Often Malware can be downloaded from websites as an accident (hidden iframe content on compromised websites) or may need to communicate to an update server or control server across the Internet. This can be cut off with the use of the DNS and your local cache & recursive resolver.
Someone asked how to set this up quickly and easily… the idea being:
1) you have a host somewhere on the interwebs that’s accessible via SSH and runs a squid/proxy for you
2) you have a macintosh
3) you don’t normally do unix-y things
4) you’d like a command-line quick and easy setup to allow you to proxy your traffic (web/chat) through your ssh host and sqiud
Hardy Heron installs just nicely, but it’s got some issues when it comes to moderate traffic loads and NAT state maintenance…