When I run nmap on my enterprise box I get a list of ports (see below). Sunrpc I presume is used for an NFS mount I have to another box, ncd-pref is also related to caching of the mount (I'm guessing) ... but what is sometimes-rpc3 and do I need it open? Also ... why is X11 open like that twice when I run X on another box and use it with vnc etc without having to leave a port open specifically for X11 or X11:4. Starting nmap V. 3.00 ( www.insecure.org/nmap/ ) Interesting ports on pblade2 (127.0.0.1): (The 1593 ports scanned but not shown below are in state: closed) Port State Service 22/tcp open ssh 80/tcp open http 111/tcp open sunrpc 443/tcp open https 5977/tcp open ncd-pref-tcp 6000/tcp open X11 6004/tcp open X11:4 32770/tcp open sometimes-rpc3 I do appreciate your time and advice. Thanks.