<quote who="Howard Lowndes"> > I have been doing some reading on Linux ethernet bridging - brctl and > ebtables - and I can see how it could be used covertly on a network. > > What I would be interested to know is any examples where it has legitimate > use on a fully owned and managed network that could not be achieved by > other means.
I've built "mail firewall" devices that operate without an IP address. You'd just drop it in between the mail server and the switch, and it'd (mostly) self-configure. It short-circuited web and mail traffic to really nicely lock down access to an Exchange server behind it (most of the features were designed to protect Exchange, but it would work with any SMTP server). - Jeff -- linux.conf.au 2006: Dunedin, New Zealand http://linux.conf.au/ "Whatcha wanna be when you grow up?" "Eight and a half." -- SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/ Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html
