I'm using a linux bridge with ipchains (will be setting up some shaping
in the near future), and looking for any current doc on specifics of
ipchains filtering on a bridge (e.g., input and output chains become a
bit of a paradox). At the moment, I'm looking for ways to defeat
Microsoft popup spammers from www.byebyeads.com (they want the end user
to pay them an extortion fee to stop sending popups that crash some
windows apps). I already had ports 137 through 139 blocked to all
tcp/udp, and recently added 135, but there also seem to be some
broadcast methods of getting in, plus NetBEUI or variants, which will
require more interesting ipchains rules. Thus, I'm especially interested
in getting more info on how (using a linux bridge) I can stop various
forms of broadcast attacks (which I am very unclear on the nature of).
D. Stimits, stimits AT attbi DOT com
