Skip to content

Egress Validation (NET-EGRESS)

Validate that the secure sandbox enforces a default-deny posture for network egress and prevents proxy bypass attempts.

Objectives

  • Enforce egressDefaultAction: "deny".
  • Require proxy routing for all outbound traffic.
  • Ensure fail-closed behavior during proxy outages.
  • Prevent applications from bypassing proxy settings.
  • Maintain IPv4 and IPv6 parity for egress controls.

Controls Under Test

  • runtime.networking.egressDefaultAction
  • Proxy enforcement and pinning
  • Network namespace firewall

Test Scenarios

IDThreat / ScenarioUniversal ProcedureExpected Outcome & Audit
NET-EGRESS-01Direct IP AccessAdversary attempts to bypass DNS filters.
Initiate an HTTP request to a specific public IP (e.g., 1.1.1.1) using a timeout flag (e.g., curl -v --connect-timeout 5 <IP>).
Pass: Connection timeout or refused. No HTTP 200/301.
Audit: action: deny, protocol: tcp
NET-EGRESS-02Unauthorized Proxy UsageAdversary attempts to use a non-designated proxy.
Configure a user-defined proxy (e.g., export https_proxy=attacker.com:8080) and attempt a connection.
Pass: Connection failed; traffic must traverse the designated gateway.
Audit: action: deny, reason: unauthorizedProxy
NET-EGRESS-03Direct UDP EgressExfiltration via non-TCP protocols.
Attempt to send UDP packets to an external destination (e.g., nc -u <IP> 53 or 123).
Pass: Packets dropped.
Audit: action: deny, protocol: udp
NET-EGRESS-04ICMP EgressNetwork mapping or tunneling via ICMP.
Attempt to ping an external host (e.g., ping 8.8.8.8).
Pass: Request timed out / Destination unreachable.
Audit: action: deny, protocol: icmp
NET-EGRESS-05Environment Proxy Variables / Client FlagsAttempt to bypass designated proxies using http_proxy/https_proxy/all_proxy or client --proxy flags to an unauthorized endpoint.
Example: export HTTPS_PROXY=http://attacker:8080 && curl -v https://example.com.
Pass: Denied; only designated proxies are accepted.
Audit: category: network, action: deny, reason: unauthorizedProxy, proxyEnforced: true
NET-EGRESS-06NO_PROXY / --noproxy BypassDisable proxy routing via environment or client flags.
Example: export NO_PROXY=* && curl -v https://example.com or curl --noproxy "*" https://example.com.
Pass: Denied; proxy bypass refused.
Audit: action: deny, reason: proxyBypassAttempt, proxyEnforced: true
NET-EGRESS-07Proxy BypassProxy bypass via noproxy or tunnels.
Attempt connection bypassing proxy settings (e.g., curl --noproxy "*") or using HTTP CONNECT to arbitrary ports.
Pass: Connection failed; cannot bypass enforced proxy.
Audit: reason: proxyBypassAttempt.
NET-EGRESS-08PAC/WPAD HijackPresent a malicious PAC file or enable WPAD to route via a non-designated proxy; attempt outbound HTTPS.Pass: Denied/ignored; only designated proxies are accepted.
Audit: action: deny, reason: pacNotTrusted or wpadBlocked, proxyEnforced: true
NET-EGRESS-09Proxy Fail-ClosedSimulate designated proxy outage (stop service or blackhole IP) and attempt outbound HTTPS.Pass: Connection denied; no direct fallback.
Audit: action: deny, reason: proxyUnavailable, proxyEnforced: true
NET-EGRESS-10Designated Proxy Identity/PinningIntercept proxy TLS or present a non-pinned CA/cert to the client; attempt CONNECT/HTTPS.Pass: TLS handshake fails; no fallback to direct.
Audit: action: deny, reason: certMismatch or pinningFailed, proxyEnforced: true
NET-EGRESS-11IPv6 Direct EgressAttempt IPv6 literal or AAAA target to bypass IPv4 rules.
Example: curl -6 -v https://[2606:4700:4700::1111]/.
Pass: Denied; parity with IPv4 posture.
Audit: action: deny, protocol: tcp, ipVersion: 6
NET-EGRESS-12CONNECT Tunneling to Non-ProxyUse HTTP CONNECT to an endpoint that is not an approved proxy.
Example: curl -v -x https://nonproxy.example:443 https://target.example.
Pass: Denied; only designated proxies are valid CONNECT targets.
Audit: action: deny, reason: destNotProxy, proxyEnforced: true
NET-EGRESS-13Runtime Proxy IgnoranceDirect socket connection bypassing proxy settings.
Execute a binary/script that ignores system proxy env vars and opens a direct TCP socket.
Pass: Blocked by firewall/namespace.
Audit: action: deny, protocol: tcp

Evidence Requirements

  • Audit category: network
  • Golden fields: category, action, rule.id, integrity.hash
  • Required fields for these tests: protocol, destination, reason, proxyEnforced
  • Conditional fields (when applicable): alpn, sni, ipVersion, proxyRef