Thanks Tiger Shark, that's kind of what I was figuring. I haven't seen anything on the lists I'm on about this type of activity so it may still be fairly low level at this point, who knows. I'm fairly confident that our servers are not releasing information they shouldn't be just because those methods are not in my obj.conf file in the first place, add to that the fact that we aren't running any MS stuff in our DMZs or on the borders then I think we are fairly safe. If you do happen to find anything regarding this type of activity, or if you see another ramp up in activity let me know... I think I'm going to start tracking this and digging some more just because it has me interested now

Wow groovicius! Great information there. I knew a bit about XSS before but I learned quite a bit there, and I too believe that XSS and XST are flipsides to the same coin. I'll go check out that book at lunch today if I have the chance, it's always good to find new material like that. Thanks a lot.