Is really reliable the firewall in the iMac ?

boguiboy · Mar 27, 2006

Hi, I`m new user in Mac but I´m really happy with my new machine and I forgot what is a Pc, it`s awsome this computer.
So, I want to know if the firewall who came in the mac is really reliable, I read about it, but just to confirm if is that enough with the firewall Tiger includes or I need another to keep my machien safe. I use to make movements trough my bank account so is very important to me to know that. I already activate the options to keep my machine not detectable in the web, and no boxes marked in the options to share, is that enough ? Thanks in advance.

IronMac · Mar 27, 2006

boguiboy said:
Hi, I`m new user in Mac but I´m really happy with my new machine and I forgot what is a Pc, it`s awsome this computer.
So, I want to know if the firewall who came in the mac is really reliable, I read about it, but just to confirm if is that enough with the firewall Tiger includes or I need another to keep my machien safe. I use to make movements trough my bank account so is very important to me to know that. I already activate the options to keep my machine not detectable in the web, and no boxes marked in the options to share, is that enough ? Thanks in advance.

From what I have heard the OS firewall is a topnotch piece of software. It should be more than enough especially if you are behind a hardware firewall was well.

Brown Study · Mar 27, 2006

Since you've turned on the firewall's options from the advanced button — always a good idea — click Advanced again, then the Open Log button and have a good laugh at the thousands of failed attempts to break in listed in the log.

IronMac is right; the firewall appears to be top-notch. You can check it's effectiveness at Symantic's security-test page. With all three options on, that site says my machine is completely stealthed.

The firewall, though, works only one way, from the outside in. An application that is the Mac's answer to the PC world's ZoneAlarm is Little Snitch. It informs you when applications inside your computer phone home or anywhere.

Little Snitch allows you to block any application's connections to the net forever or allow the connection once or block it once. It works with Intel Macs, too. Stuffit Deluxe, for instance, phones home every time it starts. I've blocked it permanently.

But unlike ZoneAlarm, it isn't free for personal use. It's $24.95 U.S.

boguiboy · Mar 27, 2006

I really appreciate your help Ironmac and Brown Study, I'm now feel safe with this firewall.I already check the open log button and wow a lot of tries to enter in my computer. Thanks a lot for your help and time to let me know more bout this. Best regards.

Kar98 · Mar 27, 2006

In fact the firewall is so secure, i can't get Azureus to work after I turned the firewall on and forgot where.

Brown Study · Mar 27, 2006

System Preferences>Sharing

Jabjabs · Mar 28, 2006

I haven't used the firewall ever and I have never had any problems, now that I know that Azureus doesn't work with it on, it stays off.

Kar98 · Mar 28, 2006

Jabjabs said:
I haven't used the firewall ever and I have never had any problems, now that I know that Azureus doesn't work with it on, it stays off.

It's probably just me, though.

neye:

IronMac · Mar 28, 2006

Jabjabs said:
I haven't used the firewall ever and I have never had any problems, now that I know that Azureus doesn't work with it on, it stays off.

All you have to is open a few ports, maybe 5, and Azureus will work fine. Do you really want to leave you machine unprotected just so you can run one program? I suggest you read this.

Kar98 · Mar 28, 2006

IronMac said:
All you have to is open a few ports, maybe 5, and Azureus will work fine. Do you really want to leave you machine unprotected just so you can run one program?

Indeed. Besides, I've got a spare Windows machine to run programs like that

hagen · Mar 28, 2006

Brown Study said:
The firewall, though, works only one way, from the outside in.

I found this (and lots of other good stuff) while Googling "OSX firewall".

http://www.computerworld.com/blogs/node/1665

"While the Mac OSX user interface doesn't facilitate creating a bi-directional firewall, the underlying facility (ipfw) does. This is the same firewall used by FreeBSD and OpenBSD kernels. ipfw is the standard that Linux iptables is compared against. I hope Apple adds this capability to the GUI, but there's no need to wait; I have been using bi-directional firewall rulesets on OSX since release 10.2."

It looks like a top-notch bidirectional firewall if one wants to write ipfw rules directly. I will try this when I get my Mac - soon I hope! I like to keep everything locked down tight, as in block everything I don't want or need.

Brown Study · Mar 28, 2006

hagen said:
I found this (and lots of other good stuff) while Googling "OSX firewall".

http://www.computerworld.com/blogs/node/1665

"While the Mac OSX user interface doesn't facilitate creating a bi-directional firewall, the underlying facility (ipfw) does. This is the same firewall used by FreeBSD and OpenBSD kernels. ipfw is the standard that Linux iptables is compared against. I hope Apple adds this capability to the GUI, but there's no need to wait; I have been using bi-directional firewall rulesets on OSX since release 10.2."

Wow, and whoa! I read the article but understood only about a third, words like "an," "the" and "firewall." One sentence I understood 100 per cent:

Warning: When working with the firewall rules be careful, you can end up locking your self out.

I, too, try to keep everything locked down tight, but even if I eventually figured it out, one measly little system update from Apple likely would screw it up. I'm afraid I'm stuck with auto-file-delete AppleScripts and Little Snitch.

Nice detective work, though. Maybe you could keep us posted as to your progress.

Kar98 · Mar 28, 2006

Kar98 said:
Besides, I've got a spare Windows machine to run programs like that

That is, I _had_, until 20 minutes ago

neye:

hagen · Mar 28, 2006

Brown Study said:
Wow, and whoa! I read the article but understood only about a third, words like "an," "the" and "firewall." One sentence I understood 100 per cent:I, too, try to keep everything locked down tight, but even if I eventually figured it out, one measly little system update from Apple likely would screw it up. I'm afraid I'm stuck with auto-file-delete AppleScripts and Little Snitch.

Nice detective work, though. Maybe you could keep us posted as to your progress.

Yeah, firewall rules are gibberish at first. They're easy enough after one learns the language, though.

Here's another page that's a little easier to read, keeping in mind that ipfw processes rules one by one, starting at the top, until it finds one that applies. http://www.macdevcenter.com/pub/a/mac/2005/03/15/firewall.html

I started with just the default rules in my firewall, and slowly added more as I learned. It looks like my rules will translate from Windows to Mac pretty easily.

Is really reliable the firewall in the iMac ?

boguiboy

Guest

IronMac

Brown Study

boguiboy

Guest

Kar98

Brown Study

Jabjabs

Kar98

IronMac

Kar98

hagen

Brown Study

Kar98

hagen

Shop Amazon