Results 1 to 9 of 9
  1. #1


    Member Since
    Nov 12, 2009
    Posts
    25
    Question about firewall
    Hi,

    I just got my first mac today (imac, quad-core i7), and I am going thru the inevitable fumbling around trying to figure things out. I discovered after 2 or 3 hours that the firewall comes off by default. I immediately turned it on, as well as the stealth mode.

    However, I am wondering how likely it is that someone accessed my computer during those 2-3 hrs, and now has the ability to mess around. I sometimes access my mothers online banking account to pay her bills, so I am worried that someone would have access to that info.
    Also, I sometimes shop online. Thanks in advance, and any tips for getting up to speed on the pc to mac switch would be appreciated.

    Mike

  2. #2


    Member Since
    Apr 09, 2009
    Location
    Ithaca NY
    Posts
    2,073
    Specs:
    13 inch alMacBook 2GHz C2D 4G DDR3, 1.25GHz G4 eMac
    How likely is it? Next to 0%. I don't use my firewall and am not afraid. On OS X, it's not really needed. Causes more problems than anything for me to be firewalled since I do some light gaming.

  3. #3

    cwa107's Avatar
    Member Since
    Dec 20, 2006
    Location
    Lake Mary, Florida
    Posts
    26,904
    Specs:
    15" MBP, Core i7/2GHz, 8GB RAM, 480GB Crucial M500 SSD
    With all due respect to DarkestRitual, with the complexity of modern operating systems, and based on the fact that the Darwin kernel is open-source, and compounded by the fact that over the years many different vulnerabilities have been found in OS X (granted, they have been subsequently patched), I would definitely recommend turning the firewall on - and using it in stealth mode (which basically makes your machine ignore ICMP echo requests).

    If you're sitting behind a router (and almost all modern modems have their own NAT-based firewall), you likely won't need it. But in the odd event that someone is able to sneak into your local network and is aware of an undocumented vulnerability, it's better to be safe than sorry, in my opinion. Firewalls that block outgoing traffic can be troublesome if they're not well-maintained, but incoming firewalls, are pretty unobtrusive. I've been running the OS X firewall since 10.4 and have never encountered a firewall problem. Even if you decide to do file/printer sharing or setup a server of some sort, the firewall is opened up to allow that type of traffic, so you should be fine to leave it on all the time.

    So, to answer your question directly - yes, I would enable the firewall. And no, I don't think you'll have any problem having left it open for a few hours. In the unlikely event that there was someone knocking at the door, turning the firewall on would have shut that attack down very quickly.
    Liquid and computers don't mix. It might seem simple, but we see an incredible amount of people post here about spills. Keep drinks and other liquids away from your expensive electronics!

    https://youtu.be/KHZ8ek-6ccc

  4. #4


    Member Since
    Mar 30, 2004
    Location
    USA
    Posts
    4,744
    Specs:
    12" Apple PowerBook G4 (1.5GHz)
    Quote Originally Posted by cwa107 View Post
    ...blah blah blah...
    Agreed. The firewall is a sensible precaution. You want as many lines of defense as possible; this means you run your updates, keep your firewall on, and exercise general common sense when downloading things and entering passwords and such.

    It's too easy to get into the "Oh, my (feature) will protect me, I don't need (other feature)" way of thinking.

  5. #5


    Member Since
    Nov 12, 2009
    Posts
    25
    Thanks very much for the informative responses.

  6. #6

    dtravis7's Avatar
    Member Since
    Jan 04, 2005
    Location
    Modesto, Ca.
    Posts
    28,907
    Specs:
    iMac 2010 27" QuadI7 OSX10.11, iMac 2008 OSX10.11, MBP Late2011OSX10.11 , iPad Air, iPhone 3GS
    Agreed completely with Tech and CWA. OSX is pretty secure but who knows. It's much better to be safe than sorry later! With the OSX firewall on Stealth, I did a test on Steve Gibson's security site and every test came up stealth. I also run a good router with a full SPI Firewall on my whole network. I have Macs, Windows XP, Vista and 7 and no issues at all.

    No matter how secure OSX is, down the road who knows what some hacker will find. Being secure just in case is a good thing!

    And don't worry about those few hours you ran with it off. I would bet $$$ nothing happened.

  7. #7


    Member Since
    Apr 09, 2009
    Location
    Ithaca NY
    Posts
    2,073
    Specs:
    13 inch alMacBook 2GHz C2D 4G DDR3, 1.25GHz G4 eMac
    Well guys, I'm gonna turn it on. Hopefully no problems. But I just wanted to say he probably didn't have an issue with being hacked, because he almost certainly wasn't.

  8. #8

    McBie's Avatar
    Member Since
    Apr 26, 2008
    Location
    Belgium
    Posts
    2,776
    Specs:
    2013 MBA 13" - OS X 10.11
    Agree with all of the above ... however , the discussion should be taken one step further.

    And with all due respect for everyone, the paragraphs below are only intended to be thought provoking, nothing else.

    What does ' turning a firewall ON ' really mean in terms of actual protection.
    Unless you know what the firewall does when it is turned ON, there is no way of knowing what risks you are protected from.

    Agreed, nowadays the default firewall settings will reduce the level of risk significantly, but the good guys need to close all loopholes and the bad guys need to find only one.

    Too many times have I seen IT controls badly configured and too many times did I have the debate with decision makers who were ignorant and thought that having a firewall was all that was required.
    Too many times have I seen firewalls that were not monitored properly and the network was compromised without the company even being aware.

    Just ask yourself the question .... if my Mac was compromised .... how would I know ?

    If people believe that technology is going to solve all their security problems, then people don't understand the technology and they don't understand the problems.

    Maybe I have an overly suspicious mindset about these things, but I believe people should at least be aware of some of the risks.
    And it doesn't make a difference if you have IT as a hobby, or if you run a flowershop or if you run a bank.
    The only thing that makes a difference is that different people have a different appetite to risk, depending on how important they believe computers are in their day to day live ( business )

    Just my 2 Euro-cents

    Cheers ... McBie
    A computer lets you make more mistakes faster than any invention in human history - with the possible exceptions of handguns and tequila.
    The bitterness of poor quality remains long after the sweetness of low price is forgotten.

  9. #9

    dtravis7's Avatar
    Member Since
    Jan 04, 2005
    Location
    Modesto, Ca.
    Posts
    28,907
    Specs:
    iMac 2010 27" QuadI7 OSX10.11, iMac 2008 OSX10.11, MBP Late2011OSX10.11 , iPad Air, iPhone 3GS
    McBie, very good info and very thought provoking! So many take security for granted.

    That does sometimes help me pay my bills when I have to fix a system that is full of Virus's and Spyware, but if people used their heads, a lot of my work would never have to be done and I would have to find another way to pay the rent!!!

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Similar Threads

  1. firewall question
    By macgig in forum Internet, Networking, and Wireless
    Replies: 13
    Last Post: 02-10-2014, 05:01 PM
  2. firewall question
    By vivienne61 in forum Switcher Hangout
    Replies: 6
    Last Post: 08-06-2011, 10:16 PM
  3. Firewall question
    By soccerphysio in forum Switcher Hangout
    Replies: 1
    Last Post: 07-25-2009, 12:30 PM
  4. Question about Firewall...
    By farmcock in forum Switcher Hangout
    Replies: 8
    Last Post: 06-24-2009, 06:33 PM
  5. Firewall Question
    By macjuicy23 in forum Internet, Networking, and Wireless
    Replies: 5
    Last Post: 06-26-2007, 04:51 AM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •