Hi there,

I just have a quick question regarding the built-in firewall in Tiger. Basically, after upgrading from Panther, I noticed there's some new options under the 'Advanced' tab i.e. 'Block UDP Traffic' and 'Enable Stealth Mode'. Since these were configured "off" by default, I just wondered if there's any drawbacks to switching them on - since it seems they'd certainly make my machine more secure. Might they interfere with legitimate traffic in some way?

Any help would be appreciated.

I always have them turned on and I haven't yet experienced any problems. So, go ahead and turn them on and know your computer is as safe as it can be.

Claire

Hi there,

I just have a quick question regarding the built-in firewall in Tiger. Basically, after upgrading from Panther, I noticed there's some new options under the 'Advanced' tab i.e. 'Block UDP Traffic' and 'Enable Stealth Mode'. Since these were configured "off" by default, I just wondered if there's any drawbacks to switching them on - since it seems they'd certainly make my machine more secure. Might they interfere with legitimate traffic in some way?

UDP didn't used to be thought of as a likely route of attack, so firewalls tended to focus on TCP. Some network protocols use UDP, so if you've selected the "block UDP" option you'll need to be sure to enable specific UDP ports if you use those protocols (e.g. certain VPNs, older-style Windows shares, etc.). Blocking UDP can also mean your computer won't show up when someone is browsing the network legitimately, which may or may not matter to you (again, if you open the right ports up this isn't an issue anyway).

Go ahead and turn it on, but remember that you've done it - that way if something breaks over the next week or so, you'll likely know why.

Thanks for both your replies. You're right - I should just turn those options on and see if anything breaks. Luckily, I don't run a network so hopefully there won't be any problems with UDP.

Fingers crossed and thanks again.

Stealth mode means that your computer will ignore (drop) packets to closed ports. Normally the computer would respond with a "port closed".