1. STP protocol has no security, so malcontents can fuck with the
	  bridge's topology.  The fixes are to ship with STP turned off
	  to protect the ignorant, and run STP packets through ebtables
	  netfilter for the smart.  

	  Got this one via a russian hacker "Oleg K. Artemjev" <olli@rbauto.ru>
	  before he published the paper.
	  Bridge netfilter still needs work to give a nice face on this
	  but this patch gives the hooks to filter.

	2. STP input processing was lax in it's length checking so I bet
	  you could make up a bomb packet.

	  My inspection while doing #1.

	3. Forwarding table could be abused by sending forged packets with
	   bogus source address same as the local host.  This came via
	   Lennart from Jerry Kreuscher <jerrykr@mindspring.com> who ran into
	   it by mistake.