Dev, Impressive as launchd is, I would like to suggest a feature request. Recently, I was looking into the possibilities of writing a LaunchDaemon that would essentially be a first line of defense against trojans, with minimal disruption and maximum effectiveness. In essence a launchd firewall. The idea was to monitor if a list of ports were opened and if they were, then to ideally close the port, or alternatively, down the network connection. Originally, I tried using the Sockets -> Listeners properties but that just created sockets which then forced a network down state. In this particular example, I would require launchd to be able to monitor whether a port or list of ports were opened and then to initiate a response. Keeping with current syntax, an extension to the Sockets property with 'Monitors' or something similar. I can appreciate that this request is diluting the original intention of launchd, but I've communicated with other users and it seems to be that others are finding uses for launchd beyond it's original purpose. Andrew.