DISQUS

Hello! dmiessler.com | grep understanding is using DISQUS, a powerful comment system, to manage its comments. Learn more.

Community Page

dmiessler.com/ Jump to website »

Subscribe
- New Comments
Community
Top Commenters
- Daniel Miessler
  1031 comments · 2 points
- CarlM
  514 comments · 2 points
- cooperati
  179 comments · 1 points
- arikb
  89 comments · 1 points
- brooksgarrett
  52 comments · 1 points
Popular Threads
- Considering Using danielmiessler.com Instead of dmiessler.com
  4 weeks ago · 8 comments
- Republicans: The Modern Dixiecrats?
  4 weeks ago · 8 comments
- Music | Mastodon: Crack the Skye
  4 weeks ago · 4 comments
- Outbound Number Translation Coming to Google Voice Soon
  3 weeks ago · 3 comments
- Wireless: WPA2 Enterprise Integration With Active Directory 2008
  4 weeks ago · 3 comments
Recent Comments
- I think this is a very helpful link. It fixes all the keyboard mapping problems. Even for VMware server 2.0 http://communities.vmware.com/message/1091425
  3 weeks ago by Mario R Mena
  
  in VMware Server 2.0 For Linux Doesn’t Have a “Send Ctrl-Alt-Del” Button
- Test.
  3 weeks ago by Daniel Miessler
  
  in Testing the New Domain
- "Yes, it helps people through altered perception of the world, but so do three glasses of wine." ___ Oh, so atheists do not drink alcohol because it is too much like religion?...
  3 weeks ago by SayBlade
  
  in Atheism Argued Successfully by Two Quotations
- burden is on those who make the assertion, not on those who deny
  3 weeks ago by Adam
  
  in Atheism Argued Successfully by Two Quotations
- • Theism is not a religion. Atheism is not a religion for the same reason. 'Theism' is an abstract noun which refers collectively to each organized religion which espouses the existence of...
  3 weeks ago by anti-supernaturalist
  
  in The Definition Of Atheism, And Why It Is *NOT* A Belief

dmiessler.com | grep understanding

dmiessler.com/about/

Jump to original thread »

Author

TTL Caging: How to Fight Malware Using Reduced TTL Values

Started by Daniel Miessler · 7 months ago

My buddy and co-worker Steve Crapo (pronounced CRAY-poe) recently told me about an idea he had a while back about how to keep malware on your network from talking to the Internet. The idea is so simple and beautiful I just had to share it.

As we all know, malware does bad things; ... Continue reading »

3 comments

kuza55
1 year ago

And the benefit of using this instead of a firewall is what? That anyone who wants to can circumvent it? That doesn't seem like a very useful idea to me...Especially since you're still relying on being able to identify bad traffic going through the proxy.

P.S. IDS' suck.

reply

Kenneth R Swain II
1 year ago

Would not a good egress rule be far more beneficial? I love the way he was thinking, but this would be very hard to maintain. Plus I do not even believe possible in environments that include WAN links such as MPLS or others. One argument that you could use would be that your work place will not let you use good egress rules. If that is they case it seems far fetched that they would let you do this as it would make trouble shooting more difficult.

reply

Daniel Miessler
1 year ago

Guys,

I agree that this would just be another layer if one was already doing the blocking at the firewall. That's a valid point. I just think it's an interesting and elegant way of approaching the problem.

reply

Add New Comment

Returning? Login