On Mon, 08 May 2006 23:36:26 -0700, Victor Odhner wrote:
> Is there anything available in the Linux world that
> resembles ZoneAlarm's per-application outbound
> firewall? Does iptables know what application is
> sourcing an outbound connection? Is it technically
> feasible to insert that kind of hook?
I doubt it. It's pretty much a waste of time.
You can have netfilter (iptables) log info about packets. Say anything
with a SYN set. Then have another program following that log.
I used to monitor worm activity outside my firewall, but the last two
ISPs have been blocking these ports so there's been no activity for
years. The only activity I still see is bittorent packets.
-Paul
---------------------------------------------------
PLUG-discuss mailing list -
PLUG-discuss@lists.plug.phoenix.az.us
To subscribe, unsubscribe, or to change you mail settings:
http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss
(text/plain)
