PDA

View Full Version : Firewalls


JzzTrump22
Aug 9, 2004, 04:16 PM
Are there any firewall programs out there for free? I just turned my firewall on now in my powerbook. Is this a good enough firewall to protect me from people watching my every move? Not only hackers (which i'm not concerned about) but other people like Optimum Online. Are there any programs that are free? Or is Norton the best one for this? I will invest the money in Norton if it is worth it.

emw
Aug 9, 2004, 04:21 PM
Are you broadband or dial-up? If broadband, you may want to look into a router that provides good firewall protection (wired versions can generally be had for about $50).

I've run Norton, and I liked it, but I really completely on my router at this point.

JzzTrump22
Aug 9, 2004, 05:52 PM
I have a 4 port router by linksys (non-wireless). That should be plenty. But i am going away to college and i don't think the firewall that comes with the computer is strong enough to block out everything. My roomate who has been going to school already said according his norton internet security (pc) the school tried to hack his computer atleast 8-10 times a day over the past 2 years. THATS INSANE!!!! So i don't want to rely just on the built-in firewall. I really need a good program to protect me from the damn school. They try and find out every little detail thats on your machine. It's actually a bit rediculous. But if you don't want to get busted downloading music and other things, i would really need a good security program. So is Norton the way to go or is there something better?

emw
Aug 9, 2004, 06:05 PM
I have a 4 port router by linksys (non-wireless). That should be plenty. But i am going away to college and i don't think the firewall that comes with the computer is strong enough to block out everything. My roomate who has been going to school already said according his norton internet security (pc) the school tried to hack his computer atleast 8-10 times a day over the past 2 years. THATS INSANE!!!! So i don't want to rely just on the built-in firewall. I really need a good program to protect me from the damn school. They try and find out every little detail thats on your machine. It's actually a bit rediculous. But if you don't want to get busted downloading music and other things, i would really need a good security program. So is Norton the way to go or is there something better?

Something like Norton, which is very good, can keep people out of your system. But if you're downloading things you shouldn't, there's a trail outside of your computer that you can't control...

aswitcher
Aug 9, 2004, 06:10 PM
Something like Norton, which is very good, can keep people out of your system. But if you're downloading things you shouldn't, there's a trail outside of your computer that you can't control...

I thought Norton dropped the Mac or is that only the utilities stuff?

jsw
Aug 9, 2004, 06:16 PM
Pretty much any of the Linksys routers (and probably most others) can stop everything except what you specify from getting through. Generally, setting up one of those, along with your Mac's built-in firewall, should be sufficient.

Also, I've seen good reviews of Impasse (http://www.glu.com/products/impasse/index.html), which is only $10.

JzzTrump22
Aug 9, 2004, 06:52 PM
A friend of mine metioned impasse. Mabey i'll give it a shot. Do you think if i called apple they would tell me whats better to use?

LeeTom
Aug 9, 2004, 07:21 PM
The firewall built into OS X is very good.

Lee Tom

jsw
Aug 9, 2004, 07:26 PM
A friend of mine metioned impasse. Mabey i'll give it a shot. Do you think if i called apple they would tell me whats better to use?
I doubt it - beyond recommending the built-in firewall. Of course, you could give it a try!

King Cobra
Aug 9, 2004, 08:58 PM
Do you think if i called apple they would tell me whats better to use?
Ha! That would be like going to a free food stand and asking the food provider where you can get better hamburgers. Bad idea. :D

I just turned on my X Firewall... I have such an unhackable combination: Using a Mac, with a built-in firewall, and a non-static (dial-up) IP. You know where it is right? System Preferences > Sharing

yellow
Aug 9, 2004, 09:21 PM
ipfw is an excellent packet filter. Quite customizable and quite strong. My suggestion is to learn to use it via the command line (http://www3.sympatico.ca/dccote/firewall.html). If you cannot do that, use something GUIfied control like Brickhouse or SunShield. DO NOT USE THE BUILT-IN APPLE CONTROL. It sucks. You loose half of the most important parts of the packet filer!
1) No Logging! Come ON Apple!
2) No IP based accept/deny. It's port open/closed to the entire world. All or nothing, no control. That is worthless.
Couple this with a decent NIDS like snort (HenWen, a GUI for the CLI-challenged), and strong passwords, and you should be off to a great start.

I think your roommate should check again. I SERIOUSLY doubt that your future school is actively trying to HACK/CRACK your system. There's a HUGE difference between hacking/cracking and port scanning for viruses, P2P, and colossal security vulnerabilities.

yellow
Aug 9, 2004, 09:33 PM
I should also note that since you're hanging off their network, they have pretty much every right to ensure that their policies are being upheld, thereby keeping them out of legal & security hot-water.

GigaWire
Aug 9, 2004, 11:06 PM
I think your roommate should check again. I SERIOUSLY doubt that your future school is actively trying to HACK/CRACK your system. There's a HUGE difference between hacking/cracking and port scanning for viruses, P2P, and colossal security vulnerabilities.

I agree it is more likely security measures doing their rounds, or bored admins having fun, however just because it is a school computer, does not mean it is controlled by an innocuous staff member.

york2600
Aug 9, 2004, 11:31 PM
I have a 4 port router by linksys (non-wireless). That should be plenty. But i am going away to college and i don't think the firewall that comes with the computer is strong enough to block out everything. My roomate who has been going to school already said according his norton internet security (pc) the school tried to hack his computer atleast 8-10 times a day over the past 2 years. THATS INSANE!!!! So i don't want to rely just on the built-in firewall. I really need a good program to protect me from the damn school. They try and find out every little detail thats on your machine. It's actually a bit rediculous. But if you don't want to get busted downloading music and other things, i would really need a good security program. So is Norton the way to go or is there something better?

Your friends computer is reporting bogus "attacks". The makers of these programs like to hype up legitimate activity and call it an "attack" so that you feel like your $50 was well spent. I've done tech support at a university and we constantly have people that come saying they've been hacked because everytime someone opens up the network neighborhood it sends out requests to their computer and the stupid firewalls think it's a hack. If you have XP turn on the firewall. If you have OS X turn on the firewall. That's all you need. More advanced solutions are only really needed if you need exceptions to the firewall for local lans or for certain funky setups.

JzzTrump22
Aug 10, 2004, 08:10 AM
Your friends computer is reporting bogus "attacks". The makers of these programs like to hype up legitimate activity and call it an "attack" so that you feel like your $50 was well spent. I've done tech support at a university and we constantly have people that come saying they've been hacked because everytime someone opens up the network neighborhood it sends out requests to their computer and the stupid firewalls think it's a hack. If you have XP turn on the firewall. If you have OS X turn on the firewall. That's all you need. More advanced solutions are only really needed if you need exceptions to the firewall for local lans or for certain funky setups.

Would the firewall that comes in OS X be powerfull enoughh to block the school from seeing p2p apps in use also? I do download some songs every once in a while and i don't want to get busted for a few songs. (This i sthe part where everyone starts saying "well if you don't want to get in trouble don't do anything illegal" blah, blah, blah.

jsw
Aug 10, 2004, 08:19 AM
Would the firewall that comes in OS X be powerfull enoughh to block the school from seeing p2p apps in use also? I do download some songs every once in a while and i don't want to get busted for a few songs. (This i sthe part where everyone starts saying "well if you don't want to get in trouble don't do anything illegal" blah, blah, blah.
Well if you don't want to get in trouble don't do anything illegal.

Seriously, no, they won't help - firewalls block unwanted intrusions into your system. They cannot hide the fact that you're sending out port requests which are necessary to connect to P2P networks. So, while a firewall can stop someone from probing your system, if that "someone" runs the network you use, they can see that your outbound traffic is going to P2P sites, and they can see every single byte that you download to your system. It's kind of like how locking your door keeps people out, but doesn't stop the neighbors from seeing who's coming and going.

yellow
Aug 10, 2004, 09:24 AM
It's kind of like how locking your door keeps people out, but doesn't stop the neighbors from seeing who's coming and going.

Good analogy for the topic at hand, jsw.

JzzTrump22
Aug 10, 2004, 12:48 PM
But it will protect me from the school actually seeing whats on my computer. Not what i'm downloading but whats already there. Correct?

LeeTom
Aug 10, 2004, 12:53 PM
The University technically doesn't have the right to see what's on your computer anyway, and I'm sure they're not trying to check thousands of kids' computers for music or porn or something. They have better things to do.

That being said, turning on the OS X firewall is a good thing to do anyway, just for safety's sake.

Lee Tom

yellow
Aug 10, 2004, 01:02 PM
But it will protect me from the school actually seeing whats on my computer. Not what i'm downloading but whats already there. Correct?

I think you're confused by what a firewall/packet filter actually does..

A firewall/packet filter is used to protect/filter the network services (like SMTP, ssh, POP, FTP, file sharing, PTP, etc) on your computer from those on the network (and also can be used to filter outgoing packets as well). Not using a firewall doesn't mean that people can "see" all the files that are on your computer.

The only way that can happen over the network is if you use file-sharing and have your entire hard drive available for perusal (bad idea). Or, run an FTP server and don't use chroot (bad idea). Or, you've been compromised and someone is sshing to your computer (bad idea). There's more, but you get the gist.

So, just because you don't have a firewall running doesn't mean that people can, by default, "see" all the files on your computer.

That being said, as I noted above, learn how to use ipfw on the command line.

JzzTrump22
Aug 10, 2004, 01:46 PM
I have no idea what ipfw is. Or how to use it.

jsw
Aug 10, 2004, 01:55 PM
ipfw = "IP Firewall". In Terminal, do a "man ipfw" for details.

Frankly, I think it's a pain in the butt to manage manually, esp. since there are a number of cheap but functional GUI's for it (I think Impasse (http://www.glu.com/products/impasse/index.html) sits on top of it, for example).

yellow
Aug 10, 2004, 01:55 PM
ipfw is the built-in packet filter. Please read my first post (far) above.

jsw
Aug 10, 2004, 02:01 PM
Of course, for all your sensitive files, you can do the Disk Image "New Image" trick, where you open up Disk Image, click on the "New Image" icon (toolbar in the main window), set the size to something usably big, the format to read/write (the default), and the encryption to AES-128. Be sure to uncheck the option to save your password in your Keychain (in the popup asking for a password after you select "Create" for the image), else anyone who walks by while you're logged in can open that image.

Then, open it when you want, enter the password, and you're set to use those files contained therein until you close the folder and eject it. Then, they're safely password protected again.

You might even be able to set up iTunes to use that folder for your music, but I haven't tried that.

jsw
Aug 10, 2004, 02:04 PM
ipfw is the built-in packet filter. Please read my first post (far) above.
I hope you weren't offended by my belief that it's a pain, yellow. ipfw is very powerful. I just think it's a hassle to use it unless you know what you're doing, esp. since, as you wrote, there are GUIs that sit on top of it.

yellow
Aug 10, 2004, 02:16 PM
I hope you weren't offended by my belief that it's a pain, yellow.

Nope, not at all, jsw. I believe it depends on one's comfort in the CLI, and the necessity, and possibly one's "geek-titude". For me, I have many (many, many, many) OSX boxes that I am responsible for and need to be able to edit the firewall remotely. So I got to learn all about ipfw. Luckily I was already vaguely aquatinted with ipf, and ipchains. For me it's an invaluable tool and I'd much prefer the granular control I have via the command line over a GUIfied control (which in some instances would mean I have to get up and waddle my fat @$$ to a computer in Outter East Nowhere, just to do a simple task with the firewall). Plus, I am a strong believer that one should have a passing knowledge of just what the hell one is doing when protecting a machine. But as we both mentioned, there's plenty of GUI front-ends for it.

I just want to make sure that anyone who might read this in the future realizes that the GUI control that Apple threw in is completely and utterly worthless!! For you future reader (hello from the past!), I IMPLORE you to use some alternate method of controlling ipfw!!!