Date: Tue, 12 Sep 2000 16:41:30 +0200 From: Maxime Henrion <mux@qualys.com> To: stable@freebsd.org Subject: Re: firewall rules for applications Message-ID: <39BE4099.A88429FC@qualys.com> References: <Pine.LNX.4.10.10009121722420.27569-100000@shark.harmonic.co.il>
next in thread | previous in thread | raw e-mail | index | archive | help
What about using MD5 keys to identify the binary ? I don't know of any firewall that can do that. Regards, Maxime Henrion Roman Shterenzon wrote: > Perhaps it's possible to some degree using a transparent proxy and simple > modifications to squid. (but then again, "UserAgent" could be fooled..) > > On Mon, 11 Sep 2000 mi@aldan.algebra.com wrote: > > > I wonder how feasible would it be to implement firewall rules > > that would take into consideration the program (on the local machine) > > sending/receiving the packets. I know, I can now base the rules on > > the user/group id, but I may want to go further. > > > > Identifying a program to the kernel may not be simple -- perhaps a > > regexp of the executable's name or an md5 of the /proc/file? Or the > > executable's (or script's) inode-filesystem? > > > > I just read a description of a Windows product, that attempts to fight > > software offered by sneaky vendors, that tries to contact the vendor > > over the Internet to send back user's data. The blocking software, > > supposedly, blocks applications from accessing certain sites. This is > > not an immediate problem for FreeBSD, but... > > > > Just a thought... > > > > -mi > > > > > > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-stable" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?39BE4099.A88429FC>