à am not sure i am right but you are not in the good layer, you want snort or something similar to do that.
On Fri, Jan 25, 2013 at 3:03 PM, Todd <tcarpenter...@gmail.com> wrote: > hi, > > not sure this is the correct place to ask but i wanted to know if the > possibility of a new pf rule had been thought of? > > the concept i had in mind would be to filter packets bound for a port that > contained a she! or similar script header? > > my thought was trying to add a way to check or prevent scripts from been > sent out or run on particular ports? > > after reading about the new breed of malware (aimed at windows .dll, > acrobat and java) i was trying to come ip with a new security measure to > prevent ppl from executing java scrips into services or visa versa with any > type of script? > > im not sure if this is possible or what not but i believe there may be an > advantage to having the ability of dropping packets that contain scripts? > > or for that matter contain "xxxxx" information, words, hashes ect > > i noticed that the red october malware was set up to user programs with > specific md5 hashes, i thought it would be beneficial if it was possible to > check hash tags against a known list of faked/ malware programs. > > thanks > > Todd > > -- () ascii ribbon campaign - against html e-mail /\