?
Solved

OS X 10.3.3: built-in firewall quality

Posted on 2004-04-07
3
Medium Priority
?
571 Views
Last Modified: 2010-03-17
Hi,

I have been trying to find info has to how secure the Panther built-in firewall is.

Is it true that the fiewall won't block outgoing traffic, such as programs checking with thier homebase for updates, etc?

Would an ADSL modem/router with NAT + OS X built-in firewall? Provide adequate security for a home-user with no servers being used?

If not, what software and/or command line lockdowns would be suggested?

Regards,

Benomoro

0
Comment
Question by:benomoro
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
3 Comments
 
LVL 30

Accepted Solution

by:
weed earned 100 total points
ID: 10783816
It's a perfectly good firewall. They're really not that complicated. They just block incoming traffic on certain ports.

Firewalls only block inbound traffic, not outbound. If you need to block outbound traffic use LittleSnitch from versiontracker.com.

Most routers provide their own firewall so you dont need OS X's firewall at that point. For a home user, using a Mac and a router, there is really no reason for a firewall. The latest test showed that while Linux and Windows were more than hackable, OS X and BSD was as secure as you can get and in that particular test remained unhacked. Using OS X isnt like using Windows. You dont need to be super paranoid about someone breaking in.
0
 
LVL 9

Assisted Solution

by:heteronymous
heteronymous earned 100 total points
ID: 10783926
Sure, the built-in firewall can provide adequate security. The GUI (Sharing panel) doesn't lend itself to filtering out-going packets, but the built-in Unix-level firewall daemon ipfw does allow for this.

You can work with it (ipfw) in the command-line if you feel courageous. I would say do NOT start there if you're completely new to Unix command-line work.

What it comes down to is how paranoid you want to be about it.

For starters, with OS X, things are shut off that you want off. Don't run FTP, and if you don't need it, don't startup/run Windows sharing. Remote login is off by default on 10.3 client (but it's SSH not Telnet which is a good thing)

You can use the Shareware products Brickhouse or FirewalkX ...

but your best bet is a Router with Firewall features. Asante has a nice affordable one (FR1000-series), with incoming and outgoing packet filtering. I've not used other products at home -  many people swear by Linksys, and many models are fine but keep in mind some of them require Windows software for the initial setup. Make sure it has built-in web-based configuration (the Asante does).

Looking at my Asante Router/Firewall log, would-be h@xxor kiddies scan my system all the time, but by-and-large they're looking for ports used by Microsoft products.

0
 

Author Comment

by:benomoro
ID: 10804283
Hey,

thanks for the prompt response. You both provided the information I was after + reassurance that the Os X world is safer...

Cheers.
0

Featured Post

Enroll in August's Course of the Month

August's CompTIA IT Fundamentals course includes 19 hours of basic computer principle modules and prepares you for the certification exam. It's free for Premium Members, Team Accounts, and Qualified Experts!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

SUMMARY Enterprise backup in a heterogeneous network is a subject full of complications and restrictions. Issues such as filename & path structure, attributes and extended metadata always tend to complicate the subject to the extent where either …
Worried about if Apple can protect your documents, photos, and everything else that gets stored in iCloud? Read on to find out what Apple really uses to make things secure.
Visualize your data even better in Access queries. Given a date and a value, this lesson shows how to compare that value with the previous value, calculate the difference, and display a circle if the value is the same, an up triangle if it increased…
In this video, Percona Solutions Engineer Barrett Chambers discusses some of the basic syntax differences between MySQL and MongoDB. To learn more check out our webinar on MongoDB administration for MySQL DBA: https://www.percona.com/resources/we…
Suggested Courses

743 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question