my original question had to do with remote administration utilities. now i'm wondering what tools there are available that would facilitate detecting unwanted traffic when using backdoor programs. for example, i know my ip address is a.a.a.a and i know the computer i am "admin'ing" is b.b.b.b, how can i find out if another computer is attempting to connect to the server (me) or the client. i know 'netstat -n n' (n stands for seconds between reports) will show current connections, but is there software that will automatically detect such connections, as opposed to having to keep an eye on the output generated by netstat? hopefully i've made myself clear. thanks, chris.