Jump to content
  • entries
    338
  • comments
    905
  • views
    259,835

Home firewall idea


EricBall

626 views

One advantage of IPv4 NAT is it makes a pretty effective inbound firewall. Unless the communication starts from inside the firewall (or is explictly opened via configuration or UPnP) packets from the outside (Internet) are dropped. But it does nothing for outbound communications. So once something gets inside the firewall, it can open connections to the outside world or open ports via UPnP.

 

The idea I have is to make the outbound communication dependent on DNS. So connecting 74.50.103.224 tcp/80 would fail unless the computer had first done a DNS lookup for www.atariage.com. This would prevent malware from connecting to unlisted C+C servers by IP address and allow connections to be logged by destination name along with whitelisting & blacklisting destinations by hostname / domain.

 

Of course, as any programmer knows, there's a big gap between idea and implementation. The question is whether I want to sink the time & effort to figure out how to do it (likely using something like BIND & PF on OpenBSD).

0 Comments


Recommended Comments

There are no comments to display.

Guest
Add a comment...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Loading...
  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...