Page 2 of 2 FirstFirst 12
Results 16 to 23 of 23
  1. #16
    What Are Your Security Settings?
    cwa107's Avatar
    Member Since
    Dec 20, 2006
    Location
    Lake Mary, Florida
    Posts
    26,758
    Specs:
    15" MBP, Core i7/2GHz, 8GB RAM, 480GB Crucial M500 SSD
    Well, it's not in stealth mode, because it responds to ICMP echo (ping). The test results you're seeing on GRC.com are likely viewed while sitting on a DSL/Cable modem, which is using NAT in and of itself (i.e. you've got a private IP address, your modem has the public IP address and routes traffic to you acting, in effect, like a router).

    But I was surprised to find that you are somewhat right. I opened up my MacBook Pro's ipfw, running 10.6.2 and ran a port scan from my desktop PC running Windows 7. I used a couple of different products to do the scan and in both cases, found that no well-known ports were responsive. I did not run a full port scan, since it would have taken forever (and it's doubtful that a hacker having identified the presence of your machine would waste that much time, unless it was a high-value target).

    But this paints a rosier picture than is reality. Reality is that if a vulnerability were identified, running no software firewall and sitting on a publicly accessible LAN would leave you susceptible to a worm that exploits that vulnerability. Additionally, if you happen to be running a piece of software that opens ports (like an IM client, for example) and that software has a vulnerability (as was discovered in iChat back in 2007), you could also be susceptible to a worm.

    So, I stand by my argument that unless there is a problem directly attributable to the software firewall, it's better to have it running - particularly on a portable machine that leaves the relative safety of a home network.

    Oh and please keep your metaphors clean, this is a family-friendly forum.
    Liquid and computers don't mix. It might seem simple, but we see an incredible amount of people post here about spills. Keep drinks and other liquids away from your expensive electronics!

    https://youtu.be/KHZ8ek-6ccc

  2. #17
    What Are Your Security Settings?
    chas_m's Avatar
    Member Since
    Jan 22, 2010
    Location
    Victoria, BC
    Posts
    18,940
    Specs:
    Mid-2012 MBP (16GB, 1TB HD), Monoprice 24-inch second monitor, iPhone 5s 32GB, iPad Air 2 64GB
    Quote Originally Posted by cwa107 View Post
    But this paints a rosier picture than is reality. Reality is that if a vulnerability were identified, running no software firewall and sitting on a publicly accessible LAN would leave you susceptible to a worm that exploits that vulnerability. Additionally, if you happen to be running a piece of software that opens ports (like an IM client, for example) and that software has a vulnerability (as was discovered in iChat back in 2007), you could also be susceptible to a worm.
    And a list of these worms I will get on my Mac, along with documented cases of infection via iChat is ... where, again?

    Oh and please keep your metaphors clean, this is a family-friendly forum.
    I do apologise for that.

  3. #18
    What Are Your Security Settings?
    cwa107's Avatar
    Member Since
    Dec 20, 2006
    Location
    Lake Mary, Florida
    Posts
    26,758
    Specs:
    15" MBP, Core i7/2GHz, 8GB RAM, 480GB Crucial M500 SSD
    Quote Originally Posted by chas_m View Post
    And a list of these worms I will get on my Mac, along with documented cases of infection via iChat is ... where, again?
    Let me google that for you

    There are no other worms at the present, but that doesn't mean there won't be in the future. Especially when vulnerabilities are being found and it's taking Apple 6-9 months to patch. And that's only the OS, third party applications can also have vulnerabilities that could expose you to a worm or other exploitation.
    Liquid and computers don't mix. It might seem simple, but we see an incredible amount of people post here about spills. Keep drinks and other liquids away from your expensive electronics!

    https://youtu.be/KHZ8ek-6ccc

  4. #19
    What Are Your Security Settings?
    chas_m's Avatar
    Member Since
    Jan 22, 2010
    Location
    Victoria, BC
    Posts
    18,940
    Specs:
    Mid-2012 MBP (16GB, 1TB HD), Monoprice 24-inch second monitor, iPhone 5s 32GB, iPad Air 2 64GB
    Okay, so we have ... one. One worm, that's long since gone (no cases reported in your link since 2006).

    Given that there haven't been any new reports of worms since then, I think I will stand by my contention that this really isn't an issue on Macs, that the chance of future problems is low, and that a software firewall is an unnecessary duplication of services already provided by the hardware firewall.

    I do appreciate you reminding me about Leap-A, but I'm afraid it's not a very strong case (particularly when compared to Windows, but even just relative to the Mac).

    I also think you're mischaracterising Apple's response time. There have been occasions where they've taken their time to patch an issue, and there have been occasions where they've been pretty speedy. Microsoft is likewise quite lackadaisical on patching some issues far more serious than the sort that produced Leap-A.

  5. #20
    What Are Your Security Settings?
    cwa107's Avatar
    Member Since
    Dec 20, 2006
    Location
    Lake Mary, Florida
    Posts
    26,758
    Specs:
    15" MBP, Core i7/2GHz, 8GB RAM, 480GB Crucial M500 SSD
    Quote Originally Posted by chas_m View Post
    Okay, so we have ... one. One worm, that's long since gone (no cases reported in your link since 2006).

    Given that there haven't been any new reports of worms since then, I think I will stand by my contention that this really isn't an issue on Macs, that the chance of future problems is low, and that a software firewall is an unnecessary duplication of services already provided by the hardware firewall.
    It all goes back to my theory that an ounce of prevention is worth a pound of cure. If the firewall doesn't break anything, I don't see the harm in running it (or recommending it when asked).

    I do appreciate you reminding me about Leap-A, but I'm afraid it's not a very strong case (particularly when compared to Windows, but even just relative to the Mac).
    And I understand where you're coming from. In the Windows world, there is a much stronger case for running a software firewall, simply by virtue of the sheer number of worms that exist for the platform. Chances are much exponentially higher that you would encounter one on a public network.

    I also think you're mischaracterising Apple's response time. There have been occasions where they've taken their time to patch an issue, and there have been occasions where they've been pretty speedy. Microsoft is likewise quite lackadaisical on patching some issues far more serious than the sort that produced Leap-A.
    Oh, I don't know about that. Microsoft releases patches almost weekly (I'm keenly aware of them since I'm tasked with implementing updates for my desktops at work). Usually any reported vulnerability is patched inside of a week, it's very rare that an exploit exists before the patch is released.

    Apple on the other hand has a track record of taking 6 months or more to release an update, and it's not exactly unusual that an exploit is released before that update finally surfaces. Examples:

    This one was reported to Apple back in June and the patch was released about 2 weeks after the exploit was built and shown off as a proof of concept:
    Leopard and Snow Leopard flaw exploited in proof of concept, real-world tomfoolery surely coming soon -- Engadget

    This one was reported and patched by Sun in their own Java implementation, but it took Apple over 6 months to get theirs done:
    Apple has yet to patch "critical" Java vulnerability

    So you can see where my sentiment comes from. But it doesn't matter - clearly you have your own strongly held beliefs and that's fine. But I'm sure you can now understand why I made the recommendation.
    Liquid and computers don't mix. It might seem simple, but we see an incredible amount of people post here about spills. Keep drinks and other liquids away from your expensive electronics!

    https://youtu.be/KHZ8ek-6ccc

  6. #21
    What Are Your Security Settings?

    Member Since
    Mar 30, 2004
    Location
    USA
    Posts
    4,744
    Specs:
    12" Apple PowerBook G4 (1.5GHz)
    Frankly, the biggest vulnerability in any system is the person using it. And the most vulnerable person of all is the one that thinks that he or she is not vulnerable because of some magic tool or service.

  7. #22
    What Are Your Security Settings?
    cwa107's Avatar
    Member Since
    Dec 20, 2006
    Location
    Lake Mary, Florida
    Posts
    26,758
    Specs:
    15" MBP, Core i7/2GHz, 8GB RAM, 480GB Crucial M500 SSD
    Quote Originally Posted by technologist View Post
    Frankly, the biggest vulnerability in any system is the person using it. And the most vulnerable person of all is the one that thinks that he or she is not vulnerable because of some magic tool or service.
    Amen. Very well said.
    Liquid and computers don't mix. It might seem simple, but we see an incredible amount of people post here about spills. Keep drinks and other liquids away from your expensive electronics!

    https://youtu.be/KHZ8ek-6ccc

  8. #23
    What Are Your Security Settings?
    dtravis7's Avatar
    Member Since
    Jan 04, 2005
    Location
    Modesto, Ca.
    Posts
    28,477
    Specs:
    iMac late 2007 10.11.b4, iMac 2008 10.10.5, Macbook2007 10.7.5, Mac Mini 10.7.5, iPhone 3GS Note 8!!
    Quote Originally Posted by technologist View Post
    Frankly, the biggest vulnerability in any system is the person using it. And the most vulnerable person of all is the one that thinks that he or she is not vulnerable because of some magic tool or service.
    I am going to quote your post again so more will see it! Very well said and agreed.

    I see it all the time and no matter how much I warn some people, they do their thing and ruin their Windows machines and expect me to fix them without a backup and not lose one of their files!

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Similar Threads

  1. Security settings
    By lanam in forum OS X - Operating System
    Replies: 1
    Last Post: 08-04-2009, 02:48 PM
  2. Security Zone Settings
    By Tiernn in forum OS X - Operating System
    Replies: 4
    Last Post: 07-08-2009, 12:54 PM
  3. How Do I set Up Security Settings?
    By mab in forum OS X - Operating System
    Replies: 5
    Last Post: 01-03-2008, 10:57 PM
  4. Wireless Security settings
    By Magicbear in forum Internet, Networking, and Wireless
    Replies: 2
    Last Post: 06-12-2007, 08:16 AM
  5. Flash Security Settings
    By Brown Study in forum OS X - Apps and Games
    Replies: 0
    Last Post: 03-10-2007, 02:06 PM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •