10-24-2011, 07:04 AM

I have a mac book pro that I bought a few months ago. I could not find sufficient info about little snitch.Will the product slow my computer down? how will I know if someone is trying for an outgoing connection.I have a master and a user password and macs firewall on.

10-24-2011, 08:06 AM

I read somewhere that applications with root privileges can run around little snitch.Is that true?

10-24-2011, 09:21 AM

Little snitch watches all outbound traffic and if a new application/service makes a request, you get a pop-up allowing you either allow or deny that access. You can also control for how long (until quit, forever, just once) and so on..

I haven't really noticed any slow downs in my access overall..since it's more about blocking the first access and then just checking that it's the same access each time..that usually shouldn't involve any great overhead..

And no, just because an application uses root privileges doesn't mean it can circumvent little snitch, since LN goes a lot deeper than that..

10-24-2011, 09:25 AM

Quote:

Originally Posted by Raz0rEdge

Little snitch watches all outbound traffic and if a new application/service makes a request, you get a pop-up allowing you either allow or deny that access. You can also control for how long (until quit, forever, just once) and so on..

I haven't really noticed any slow downs in my access overall..since it's more about blocking the first access and then just checking that it's the same access each time..that usually shouldn't involve any great overhead..

And no, just because an application uses root privileges doesn't mean it can circumvent little snitch, since LN goes a lot deeper than that..

this might sound like a silly question.How do I know if someone is trying to connect.I realize that there will be an alert,but how do i know which progarams to block or let through?

10-24-2011, 09:39 AM

Each time an unknown application attempts to establish a connection, you will see pop-up like this with the application name, address it is trying to connect to and the port it is using..

Choosing the combination, "Any Connection" and "Forever" means you trust the application and you will not see any further pop-ups from that application..

10-24-2011, 10:03 AM

Quote:

Originally Posted by Raz0rEdge

Little snitch watches all outbound traffic and if a new application/service makes a request, you get a pop-up allowing you either allow or deny that access. You can also control for how long (until quit, forever, just once) and so on..

I haven't really noticed any slow downs in my access overall..since it's more about blocking the first access and then just checking that it's the same access each time..that usually shouldn't involve any great overhead..

And no, just because an application uses root privileges doesn't mean it can circumvent little snitch, since LN goes a lot deeper than that..

Quote:

Originally Posted by Raz0rEdge

Each time an unknown application attempts to establish a connection, you will see pop-up like this with the application name, address it is trying to connect to and the port it is using..

Choosing the combination, "Any Connection" and "Forever" means you trust the application and you will not see any further pop-ups from that application..

so if I see a website that i do not know I should denny.If someone tries to get info from my mac, would it say remote server trying to access

10-24-2011, 10:09 AM

Little Snitch is all about outbound access only..so if an unknown application is making requests to addresses that just don't make sense, then yes you should deny it. But remember that most of the time you won't get a nice clear name (and icon) like in the sample image I posted..most of the times, you will get names like "aplpushserviced" or something..you can kinda guess that APL here is Apple, but you'll get a lot of other funky names that you want to allow access..

To prevent access from external people you should be using a hardware firewall in your router and other prevention schemes..

10-24-2011, 10:13 AM

Quote:

Originally Posted by sunshineshade

so if I see a website that i do not know I should denny.If someone tries to get info from my mac, would it say remote server trying to access

Quote:

Originally Posted by Raz0rEdge

Little Snitch is all about outbound access only..so if an unknown application is making requests to addresses that just don't make sense, then yes you should deny it. But remember that most of the time you won't get a nice clear name (and icon) like in the sample image I posted..most of the times, you will get names like "aplpushserviced" or something..you can kinda guess that APL here is Apple, but you'll get a lot of other funky names that you want to allow access..

To prevent access from external people you should be using a hardware firewall in your router and other prevention schemes..

Thank you.I have 2 passwords on my computer and the firewall,what other preventions schemes would you suggest? I also use filevault

10-24-2011, 04:40 PM

Moved to a more appropriate forum.

10-24-2011, 04:44 PM

Might I ask why you feel it's necessary to have so many layers of security? I would suggest that at least 95% of users don't need a firewall, filevault and LS on at the same time.

10-24-2011, 10:14 PM

vansmith.I was a very disappointed owner of a dell computer.I just switched to mac 3 months ago.I am loving it.I guess my paranoia from my windows days are following me around!:

10-24-2011, 10:30 PM

Quote:

Originally Posted by sunshineshade

vansmith.I was a very disappointed owner of a dell computer.I just switched to mac 3 months ago.I am loving it.I guess my paranoia from my windows days are following me around!:

It's good to be a little paranoid.

In my opinion, an outbound firewall isn't necessary, unless you're really concerned that a piece of software you're running is trying to "phone home" unbeknownst to you. For the most part, this won't be of concern to the average user.

As far as the software firewall built into your Mac goes - it's turned off by default. OS X doesn't respond on any well known port even with the firewall turned off. If you're not leaving your home network with the machine, you can safely leave it off (in most cases). Most modern broadband modems use NAT, which is a form of a hardware firewall. That makes devices connected to it pretty much invisible from would-be attackers.

If you're using a wireless router, you definitely have a hardware firewall using NAT. Assuming you have good, strong security turned on (WPA2/AES), you're reasonably safe yet again.

Now, if you travel with the machine to foreign networks, or if you are using weak encryption on your wireless network, you definitely want the software firewall turned on AND in stealth mode.

10-24-2011, 10:40 PM

I had some people that i thought were friends trying to hack me before! A couple of days ago someone used one of my emails to sent a message to myself 3 times! how is that possible? Last week someone used an email address to reactivate my old facebook account.I have now closed that email account.Yes I am paranoid!

10-24-2011, 10:43 PM

Quote:

Originally Posted by sunshineshade

I had some people that i thought were friends trying to hack me before! A couple of days ago someone used one of my emails to sent a message to myself 3 times! how is that possible? Last week someone used an email address to reactivate my old facebook account.I have now closed that email account.Yes I am paranoid!

Sounds like you're using weak passwords. Any idiot can hack a password that is in plain English.

Change the passwords for your accounts. Don't use the same one for all sites. Make sure it has a change of case and numbers as well as letters.

For example, instead of using "mypassword", use something like "mYp@55w3rd!".