Hi all, Is it possible, using iptables, to write a rule that match a paquet depending on the program (or pid) which emitted it or is supposed to receive it ?
For example, i can block all traffic from my box to the outside world except that which is in destination of port 80, allowing HTTP traffic. But a trojan could still communicate with the outside if it communicates with the port 80 of another box. Is it possible to limit a bit more the traffic to the only paquet which are emitted from a web browser (say mozilla) and to dest-port 80 ? Would it be a good way to protect a box ? Thanks for all of your ideas. -- Marc Demlenne GPG : 768FA483 (www.keyserver.be)
