[lug] linux firewall, popup windows spam blocking

D. Stimits stimits at attbi.com
Thu Jun 26 21:29:42 MDT 2003

D. Stimits wrote:

> It seems that www.byebyeads.com is illegally violating Colorado spam
> laws (and probably newer national laws), and fraudulently claiming on
> their web page that their spam is legal. They seem to believe this
> because they are using the windows pop-up message service, rather than
> email. I know because they caused an application to crash by popping up
> such a message while an application was loading, and somehow managed to
> break the screenshot mechanism at the same time.
> What I'm wondering is if anyone knows what I can block on my linux
> firewall to block popups from other networks? Are these popups UDP or
> TCP? What port or ports are used? I already have 137:139 blocked, and
> some others. I even have zonealarm firewall on the windows machine
> itself, but it still allowed this popup. I'd like to totally remove this
> remote ability via the linux end, as nothing related to security on
> windows can be trusted.
> D. Stimits, stimits AT attbi DOT com
> _______________________________________________
> Web Page:  http://lug.boulder.co.us
> Mailing List: http://lists.lug.boulder.co.us/mailman/listinfo/lug
> Join us on IRC: lug.boulder.co.us port=6667 channel=#colug
An update on this. The culprit was not being caught previously because 
they are not using a well-known port under 1024. The offender is using 
port 1026 (UDP), and the sender is, which is hosted by 
Level 3 Communications in Broomfield.

So, consider Level 3 your enemy, block, and block UDP on 
port 1026.

D. Stimits, stimits AT attbi DOT com

More information about the LUG mailing list