Netjail is a user-space software tool that restricts network access for a program or process. It serves as a solution for blocking specific program’s access to the network.
This software is installed as a shared library, which is automatically loaded when the suspect program is launched using the LD_PRELOAD mechanism found in most Unix systems. Netjail's library intercepts socket() and connect() calls to the standard socket library and logs the connection attempts.
Environment variables allow for detailed rules to be established regarding which addresses are permitted to connect. Any connections that are denied will result in the ECONNREFUSED (Connection Refused) error. This error is most likely to be gracefully handled by hidden spyware functionality, making Netjail an effective tool for protecting against unwanted network access.
Version 1.0.0: N/A