Security systems have traditionally been utilized for detecting predetermined (e.g. unwanted, etc.) data. For example, security systems are oftentimes in communication with a network for identifying and reacting to predetermined network traffic. However, techniques utilized by such traditional security systems for reacting to predetermined network traffic have generally exhibited various limitations.
Just by way of example, security systems have typically blocked outbound simple mail transfer protocol (SMTP) traffic on port 25 at a firewall in order to prevent computers on a local area network from sending unauthorized network traffic [e.g. unsolicited electronic mail (email) messages, etc.]. Such blocking technique has sometimes been used to mitigate the exposure of a compromised computer from sending unauthorized network traffic without the knowledge of a user of the compromised computer. However, by generally blocking the outbound SMTP traffic at the firewall, valuable data relating to the unauthorized network traffic, such as sources of such unauthorized network traffic has conventionally been less capable of being identified, analyzed, etc.
There is thus a need for addressing these and/or other issues associated with the prior art.