I am not sure if I should open a new thread or not but anyway, I was digging into code and had that terrible doubt. Probably has to do with WinAPI (or whatever your choice).

This other topic here made my mind give focus again to weird stuff like connections, socks, the internet and crap. Then I came with that brilliant idea of blocking some ports to some applications. So here is the concept:

I see some anti-malware software that does that, I mean, blocking connections to some ports because those are common gateways to known threats. What I am thinking of is scanning a port for lets say "who is trying to connect" (a.k.a application) and if its not in a list of trusted applications then just delete the connection.

Forgive my ignorance in the topic please. Good idea? Have your own methods? Are there any readings on it? Your input is valuable as always.
Posted on 2007-01-20 18:52:03 by codename
Some anti-virus applications (avast comes to mind) do this or something similar. This is also one method that you would use in a firewall.

The main point being, that there is no single method that works for all situations, you have to incorporate as many tools/methods, and maybe even in a redundant fashion, to ensure an acceptable level of protection.

You can take this idea and make it your initial method of protection in some sort of "Internet Protection Suite"... find a software publisher... sit back... make money off of paranoid consumers :P

Seriously though, take whatever method you can, learn how to implement it. As you are trying to implement it, you will find more questions and solutions due to practical application.
Posted on 2007-01-20 20:53:14 by SpooK