2 Replies Latest reply on Feb 9, 2010 3:12 AM by xxxViriiHunter666

    Product Feature Suggestions

      Hi big M ,

       

      I like the HIPS system, I like to be able to vet TCP/IP sessions to prevent apps from dialling out.

       

      One feature I have noticed on a few software firewalls is a "resolve" button near the destination IP address listing.

      This would do a reverse lookup on an IP address and possibly a whois to determine who and (where?) exactly this remote host is.

       

      This is a quick way to determine where some svchost.exe or NTOSKRNL.exe binary is talking to:

       

      error-reporting.Microsoft.com (updates, etc OK)

      dynamic3jds3dsllgr.BulletProof-MALwareHost.cn (DANGER WILL ROBINSON )

       

      Might be a useful feature to introduce? Maybe could be disabled by policy for corp lans without external DNS, etc

       

      Thanks,

      xxxViriiHunter666