SELinux. LIDS. systrace (Linux, BSD, MacOS X). a few things on FreeBSD i
can't recall.
i dont know what exists for the average user on Windows at the application
level, but i do know that personal firewalls can help. untrusted programs
can't access the network, either as a server or as a client. i know a few
products exist for servers, typically restricted to server programs (ie
IIS).
so, some work is being done on that front, not enough yet. bear in mind
that, just like with comcast's behavior restriction system making the FD
news lately, power users of systems will complain and be annoyed when they
find their access suddenly fettered.
___
jose nazario, ph.d. [EMAIL PROTECTED]
http://monkey.org/~jose/
http://infosecdaily.net/
