hi, not sure this is the correct place to ask but i wanted to know if the possibility of a new pf rule had been thought of?
the concept i had in mind would be to filter packets bound for a port that contained a she! or similar script header? my thought was trying to add a way to check or prevent scripts from been sent out or run on particular ports? after reading about the new breed of malware (aimed at windows .dll, acrobat and java) i was trying to come ip with a new security measure to prevent ppl from executing java scrips into services or visa versa with any type of script? im not sure if this is possible or what not but i believe there may be an advantage to having the ability of dropping packets that contain scripts? or for that matter contain "xxxxx" information, words, hashes ect i noticed that the red october malware was set up to user programs with specific md5 hashes, i thought it would be beneficial if it was possible to check hash tags against a known list of faked/ malware programs. thanks Todd
