Mac firewall capabilities ?

Discussion in 'Mac Basics and Help' started by Bismarck, Nov 9, 2006.

  1. Bismarck macrumors newbie

    Joined:
    Oct 18, 2006
    #1
    I have a question about the Mac's firewall. I have yet to place my order for a first Mac.

    There are firewalls and there are firewalls. Windows XP now comes with one built in, but from what I can see (and I'm not an XP expert), the XP firewall doesn't do as much as what ZoneAlarm does. I installed ZoneAlarm on my Win2000 box, and it allows me to check outgoing traffic. If a program that I installed wants to talk to the net, a popup will warn me and ask if it's OK. Unless I know why and I want it to, I can say no, and I can tell ZA to always say no to that program. So if I bought a program from a legit company who wants to be nosy, I can tell them to kiss off. The XP firewall does not appear to guard against outgoing traffic.

    So I wonder about Mac's firewall. Does it do anything like what I described ZoneAlarm doing ?
     
  2. 2nyRiggz macrumors 603

    2nyRiggz

    Joined:
    Aug 20, 2005
    Location:
    Thank you Jah...I'm so Blessed
    #2
  3. bushfrog macrumors member

    Joined:
    Sep 23, 2006
    #3
    As far as i know macs are pretty bullet proof !

    I would switch on the MAC firewall,, and any ports you want open you can very simply .

    If your concerned you could get a firewall like 'brickhouse' thats supposed to be good, but im happy with the MAC firewell.

    A matter of personal preference !
     
  4. Porco macrumors 68020

    Porco

    Joined:
    Mar 28, 2005
    #4
    The Mac's firewall is pretty decent I think, (what with UDP blocking and Stealth mode in the advanced options, in addition to firewall logging).

    As for checking when apps connect to the net etc, it sounds something like Little Snitch might be what you are after(?).
     
  5. bousozoku Moderator emeritus

    Joined:
    Jun 25, 2002
    Location:
    Gone but not forgotten.
    #5
    NetBarrier is the most complete firewall for Macs that I've seen or used. It can display information about processes with communications. It had warned me of several PING attacks and with a click of a button, squelched them without having to edit anything.

    I had an issue or two with customer service and you have to wait for their developers to catch up with Apple's updates, but they did a great job.
     
  6. Peterkro macrumors 68020

    Peterkro

    Joined:
    Aug 17, 2004
    Location:
    Communard de Londres
    #6
    As mentioned Little Snitch is your man (er? Girl)
     
  7. mkrishnan Moderator emeritus

    mkrishnan

    Joined:
    Jan 9, 2004
    Location:
    Grand Rapids, MI, USA
    #7
    Little Snitch does seem to be the best for this, above and beyond pssh not running suspect apps. :D

    But I wonder... does the ipfw in Darwin actually have outgoing firewall capabilities that are not implemented in the OS X GUI, or is it a purely incoming firewall by design?
     
  8. Bismarck thread starter macrumors newbie

    Joined:
    Oct 18, 2006
    #8
    That's exactly what I was thinking. Thanks!
     
  9. r6girl Administrator/Editor

    r6girl

    Staff Member

    Joined:
    Sep 6, 2003
    Location:
    Massachusetts
    #9
    actually, brickhouse (which has been renamed to flying buttress now, btw) is simply a more advance GUI for the built-in firewall in OS X with more configuration options. it is not a separate firewall program in itself...

    it does work quite well - i've used it though have yet to install it on my new macbook...
     
  10. reubs macrumors 68000

    Joined:
    Jun 22, 2006
    #10
    Just saw something about Little Snitch in someone's thread about a System Prefs visual problem. But now my question is about Little Snitch. What exactly does this program do, and is it something I should look into? how does it differ form the built-in firewall for OS X?
     
  11. bitabytex macrumors member

    Joined:
    Oct 26, 2006
    #11
    It basically snitches out programs that try to call home or try to access the internet (basically like Zone Alarm). I've used it, and from minor bugs in the past, it's been a great piece of software. As for the OSX firewall, it only blocks incoming requests, not outgoing. So if you have Little Snitch installed, it will tell you exactly what is trying to go out, and whether you want to block it, while the OSX firewall blocks the incoming requests.
     
  12. ddekker macrumors regular

    Joined:
    Sep 23, 2006
    Location:
    Michigan
    #12
    I don't know much..lol... but a router (aka hardware firewall) handles incoming requests, and outgoing requests would have to be handled by a upper end hardware firewall or a software firewall (like zone alarm) but I feel that outgoing requests are mainly done by spyware or virus crap, granted both can happen on a mac (contrary to popular belief) but the platform is so small and not targeted yet so there seems to be little need for a software firewall, simular with linux, if it sits behind a router its fairly safe at this point... our corporate network sits behind a hotbrick router/firewall but I have placed unit in DMZ for a period just to see what happens (I ran a linux box on DMZ for over a year with no issues, along with a windows 2003 server for a good 9 months) again, just to see what happens... nothing zip zero notta... lol..

    DD
     
  13. MSM Hobbes macrumors 6502

    Joined:
    Aug 25, 2006
    Location:
    NE Hoosierana
    #13
    Conflict?

    Since there is a firewall in the router [Netgear] I'm using, and if I am reading the Apple docs correctly, the internal Apple firewalls in my C2D's iMac & MB should both be turned off? Will it hurt performance or what if the Apple firewall is turned on too?

    But, as ddekker mentioned, the router firewall is mainly for incoming - leaving then the Apples naked to outgoing nasties. Even tho' the threat is relatively very low, IF a person wanted, then looks like NetBarrier is best recommended firewall addition, and then also use Little Snitch to monitor the entire system?

    My iMac is ethernet, and the MB is wireless, FWIW.
     
  14. bitabytex macrumors member

    Joined:
    Oct 26, 2006
    #14
    If you have a router, I recommend leaving the Apple firewall off, for lag purposes. Also, I wouldn't have both Netbarrier and Little Snitch installed; the router will block the incoming requests, and Little Snitch will ask about the outgoing, leaving you to decide whether the application should try to connect somewhere.

    edit: As for buying and using Netbarrier, I would sway away from it. It seems kinda useless right now (no viruses made, already have a router). Little Snitch and the router you have should work just fine. But that's just my opinion, yours may vary.
     
  15. iW00t macrumors 68040

    iW00t

    Joined:
    Nov 7, 2006
    Location:
    Defenders of Apple Guild
  16. djdawson macrumors member

    djdawson

    Joined:
    Apr 28, 2005
    Location:
    Minnesota
    #16
    Yes, the OS X firewall (which is actually "ipfw") is rather robust and can filter outbound traffic as well as inbound. It cannot easily prompt you when it sees new outbound traffic like Little Snitch does, but an industrious programmer could probably add that feature via the ipfw "divert" feature.
     
  17. mkrishnan Moderator emeritus

    mkrishnan

    Joined:
    Jan 9, 2004
    Location:
    Grand Rapids, MI, USA
    #17
    I do kind of wish that Apple would implement something like that in the OS X GUI / sys prefs level of control over ipfw. Although realistically, I guess I only use trusted software and am not overly concerned about when/if the things I use -- Apple's software, MS Office, Firefox, Adium, Photoshop, etc, communicate with the outside world. And I guess that from a managed user standpoint, it's sufficient for me merely to limit what programs they can access, and at that point, it again becomes a non-issue.
     
  18. MSM Hobbes macrumors 6502

    Joined:
    Aug 25, 2006
    Location:
    NE Hoosierana
    #18
    Thanks for the note - Curious, I guess then that the Netgear router and the Apple internal firewall are just as 'strong' as the other?

    Will check out the Little Snitch. :)
     
  19. bitabytex macrumors member

    Joined:
    Oct 26, 2006
    #19
    Yes, both routers and Apple's internal firewall are as "strong" as the other.
     
  20. emptyCup macrumors 65816

    emptyCup

    Joined:
    Jan 5, 2005
    #20
    I think too much reporting would just scare the average user. Take a look at System Preferences > Sharing > Firewall > Advanced > Log sometime and see how much crap hits the machine. Combine that with outbound reporting and the average person either stops using the computer or gives permission to everything because he can't decide what to do.

    BTW, Little Snitch runs free for 3 hours on restart so you see if it is something you want before buying it.
     

Share This Page