- Source Code:
Bukkit plugin to monitor and optionally block outgoing network requests
I have a issue with:
NetworkInterceptor installs a custom security manager into the Java runtime environment which logs (and optionally blocks/prevents) outgoing network connections.
- plugins which automatically update themselves
- plugins which constantly nag you to update to the latest version
- plugins which download and execute arbitrary code at runtime from unknown or untrustworthy sources
- plugins which report personal and identifiable information to metrics services without asking users or letting them opt-out
It lets server admins easily monitor the nature of connections made by plugins, and if they want to, prevent them from occurring.
Most things are configurable in the config.yml file (generated on first use)
The default configuration will log connection attempts to the console, but does not block anything.
You can either define a whitelist or a blacklist for (dis)allowed hosts.
Can it be bypassed?
A plugin with malicious intent could (most likely) find a way to bypass it, yes. I'd like to think that sort of thing wouldn't happen in this community - but you never know.
More detailed analysis
For more detailed analysis of network traffic, I recommend trying Wireshark.