[lug] linux firewall, popup windows spam blocking

Mr Viggy LittleViggy at alum.manhattan.edu
Sun Jun 22 15:45:26 MDT 2003 

NetBEUI is, in fact, it's own protocol.  You don't need TCP/IP installed 
at all, to use NetBEUI.  However, NetBEUI is not routable.

NBT, or "NetBIOS on TCP/IP" is prolly what your thinking of.  This is 
basically Microsoft's "answer" to allow NetBEUI to be routable. 
Unfortunately, I don't know if you can filter it.

Viggy

D. Stimits wrote:
> Bear Giles wrote:
> 
>> On a related note, how do you send Window Messager messages?
> 
> 
> There are apparently multiple routes in to do this. The UPS here uses 
> it, but apparently broadcast of NetBEUI or UDP, or else direct port 135, 
> 137, or 139 can do this as well. Can anyone tell me if NetBEUI is truly 
> its own protocol, that ipchains would distinguish differently from tcp 
> and udp?
> 
>>
>> Not to spam... but I think it could be a Good Thing for many of us to
>> add Window Messager acks to our services.  We shouldn't just quietly
>> block suspicious activities, we should honor these people for there
>> initiative!
> 
> 
> This would be ideal.
> 
>>
>> This won't stop "pro" attackers, of course.  But it's fun to imagine
>> some 14-year-old wannabe running his illicit program, then making a mess
>> as the screen is flooded with "I see you" messages.
> 
> 
> I've been told that the companies that sell spam lists are now selling 
> spam software to use popups to directly trespass on machines. In this 
> case, www.byebyeads.com is essentially doing a criminal trespass to 
> directly invade the user's machine, and paste a note that says if y ou 
> pay them their software fee (extortion money), that they will stop 
> attacking the machine. I call it an attack because it has caused machine 
> lockup and failure multiple times in the last day or two. I call it 
> criminal because they are invading a private home, not a public web 
> server, causing damage, and then asking for money to stop. I notified 
> them to stop, yet they persist, which means they were warned (and they 
> know it is trespassing, they just think there is nothing I can do about 
> it). Unlike a typical open port, I told them to stop, and their attacks 
> picked up.
> 
>>
>> Besides the annoyance factor, this could even address those attackers
>> attempting to turn wiretap laws against their victims when the attempt
>> to take action - the message could contain some legal-sounding noise
>> about all communications being logged and shared with third parties,
>> including law enforcement, etc. Naturally at this point it would be a
>> good idea to log that the message was actually sent, and if it was
>> received (vs. blocked) if possible.
> 
> 
> Actually, I sent a letter to one of our Colorado senators a while back, 
> and he apparently has worked on legislation related to spam 
> (pro-kill-the-spam) before I even talked to him. I think I am going to 
> name these people and their tactics directly to him, and ask that it 
> become an official criminal trespass to invade a port on a machine after 
> being specifically requested to stop doing so. Someone else pasted a URL 
> of an interesting article earlier, which mentioned that they are now 
> looking to turn some spam related offenses into $25,000/day fines and 
> prison sentences (exceeding a year). In any case, I don't consider 
> lobotomizing the computer to be a valid cure, prisons sound better.
> 
> D. Stimits, stimits AT attbi DOT com
> 
>>
>> _______________________________________________
>> Web Page:  http://lug.boulder.co.us
>> Mailing List: http://lists.lug.boulder.co.us/mailman/listinfo/lug
>> Join us on IRC: lug.boulder.co.us port=6667 channel=#colug
>>
> 
> 
> _______________________________________________
> Web Page:  http://lug.boulder.co.us
> Mailing List: http://lists.lug.boulder.co.us/mailman/listinfo/lug
> Join us on IRC: lug.boulder.co.us port=6667 channel=#colug
> 
> .
>

More information about the LUG mailing list