Thanks for the response. Sorry I should of been less vague. Paqet works on raw sockets with KCP. Though it's intended for good. What's to assume bad actors aren't also using this method to get around solutions like littlesnitch?

A recent example, but not the only is a Iran a botnet, using this to get around detection.

https://cybersecuritynews.com/iran-linked-botnet-exposed-aft...