firewall

[Makal]

should firewall be turn on on my mini mac?

 

[cradom]

Not if you're behind a router. If using public Wifi, turn it on.

 

[Makal]

Thank you.

 

[McBie]

Hmmmmm ..... basic question .... does your router have a firewall built in and is it enabled and configured correctly ?
Without answering these basic questions you are living with a false sense of security.
When you are talking about security controls, you should never make assumptions.

Cheers ... McBie

 

[MacforumMac]

always for safety

should firewall be turn on on my mini mac?

I would always keep the firewall on. If you have another firewall working with the same Firewall allowances it will not affect anything.

 

[chas_m]

And if you don't, it will cause all kinds of weird problems that are devilishly difficult to track down. Apple ships with the software firewall off for a reason. And this "use it every time you're on public Wi-Fi" nonsense is both ridiculous (nobody is going to methodically remember to switch it on and off as "needed") and represents a silly misunderstanding of what a firewall does -- and what it doesn't do. Hint: it's not a magic cloak of invisibility.

What Firewall Software Does - HowStuffWorks

 

[MacInWin]

I say keep it on. The likelihood of the conflicts chas_m has brought up is very, very low, and easily resolved by simply turning off the software firewall to see if the "weird problem" goes away. And as he said, "nobody is going to methodically remember to switch is on and off 'as needed'". So, turn it on, leave it on unless something weird happens and you won't have to worry about it. Mine has been on ever since I bought this MBP and hasn't caused any problems with the three routers it has worked with in that time.

 

[RadDave]

should firewall be turn on on my mini mac?

Hi Makal - this is an oft asked question - here's the LAST ONE that I left a post - you've already received similar responses, so follow the advice - to reiterate, make sure that the firewall of your router is properly configured (as already suggested); if you had a laptop instead of a DT computer, then activate the machine's firewall when out on public Wi-Fi sites. For myself, I have an Airport Extreme router w/ its own firewall but still have my MBPro's & iMac's firewalls on - have not noticed any problems.

SO, you have (and my still get more posts) opinions on both sides of your question making it up to you to decide - Dave

 

[harryb2448]

How confusing Makai.

I follow Apple's advise of leaving it off, the default from Apple, when using behind my home router, however at outdoor public 'hotspots' of course it should be activated.

 

[chscag]

I agree with Jake. I've never had a problem with keeping it turned on in all the years I've been using OS X. I would especially keep it on for a portable Mac that's used outside of the home.

 

[pm-r]

I agree with Jake. I've never had a problem with keeping it turned on in all the years I've been using OS X. I would especially keep it on for a portable Mac that's used outside of the home.

+3!! It has nearly always been enabled as long as I can recall and password setup and enabled on our wired router and AE for any wireless.

I'd be a bit concerned for those who follow Apple's "advice", and I didn't know they now advise to keep it disabled, but shocking when I always seem to notice several "linksys" and "dlink" names in a drop down list and no padlock.

And then remember to switch it On if required — they're kidding right??? :Blushing:

 

[McBie]

Can someone please point me to the " official " advise from Apple to have your built-in firewall OFF.

Secondly, it would be interesting to see a documented list of " All kind of weird problems " that can be contributed to having your firewall ON ( and only to having your firewall ON ), meaning .... repeatable " problems " that can easily be reproduced on another OS X machine.

Cheers ... McBie

 

[pm-r]

Can someone please point me to the " official " advise from Apple to have your built-in firewall OFF.

Secondly, it would be interesting to see a documented list of " All kind of weird problems " that can be contributed to having your firewall ON ( and only to having your firewall ON ), meaning .... repeatable " problems that can easily be reproduced on another OS X machine.

Cheers ... McBie

Hmmm…??? Not too much response is there, so that's two of us still left wondering.

I can't find anything to support the suggestions here:
https://support.apple.com/en-us/HT201642

 

[chscag]

Can someone please point me to the " official " advise from Apple to have your built-in firewall OFF.

There is none.

Secondly, it would be interesting to see a documented list of " All kind of weird problems " that can be contributed to having your firewall ON ( and only to having your firewall ON ), meaning .... repeatable " problems " that can easily be reproduced on another OS X machine.

Again, there is none. Certain "unnamed" individuals have been stating this while they have nothing substantial to back up their claims. ;D Leaving your built in software firewall on or off is a matter of choice. Just because Apple has it off in a default installation does not mean that is their recommendation.

 

[harryb2448]

Apple has it off by default. Do a clean install of any operating system from leopard, or buy a new machine and the default is off.

 

[MacInWin]

Harry, when I bought my car, the handbrake was set. Using your logic, should I have left it that way? My point is that the "default" is not necessarily the "recommended" or "best" in anything. Since the probability of problems with hardware firewalls interfering with the software firewall is low and the probability of forgetting to turn it on when you take the MBP to an open WiFi spot is high, the default of "off" is probably not best.

 

[pm-r]

Apple has it off by default. Do a clean install of any operating system from leopard, or buy a new machine and the default is off.

I'm seriously not trying to be a smart-a** here, but I dare say that just about everything is "Off" with a clean install etc., with nearly all Preference Panes and most applications, including network, email, browser and most of the basic Mac machine settings etc., except for those that were set during the install, like location etc.

 

[harryb2448]

Very clever logic Jake. When I purchased my iMac it came with the power lead in the carton and not connected.

 

[MacInWin]

Heh! My point exactly, Harry! ?

 

[chas_m]

Nevertheless, the reason the software firewall is off by default on a Mac is quite simple and understandable: you are 99.99 percent certain -- even at a public hotspot -- to be behind a hardware firewall, and having two firewalls can conflict.

All the "dangers" people imagine they can be exposed to using a public hotspot, like unencrypted data being intercepted, are not covered by or protected by the use of a software firewall. Firewalls are not magic cloaks of Internet invisibility (you're confusing firewalls with Macs there) . They simply stop incoming traffic on selected ports by controlling what ports are open, thus preventing floods of useless data from tying up or disabling the Internet connection. That's pretty much it.

What does a firewall do? | Security News

To put this another way: your Mac almost certainly doesn't need the software firewall because your Mac is set to what PC people would call "stealth" mode by default. Feel free not to take my word for this, and test it yourself: https://www.grc.com/x/ne.dll?rh1dkyd2

The software firewall is there for people who have a need for specific configurations and no access to a hardware firewall. If that's you, by all means utilize it. But today (as opposed to decades past), your chances of not being behind a hardware firewall on any and all Wi-Fi networks you might use are virtually nil. So "carryover advice" based on best practices of the late 1990s is about as useful as telling most of us how to configure a PPPoE connection; valuable at one point, nearly useless now.