diff --git a/bandit.ini b/bandit.ini
index 102508e8..a356e544 100644
--- a/bandit.ini
+++ b/bandit.ini
@@ -11,3 +11,6 @@ call_subprocess_popen = test_calls
 call_no_cert_validation = test_calls
 call_bad_permissions = test_calls
 call_wildcard_injection = test_calls
+
+[Str]
+str_hardcoded_bind_all_interfaces = test_strs
diff --git a/examples/binding.py b/examples/binding.py
new file mode 100644
index 00000000..fee24870
--- /dev/null
+++ b/examples/binding.py
@@ -0,0 +1,5 @@
+import socket
+
+s = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
+s.bind(('0.0.0.0', 31137))
+s.bind(('192.168.0.1', 8080))
diff --git a/plugins/test_strs.py b/plugins/test_strs.py
new file mode 100644
index 00000000..56d4b58d
--- /dev/null
+++ b/plugins/test_strs.py
@@ -0,0 +1,31 @@
+# -*- coding:utf-8 -*-
+#
+# Copyright 2014 Hewlett-Packard Development Company, L.P.
+#
+#    Licensed under the Apache License, Version 2.0 (the "License"); you may
+#    not use this file except in compliance with the License. You may obtain
+#    a copy of the License at
+#
+#         http://www.apache.org/licenses/LICENSE-2.0
+#
+#    Unless required by applicable law or agreed to in writing, software
+#    distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+#    WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+#    License for the specific language governing permissions and limitations
+#    under the License.
+
+"""Defines a set of tests targeting Str nodes in the AST."""
+
+import bandit
+from bandit import utils
+import ast
+import _ast
+import re
+
+
+# Str nodes are pretty simple - likely only basic string-matching tests
+# will be defined here
+
+def str_hardcoded_bind_all_interfaces(context):
+    if context['str'] == '0.0.0.0':
+        return(bandit.WARN, 'Possible binding to all interfaces')