[lug] linux firewall, popup windows spam blocking

[Brian Stiff]

> > >What I'm wondering is if anyone knows what I can
> block on my linux
> > >firewall to block popups from other networks? Are
> these popups UDP or
> > >TCP? What port or ports are used? I already have
> 137:139 blocked, and
> > >some others. I even have zonealarm firewall on
> the windows machine
> > >itself, but it still allowed this popup. I'd like
> to totally remove this
> > >remote ability via the linux end, as nothing
> related to security on
> > >windows can be trusted.

Where is the pop-up spam showing up?  If it rears its
ugly head while you're surfing the web, it's just
plain old HTML, TCP 80.  The link to fire the pop-up
is embedded in whatever page you surf to, and the only
way you can disable that sort of nonsense is by
increasing the paranoia level of your browser or
install a pop-up killer.  

Most of the garbage that crawls in with the Windows
Messenger transport is just text-based stuff, a window
with the supposed sender's name and a few sentences. 
You probably won't see graphics or anything in
Messenger-based spam.

Someone asked if NetBEUI is its own protocol WRT
keeping it out of your network.  Any Windows
Networking traffic that comes in off the internet is
NBT, or NetBios over TCP/IP, the next step of
bastardization in a string of bastardizations to
continue extending NetBios to a realm it shouldn't be
in.  <preach> Windows Networking traffic should never
cross the boundaries of someone's network unless it's
inside an IPsec packet.  Everyone in the world should
deny MS Networking at their net borders. </preach>

-B

__________________________________
Do you Yahoo!?
SBC Yahoo! DSL - Now only $29.95 per month!
http://sbc.yahoo.com