12-07-2010, 02:02 AM

When I spoke to an Applecare rep yesterday we discovered that the Firewall was inadvertently blocking a download.

She advised me to turn the Firewall off. I have done so but I am concerned that this might lead me unintentionally to log onto a site that isn't 'trusted'

12-07-2010, 02:46 AM

Add the app to your save list and turn back on your firewall.

12-07-2010, 02:57 AM

If you are connected to your own modem/router, it will already have a firewall on by default.
I would only use my software firewall when connecting to a wifi hot spot, etc.
It doesn't really hurt to have it on if it makes you feel more secure, but I have run tests with and without my software firewall on shields up, and passed on all accounts both ways.
https://www.grc.com/x/ne.dll?bh0bkyd2

12-07-2010, 04:21 AM

Short answer: no, its not necessary.

12-07-2010, 09:19 AM

Quote:

Originally Posted by chas_m

Short answer: no, its not necessary.

Hmmmm ... I think this is " cutting corners " a little bit ....

Every computer user, no matter what the operating system is, has 3 layers of defense:
1) A Firewall
2) Anti malware product
3) Common sense

There are as many opinions as there are readers, but if the suggestion is to turn off firewalls, and in other threads it is advised to turn off anti malware, then the only line of defense is 3) Common sense.

Yeah .... right .... we are human so we all know what that means.

My suggestion is to have the built-in firewall ON ( As Crimson indicated above ). It is not bulletproof, but it adds another layer.

For what it is worth .... the holiday season is upon us so beware of E-cards,
requests for charity contributions, nice screen savers etc.....
When presented with a shopping advertisement, don't click too quick.
( Sometimes the mouse is faster than the brain )

My 2 cents.

Cheers ... McBie

12-07-2010, 09:26 AM

Mac OS X v10.5, 10.6: About the Application Firewall
Mac OS X 10.6 Help: Setting firewall access for services and applications

12-07-2010, 09:39 AM

Quote:

Originally Posted by 6string

If you are connected to your own modem/router, it will already have a firewall on by default.
I would only use my software firewall when connecting to a wifi hot spot, etc.
It doesn't really hurt to have it on if it makes you feel more secure, but I have run tests with and without my software firewall on shields up, and passed on all accounts both ways.
https://www.grc.com/x/ne.dll?bh0bkyd2

Good to know that GRC only checks the first 1024 ports and usually that's not where the problem is, they are well regulated by IANA.
Ports above 1024, where there is more freedom, can be used for bespoke applications by multiple vendors, each with it's own implementation.
These are the ports to watch out for, and if you see activity on these ports, you better understand which application is having these ports open.

Cheers ... McBie

12-07-2010, 10:00 AM

Quote:

Originally Posted by Alwyn

When I spoke to an Applecare rep yesterday we discovered that the Firewall was inadvertently blocking a download.

She advised me to turn the Firewall off. I have done so but I am concerned that this might lead me unintentionally to log onto a site that isn't 'trusted'

Official Antivirus, Malware, and Firewall FAQ

12-07-2010, 04:15 PM

Read schweb's excellent article and in short, if you are using a public network such as library, school, internet cafe, activate Firewall, if from home modem/router, stop it.

Firewall does not control where you go, just what connects and comes in.

12-07-2010, 05:30 PM

Hello,

Little Snitch is a good app that lets you know what programs are trying to connect to what ip addreses and ports.

12-07-2010, 07:56 PM

Hi,

As a relatively new user I too asked this question, many here gave good advice and hints, ran shields up and was impressed so do not turn the firewall on when Im on my home WiFi network only use it at Airports etc.
It took a while but now feel comfortable with it turned off, just another learning curve re switching to Mac.

As with all things at the end of the day it is your choice.

12-07-2010, 08:18 PM

A firewall is a VERY useful protection to have on your network. I'd suggest a hardware firewall (available in all routers) as your first line of defense. Running a second software firewall on your machine can also be good, but not necessary..

Regards

12-07-2010, 09:01 PM

IME running a second firewall just causes issues and problems rather than "adds a second layer." It generally just conflicts with the first layer, since they are doing the same thing.

Back ten years ago I would have recommended the software firewall for most people, but today it's pretty much a non-issue, since most routers (including the ones used for public wifi spots) have a (superior) hardware-based firewall.

The other issue I run into a lot is that people misunderstand what a firewall does. It will not stop you getting a virus (on a PC). It will not magically protect your credit card number or other sensitive info. It will not block phishing sites, or trickware sites. In short, it will not protect you from being dumb. All a firewall does is stop snooping software from snooping your open ports. Which, on a Mac, are none (other than the well-protected standard ones every internet connection requires). So, in a nutshell, you're good -- because you chose a smarter computer and a better OS.

This is why Apple ships machines with the software firewall off, and why I suggest most people leave it off. There are obviously a few exceptional cases where you might want it, and that's why it's there -- but broadly speaking for most users it does nothing you need doing.

12-08-2010, 07:48 AM

Anyway ... Mine is always switched ON
If I go into Starbucks I can simply ask for my coffee and I don't have to ask the waitress if her router has the firewall switched on, because if she hasn't i will have to switch mine on before i connect to her public network.

Keep things simple.

Cheers ... McBie

12-08-2010, 08:06 AM

To the OP.... I'll quote McBie on this one

Quote:

Keep things simple.

If this puts your mind at ease, there is no harm done!

When you say a firewall was blocking a download, I am guessing that you really only mean that you had to give permission!

I'll quote McBie again here:

Quote:

Common sense

If you are downloading something that you trust.... but even then, a firewall isn't going to protect you against downloading something dodgy, it's only going to ask for your authorisation on some things.

While typing this, I decided to google it to give you my non-layman's description

Firewall (computing) - Wikipedia, the free encyclopedia
As I like to say ....Happy Mac'n