Forums
New posts
Articles
Product Reviews
Policies
FAQ
Log in
Register
What's new
Search
Search
Search titles only
By:
New posts
Menu
Log in
Register
Install the app
Install
Forums
General Discussions
Switcher Hangout (Windows to Mac)
What Are Your Security Settings?
JavaScript is disabled. For a better experience, please enable JavaScript in your browser before proceeding.
You are using an out of date browser. It may not display this or other websites correctly.
You should upgrade or use an
alternative browser
.
Reply to thread
Message
<blockquote data-quote="cwa107" data-source="post: 987461" data-attributes="member: 24098"><p>Well, it's not in stealth mode, because it responds to ICMP echo (ping). The test results you're seeing on GRC.com are likely viewed while sitting on a DSL/Cable modem, which is using NAT in and of itself (i.e. you've got a private IP address, your modem has the public IP address and routes traffic to you acting, in effect, like a router). </p><p></p><p>But I was surprised to find that you are somewhat right. I opened up my MacBook Pro's ipfw, running 10.6.2 and ran a port scan from my desktop PC running Windows 7. I used a couple of different products to do the scan and in both cases, found that no well-known ports were responsive. I did not run a full port scan, since it would have taken forever (and it's doubtful that a hacker having identified the presence of your machine would waste that much time, unless it was a high-value target).</p><p></p><p>But this paints a rosier picture than is reality. Reality is that if a vulnerability were identified, running no software firewall and sitting on a publicly accessible LAN would leave you susceptible to a worm that exploits that vulnerability. Additionally, if you happen to be running a piece of software that opens ports (like an IM client, for example) and that software has a vulnerability (as was discovered in iChat back in 2007), you could also be susceptible to a worm. </p><p></p><p>So, I stand by my argument that unless there is a problem directly attributable to the software firewall, it's better to have it running - particularly on a portable machine that leaves the relative safety of a home network. </p><p></p><p>Oh and please keep your metaphors clean, this is a family-friendly forum.</p></blockquote><p></p>
[QUOTE="cwa107, post: 987461, member: 24098"] Well, it's not in stealth mode, because it responds to ICMP echo (ping). The test results you're seeing on GRC.com are likely viewed while sitting on a DSL/Cable modem, which is using NAT in and of itself (i.e. you've got a private IP address, your modem has the public IP address and routes traffic to you acting, in effect, like a router). But I was surprised to find that you are somewhat right. I opened up my MacBook Pro's ipfw, running 10.6.2 and ran a port scan from my desktop PC running Windows 7. I used a couple of different products to do the scan and in both cases, found that no well-known ports were responsive. I did not run a full port scan, since it would have taken forever (and it's doubtful that a hacker having identified the presence of your machine would waste that much time, unless it was a high-value target). But this paints a rosier picture than is reality. Reality is that if a vulnerability were identified, running no software firewall and sitting on a publicly accessible LAN would leave you susceptible to a worm that exploits that vulnerability. Additionally, if you happen to be running a piece of software that opens ports (like an IM client, for example) and that software has a vulnerability (as was discovered in iChat back in 2007), you could also be susceptible to a worm. So, I stand by my argument that unless there is a problem directly attributable to the software firewall, it's better to have it running - particularly on a portable machine that leaves the relative safety of a home network. Oh and please keep your metaphors clean, this is a family-friendly forum. [/QUOTE]
Verification
Post reply
Forums
General Discussions
Switcher Hangout (Windows to Mac)
What Are Your Security Settings?
Top