Firewalls

Discussion in 'General Mac Discussion' started by JzzTrump22, Aug 9, 2004.

  1. macrumors 65816

    #1
    Are there any firewall programs out there for free? I just turned my firewall on now in my powerbook. Is this a good enough firewall to protect me from people watching my every move? Not only hackers (which i'm not concerned about) but other people like Optimum Online. Are there any programs that are free? Or is Norton the best one for this? I will invest the money in Norton if it is worth it.
     
  2. emw
    macrumors G4

    emw

    #2
    Are you broadband or dial-up? If broadband, you may want to look into a router that provides good firewall protection (wired versions can generally be had for about $50).

    I've run Norton, and I liked it, but I really completely on my router at this point.
     
  3. macrumors 65816

    #3
    I have a 4 port router by linksys (non-wireless). That should be plenty. But i am going away to college and i don't think the firewall that comes with the computer is strong enough to block out everything. My roomate who has been going to school already said according his norton internet security (pc) the school tried to hack his computer atleast 8-10 times a day over the past 2 years. THATS INSANE!!!! So i don't want to rely just on the built-in firewall. I really need a good program to protect me from the damn school. They try and find out every little detail thats on your machine. It's actually a bit rediculous. But if you don't want to get busted downloading music and other things, i would really need a good security program. So is Norton the way to go or is there something better?
     
  4. emw
    macrumors G4

    emw

    #4
    Something like Norton, which is very good, can keep people out of your system. But if you're downloading things you shouldn't, there's a trail outside of your computer that you can't control...
     
  5. macrumors 603

    aswitcher

    #5
    I thought Norton dropped the Mac or is that only the utilities stuff?
     
  6. jsw
    Moderator emeritus

    jsw

    #6
    Pretty much any of the Linksys routers (and probably most others) can stop everything except what you specify from getting through. Generally, setting up one of those, along with your Mac's built-in firewall, should be sufficient.

    Also, I've seen good reviews of Impasse, which is only $10.
     
  7. macrumors 65816

    #7
    A friend of mine metioned impasse. Mabey i'll give it a shot. Do you think if i called apple they would tell me whats better to use?
     
  8. macrumors 68000

    LeeTom

    #8
    The firewall built into OS X is very good.

    Lee Tom
     
  9. jsw
    Moderator emeritus

    jsw

    #9
    I doubt it - beyond recommending the built-in firewall. Of course, you could give it a try!
     
  10. macrumors 603

    #10
    Ha! That would be like going to a free food stand and asking the food provider where you can get better hamburgers. Bad idea. :D

    I just turned on my X Firewall... I have such an unhackable combination: Using a Mac, with a built-in firewall, and a non-static (dial-up) IP. You know where it is right? System Preferences > Sharing
     
  11. Moderator

    yellow

    Staff Member

    #11
    ipfw is an excellent packet filter. Quite customizable and quite strong. My suggestion is to learn to use it via the command line. If you cannot do that, use something GUIfied control like Brickhouse or SunShield. DO NOT USE THE BUILT-IN APPLE CONTROL. It sucks. You loose half of the most important parts of the packet filer!
    1) No Logging! Come ON Apple!
    2) No IP based accept/deny. It's port open/closed to the entire world. All or nothing, no control. That is worthless.
    Couple this with a decent NIDS like snort (HenWen, a GUI for the CLI-challenged), and strong passwords, and you should be off to a great start.

    I think your roommate should check again. I SERIOUSLY doubt that your future school is actively trying to HACK/CRACK your system. There's a HUGE difference between hacking/cracking and port scanning for viruses, P2P, and colossal security vulnerabilities.
     
  12. Moderator

    yellow

    Staff Member

    #12
    I should also note that since you're hanging off their network, they have pretty much every right to ensure that their policies are being upheld, thereby keeping them out of legal & security hot-water.
     
  13. macrumors 6502

    #13
    I agree it is more likely security measures doing their rounds, or bored admins having fun, however just because it is a school computer, does not mean it is controlled by an innocuous staff member.
     
  14. macrumors regular

    #14
    Your friends computer is reporting bogus "attacks". The makers of these programs like to hype up legitimate activity and call it an "attack" so that you feel like your $50 was well spent. I've done tech support at a university and we constantly have people that come saying they've been hacked because everytime someone opens up the network neighborhood it sends out requests to their computer and the stupid firewalls think it's a hack. If you have XP turn on the firewall. If you have OS X turn on the firewall. That's all you need. More advanced solutions are only really needed if you need exceptions to the firewall for local lans or for certain funky setups.
     
  15. macrumors 65816

    #15
    Would the firewall that comes in OS X be powerfull enoughh to block the school from seeing p2p apps in use also? I do download some songs every once in a while and i don't want to get busted for a few songs. (This i sthe part where everyone starts saying "well if you don't want to get in trouble don't do anything illegal" blah, blah, blah.
     
  16. jsw
    Moderator emeritus

    jsw

    #16
    Well if you don't want to get in trouble don't do anything illegal.

    Seriously, no, they won't help - firewalls block unwanted intrusions into your system. They cannot hide the fact that you're sending out port requests which are necessary to connect to P2P networks. So, while a firewall can stop someone from probing your system, if that "someone" runs the network you use, they can see that your outbound traffic is going to P2P sites, and they can see every single byte that you download to your system. It's kind of like how locking your door keeps people out, but doesn't stop the neighbors from seeing who's coming and going.
     
  17. Moderator

    yellow

    Staff Member

    #17
    Good analogy for the topic at hand, jsw.
     
  18. macrumors 65816

    #18
    But it will protect me from the school actually seeing whats on my computer. Not what i'm downloading but whats already there. Correct?
     
  19. macrumors 68000

    LeeTom

    #19
    The University technically doesn't have the right to see what's on your computer anyway, and I'm sure they're not trying to check thousands of kids' computers for music or porn or something. They have better things to do.

    That being said, turning on the OS X firewall is a good thing to do anyway, just for safety's sake.

    Lee Tom
     
  20. Moderator

    yellow

    Staff Member

    #20
    I think you're confused by what a firewall/packet filter actually does..

    A firewall/packet filter is used to protect/filter the network services (like SMTP, ssh, POP, FTP, file sharing, PTP, etc) on your computer from those on the network (and also can be used to filter outgoing packets as well). Not using a firewall doesn't mean that people can "see" all the files that are on your computer.

    The only way that can happen over the network is if you use file-sharing and have your entire hard drive available for perusal (bad idea). Or, run an FTP server and don't use chroot (bad idea). Or, you've been compromised and someone is sshing to your computer (bad idea). There's more, but you get the gist.

    So, just because you don't have a firewall running doesn't mean that people can, by default, "see" all the files on your computer.

    That being said, as I noted above, learn how to use ipfw on the command line.
     
  21. macrumors 65816

    #21
    I have no idea what ipfw is. Or how to use it.
     
  22. jsw
    Moderator emeritus

    jsw

    #22
    ipfw = "IP Firewall". In Terminal, do a "man ipfw" for details.

    Frankly, I think it's a pain in the butt to manage manually, esp. since there are a number of cheap but functional GUI's for it (I think Impasse sits on top of it, for example).
     
  23. Moderator

    yellow

    Staff Member

    #23
    ipfw is the built-in packet filter. Please read my first post (far) above.
     
  24. jsw
    Moderator emeritus

    jsw

    #24
    Of course, for all your sensitive files, you can do the Disk Image "New Image" trick, where you open up Disk Image, click on the "New Image" icon (toolbar in the main window), set the size to something usably big, the format to read/write (the default), and the encryption to AES-128. Be sure to uncheck the option to save your password in your Keychain (in the popup asking for a password after you select "Create" for the image), else anyone who walks by while you're logged in can open that image.

    Then, open it when you want, enter the password, and you're set to use those files contained therein until you close the folder and eject it. Then, they're safely password protected again.

    You might even be able to set up iTunes to use that folder for your music, but I haven't tried that.
     
  25. jsw
    Moderator emeritus

    jsw

    #25
    I hope you weren't offended by my belief that it's a pain, yellow. ipfw is very powerful. I just think it's a hassle to use it unless you know what you're doing, esp. since, as you wrote, there are GUIs that sit on top of it.
     

Share This Page