Firewall??

Discussion in 'General Mac Discussion' started by hesdeadjim, Sep 5, 2002.

  1. hesdeadjim macrumors regular

    Joined:
    Jul 17, 2002
    Location:
    Austin, TX
    #1
    I have a new Powerbook G4 800 Mhz on the way (in fact it should be here Friday :D:D:D:D:D), but I've read that there are a lot of security issues when using the Airport card on a wireless network. Now the campus here says that they have firewalls put into place, and that no problems have been reported, but the network is brand new and actually it is just being put into regular use. I'm just wondering how many Airport users out there have had any problems with security?

    If I think it is an issue, I'm thinking about getting a personal firewall. I read the recent Macworld and it named a few, but I was wondering what the best was? Would a personal firewall help?

    Thanks everyone.
     
  2. kishba macrumors 6502a

    kishba

    Joined:
    Dec 11, 2001
    Location:
    Michigan
    #2
    i've been experimenting with the jagaur firewall and i've decided to just use it

    i added a custom port for AIM and that's it... so far it looks like it's pretty powerful and simple... and free :)

    in the next few weeks look for a more in-depth review/story on firewalls on http://www.ambitiouslemon.com/

    ps i have a new powerbook 800 as well and love using airport with it :)
     
  3. rainman::|:| macrumors 603

    rainman::|:|

    Joined:
    Feb 2, 2002
    Location:
    iowa
    #3
    i don't have a great deal of experience with Airport, but i helped a small town set up a city-wide wireless network, which is very close to the same thing. Our initial impressions, and keep in mind this was a couple of years ago, were that the technology was remarkably secure without additional modification. Basically, i think the worst thing you could reasonably worry about is someone "listening" in on your connection-- a wireless packet sniffer of sorts... but then if someone goes to that trouble, a firewall probably won't do anything. If i were you, the only thing i'd do differently is to make sure any passwords you send are encrypted, and maybe use credit cards on a land-line if you're worried...

    that being said, i use BrickHouse as my firewall... it seems to work seamlessly with X.1 (i might get jaguar saturday tho!) and does it's job pretty well. I don't actually need a firewall, but it's still nice to have...

    :)
    pnw
     
  4. evildead macrumors 65816

    evildead

    Joined:
    Jun 18, 2001
    Location:
    WestCost, USA
    #4
    firewalls

    I like the new Norton Personal firewall 2.0. Its much beter than the older version of it.. and it runs in X.

    NetBarrier has come a long way as well. I have not used it in a while but I have seen some of the recent build of it and it looks great. There are a lot of features that you will probably never need or even want to know about. I have seen it running in millitary facilities.

    Norton is simple and it has some more advanced features as well... incase you want to really get into it.

    -evildead
     
  5. hesdeadjim thread starter macrumors regular

    Joined:
    Jul 17, 2002
    Location:
    Austin, TX
    #5
    Thanks

    Thanks everyone, I'll keep your suggestions in mine. Actually I didn't know that Jaguar had a built in firewall. Is there anything you need to do to set it up?
     
  6. irmongoose macrumors 68030

    irmongoose

    Joined:
    Dec 3, 2001
    Location:
    Sometimes Tokyo, sometimes California
    #6
    Re: Thanks

    Nope. It's just a simple click in the System Preferences.

    Good ol' Apple. :D




    irmongoose
     
  7. Telomar macrumors regular

    Joined:
    Aug 31, 2002
    #7
    I'd encourage NetBarrier from Intego if you want a commercial firewall.
     
  8. bousozoku Moderator emeritus

    Joined:
    Jun 25, 2002
    Location:
    Gone but not forgotten.
    #8
    I also like NetBarrier as it does domain filtering, i.e. getting rid of advertisements. However, it refuses to communicate with the control application from time to time.

    If you've read the recent Ars Technica article on Jaguar, you'll have seen that the Jaguar interface to the firewall works well for simple situations, but not for those which are complex, which average users should not see.
     
  9. sparkleytone macrumors 68020

    sparkleytone

    Joined:
    Oct 28, 2001
    Location:
    Greensboro, NC
    #9
    first of all, the jaguar firewall is as complex as you want it to be, but it only has a few GUI options. get a third party front end for the actualy ipfw and you can open up the power of it.

    secondly, a firewall is just not going to protect what you should be afraid of. this is what has been touched upon already, packet sniffing and such. the traffic can be grabbed, processed and decoded if someone is willing to put the time and energy into it. this means sensitive information can be compromised such as credit card #s etc. this does not mean someone can break into your computer and mess with things, however. it depends on the type of security you are looking for.

    i trust my wireless network at home, but i would never trust a university "public" network. just too much chance.
     
  10. peterjhill macrumors 65816

    peterjhill

    Joined:
    Apr 25, 2002
    Location:
    Seattle, WA
    #10
    It is highly unlikely that your Univerisity is using one of the newer protocols, like PEAP, to provide any reliable security to the wireless networks. If they are using WEP, then everyone on campus has the key. What if everyone on campus had the key to your dorm, would you feel safe? With PEAP, everyone has their own dynamically assigned key that is unique per user, and changes every so many minutes or hours.

    So, anyone running tcpdump or ethereal (or tethereal) is able to sniff any passwords that you send either via telnet or via mail.app to servers that are using plain-text encryption with no ssl.

    For these kind of things, there is no firewall in the world that will protect you. I don't think that you really need to worry too much about firewalls, as much as know that you should use ssh instead of telnet.

    If you are using ftp to copy things to and from some network storage account, you should use scp instead.

    These are pretty easy things to use, just open a terminal and type man scp or man ssh. All you really need is the syntax of the commands.
     

Share This Page