Computer Science Department
Fire Fence: Network Monitoring Desktop Software
Fire Fence: Network Monitoring is software that runs on an Ubuntu Linux computer. It provides some of
the services of a regular firewall, such as port monitoring and connection monitoring. More specifically,
it periodically checks to make sure that the user is not connected to any IP addresses that are known to
be malicious, according to a blacklist. If it detects any IPs that match those on the blacklist, it
automatically warns the user about the connection and then proceeds to block any attempts to connect
to that address.
The software also scans the computer’s ports and looks for any processes that are attempting to use
unsafe network protocols (such as telnet or IRC). If it detects any such protocols, it finds the associated
process and terminates it. Fire Fence also periodically scans the internet traffic and looks for any self-
signed SSL certificates (which can potentially be a sign of malware) and warns the user about which
processes are using them. Finally, the software also comes equipped with a malware-tester program
which aims to mimic some of the “bad” behavior of malware (such as connecting to blacklisted IP
addresses and attempting to access botnets through telnet) so that the user can make sure the software
is functioning properly.