there isn't a little guy in my computer with big ears, because he is probably dead by now. I haven't been feeding him. Here is what I think I understand from various manuals. If someone wants to send me an email, their 'sendmail' calls on various functions?? from a library?? that adds an IP and a TCP header that contains my machines (and rogers.com) address and other info to a datagram(s) . In particular, on the TCP segment header bits 17 to 32 contain the receivers (my) port number for smtp mail i.e. 25 - the standard smtp port number. The senders email is sent out; bounces around the internet for a bit and ends up at rogers.com (my IP provider). Next, after I check rogers.com using my emailer, Evolution, and see that there is an email for me, I use Evolution (which uses fetchmail) to download my mail (or at least its headers - I have a pop account). Now here is where it gets confusing. The message arrives through my cable modem as a series of 1 or 0 electrical pulses. (Or, for a cable modem, does it still arrive as analogue sound pulses that are translated by the modem into electric (voltage) pulses?) The instant the message arrives it has to be stored somewhere temporarily and a signal or interrupt has to be sent to the CPU to tell the CPU to process a message. Where is it stored? Who or what sends the signal or interrupt? Does it use a stack or what?. I am assuming all of the above happens before the message can even be allocated to a port number. The CPU has to then call a library function that processes the TCP segment header looking for the port number. -- ??? When it finds the port number -- 25 in our example -- it has to check against a table? of some kind for the memory address for port 25. -- ??? Is the memory address dynamic or static; i.e. is a permanent memory address set aside when the port is originally opened or is it set as needed? In either case would not the CPU have to call a special routine to set port numbers to memory addresses and save that somewhere? Another routine, as I understand it, would have to move the message from its temporary location to the port memory address. -- ??. Before or after it goes into memory the TCP/IP segment headers have to somehow be removed. --?? Also, somehow another routine has to send another signal or interrupt to tell the CPU to call the MTA ?? to begin processing the mail. As you can see from all the question marks, none of the manuals that I can find are clear on what exactly is happening, but just use the anthropomorphic metaphor of "listening". I have been busy for the last week working my way through security issues on Fedora Core 4. Up to this point I have been able to develop a satisfactory working knowledge of inodes, ACL, su, sudo and PAM. My next personal project (or sub-project) is coming to understand iptables and SElinux. I don't think that can properly been done without first understanding TCP ports. Any and all advice gratefully received. Regards Bill