Quick Tiger firewall question...

Discussion in 'macOS' started by doowrehs, Nov 16, 2006.

  1. doowrehs macrumors regular

    Oct 14, 2004
    Hi there,

    I just have a quick question regarding the built-in firewall in Tiger. Basically, after upgrading from Panther, I noticed there's some new options under the 'Advanced' tab i.e. 'Block UDP Traffic' and 'Enable Stealth Mode'. Since these were configured "off" by default, I just wondered if there's any drawbacks to switching them on - since it seems they'd certainly make my machine more secure. Might they interfere with legitimate traffic in some way?

    Any help would be appreciated.
  2. clairejr macrumors newbie

    Mar 10, 2005
    I always have them turned on and I haven't yet experienced any problems. So, go ahead and turn them on and know your computer is as safe as it can be.

  3. Westside guy macrumors 601

    Westside guy

    Oct 15, 2003
    The soggy side of the Pacific NW
    UDP didn't used to be thought of as a likely route of attack, so firewalls tended to focus on TCP. Some network protocols use UDP, so if you've selected the "block UDP" option you'll need to be sure to enable specific UDP ports if you use those protocols (e.g. certain VPNs, older-style Windows shares, etc.). Blocking UDP can also mean your computer won't show up when someone is browsing the network legitimately, which may or may not matter to you (again, if you open the right ports up this isn't an issue anyway).

    Go ahead and turn it on, but remember that you've done it - that way if something breaks over the next week or so, you'll likely know why.
  4. doowrehs thread starter macrumors regular

    Oct 14, 2004
    Thanks for both your replies. You're right - I should just turn those options on and see if anything breaks. Luckily, I don't run a network so hopefully there won't be any problems with UDP.

    Fingers crossed and thanks again.
  5. Transeau macrumors 6502a


    Jan 18, 2005
    Alta Loma, CA
    Stealth mode means that your computer will ignore (drop) packets to closed ports. Normally the computer would respond with a "port closed".

Share This Page