SECURITY question!

Discussion in 'General Mac Discussion' started by Mr. Monsieur, May 20, 2004.

  1. macrumors 6502

    Joined:
    Apr 21, 2004
    #1
    Is there any way I can be ABSOLUTELY certain that there are no leaks/holes either into or out of my iBook? I've enabled the OS X firewall, but I'm wondering how to configure it properly and also, even if it is configured properly, is it completely secure? I would like to seal up my computer airtight...at very least, I would like to be notified/asked when there is any movement in or out of the computer...any ideas suggestions as to what I should do? Thanks!
     
  2. macrumors G4

    Joined:
    Jul 17, 2002
    Location:
    USA
    #2
    To be "absolutely" certain that your iBook is secure, you will have to turn it off and lock it up in a safety deposit box. However, that is not the standard. You want to reasonably secure. You can be reasonably secure by turning off ports that you don't need and by using a wired router to connect to the outside world.
     
  3. macrumors 603

    SiliconAddict

    Joined:
    Jun 19, 2003
    Location:
    Chicago, IL
    #3
    There is no such thing as an absolute when it comes to computing. Computing is all about reasonable risk. When it comes to OSX the out of the box risk of hacking cracking is negligible due to the small amount of open ports OS X has on by default. That being said always stay on top of patches. That is your #1 guard against having your computer compromised. Beyond that you said you enabled a firewall. Make sure its as secure as possible by going to:

    https://grc.com/x/ne.dll?bh0bkyd2
    or
    http://www.auditmypc.com/freescan/scanoptions.asp
    or
    http://www.hackerwatch.org/probe/

    and scan your system. It should give you a reasonable idea of how secure your firewall is set.
    Also you might want to try BrickHouse
    It's a GUI interface for tweaking the built in firewall. From what I've read it’s a solid, and free, app.
     
  4. macrumors 68000

    musicpyrite

    Joined:
    Jan 6, 2004
    Location:
    Cape Cod
    #4
    Thats easy, if you want to be ABSOLUTELY secure, all you have to do is one thing:


    Unplug the ethernet cord. (or Airport card)
     
  5. macrumors 68000

    varmit

    Joined:
    Aug 5, 2003
    #5
    still not absolutely secure

    Someone could still walk up to his computer and use it. :eek: So the safty deposit box doesn't look that bad to make it absolutely secure. I did those websites and no holes, and I don't even have the firewall up.
     
  6. thread starter macrumors 6502

    Joined:
    Apr 21, 2004
    #6
    Thanks!

    Any suggestions as to where the safest safe deposits are?...all right, all right...so I'm a bit uptight about my privacy...THANKS, in any case for your posts...they have been helpful!
     
  7. macrumors 6502

    Joined:
    Jan 6, 2004
    Location:
    In the apple store, in front of a G5.
    #7
    If you make your iBook airtight it will overheat.....


    Just keep the firewall on, with no ports open, put yourself behind a router, set up password protection for waking from sleep/screen saver, install folding@home (it might help... right?), if you are using a wireless network, allow only your MAC addresses, turn up encryption, change the network name from the default and make it a closed network (doesn't broadcast itsself).

    That's all I can think of now, any questions?

    It would help to know more about your setup (how you connect to the internet, what different boxes and wires you go through....
     
  8. macrumors member

    Joined:
    May 15, 2004
    Location:
    san jose OR riverside, Cali
    #8
    how do i turn on the firewall and close the ports? sorry if this sounds stupid, i'm a new mac switcher.
     
  9. macrumors 6502

    Joined:
    Jan 6, 2004
    Location:
    In the apple store, in front of a G5.
    #9

    System Preferences > Sharing under Services, set all to off... under Firewall, uncheck all of the boxes, and then click start, if some can't be unchecked, disable the services.... under internet, make sure sharing is off... now your computer is a bit more secure....
     
  10. macrumors 601

    cb911

    Joined:
    Mar 12, 2002
    Location:
    BrisVegas, Australia
    #10
    i'm was in a similar situation... i wanted to know when there were any ingoing or outgoing connections that shouldn't have been happening.

    there are a couple of things you can do. there is a neat little app called Little Snitch, it catches any outgoing connections, and lists that app that is making the connection, and where it is trying to connect to. you can tell it to either disallow the connection, or allow it. very useful. ;)

    then to stop unwanted incoming connections, there's an app called PeerVanguard. it has a list of IPs to block, so it will keep out the ad companies, RIAA [​IMG] etc. and it works. i just turned it on thismorning for the first time, then i could see that i had 4 access attempts, i think from ad companies. i think PeerVanguard is the Mac equivalent of PeerGuardian as well.

    hope that helps you out. :)
     
  11. macrumors 6502a

    Finiksa

    Joined:
    Feb 23, 2003
    Location:
    Australia
    #11
    Little Snitch should do exactly what you're looking for. I've been using it for about a year, it's pretty damn good but at $25 a bit overpriced.
     
  12. macrumors 603

    SiliconAddict

    Joined:
    Jun 19, 2003
    Location:
    Chicago, IL
    #12

    I've heard Swiss Banks are DAMN secure. :cool:
     
  13. thread starter macrumors 6502

    Joined:
    Apr 21, 2004
    #13
    OK...I follow some of this (sorry I'm a real newbie!)...could you explain how I can "allow only my MAC addresses," and "turn up encryption"? I changed something in the network section of Sys. Prefs., but I'm not certain that it's right (it didn't mention a 'closed network,' the only options were, where it reads, under Airport: 'By default join: ''automatic' or 'a specific network.' Is the latter what I want?
    In answer to your question, at present I go through a wireless router using AE...apart from that, no other boxes/wires...Any more ideas?
     
  14. 7on
    macrumors 601

    7on

    Joined:
    Nov 9, 2003
    Location:
    Dress Rosa
    #14
    MAC address filtering has to do with the AE base-station and not the iBook itself.

    Should be somewhere in the AE configuration tool.
     
  15. macrumors 6502

    Joined:
    Jan 6, 2004
    Location:
    In the apple store, in front of a G5.
    #15
    ok, I find AE works fine as a router....


    Applications > utilities > Airport Admin Utility

    Select your network, click "configure" enter password assigned when creating network, click "Show All Settings"


    Check the box that says "Create a Closed Network" this makes it so that the AEBS does not broadcast its existence, you should set your computers to automatically join the correct network using the correct password, if you haven't assigned one, do that.


    Click on "Base Station Options..." Uncheck the first 4 boxes if any are checked

    If Wireless security is not enabled, click "Change Wireless Security..." In my experience, WPA personal is most secure, (except for enterprise, but you probably won't be able to set that up... and I couldn't help) but not all wireless cards support it. After that, 128 bit WEP and then 40. You will set a passord for logging onto the network here....

    Now, click on the "Access Control" tab at the top. Click the "+" and then select "This Computer"

    If you have any other computers on the network, you will need to add them manually... the MAC address can be found in System Preferences > Network > Airport > Airport ID

    If you need to add PeeCees, I cna give instructions for that too, but I won't unless you ask....


    This counselling session will be $70 ;)

    Any more questions?
     
  16. thread starter macrumors 6502

    Joined:
    Apr 21, 2004
    #16
    Hey! My Mac's still under warranty! :D But seriously...THANKS a lot...I really do appreciate all the help I've gotten from you and others on this very neat website! I'm going to go and try to do things you suggested now...:)
     
  17. macrumors 6502

    Joined:
    Jan 6, 2004
    Location:
    In the apple store, in front of a G5.
    #17

    Under warranty means that Apple will replace non-working parts and assist you if your computer is not working correctly... I don't think that personal security is covered under warranty, but they might help you.....


    You are welcome, if you have any questions, or run into any problems setting all this up, I will be happy to help....


    Now if you were using WINDOWS, that $70 fee wouldn't be a joke....
     
  18. thread starter macrumors 6502

    Joined:
    Apr 21, 2004
    #18
    Oops!

    All right...so I'm an idiot...I didn't clarify that my iBook is running through a Netgear router connected to my parents' Hewlett Packard Pee Cee... :eek:
    IF it's easy, it'd be great to figure out how to deal with that...I will, in any case, save this thread for that inevitable day when I will be connected through an Apple Airport Base Station...
     
  19. macrumors 6502

    Joined:
    Jan 6, 2004
    Location:
    In the apple store, in front of a G5.
    #19
    ok... I don't know much about setting up netgear.... but I need a clearer picture of your setup.



    start at the wall, find the cord, and just write the order of everything after it. including the wall jack first.


    Again, I probably won't be able to help with Netgear, but someone else might be able to.
     
  20. thread starter macrumors 6502

    Joined:
    Apr 21, 2004
    #20
    I'll check it out...

    All right...I'll go and have a look at it...
     
  21. thread starter macrumors 6502

    Joined:
    Apr 21, 2004
    #21
    electronic road map

    All right...so...it goes: wall socket>UPS>Cable Modem>Netgear Wireless Router>HP Pee Cee.

    Does that sound about right?
     
  22. macrumors 6502

    Joined:
    Jan 6, 2004
    Location:
    In the apple store, in front of a G5.
    #22
    so the PC is wired?
     
  23. thread starter macrumors 6502

    Joined:
    Apr 21, 2004
    #23
    Sorry...you're speaking with a real newbie...how do you mean 'wired'? The PC is hooked up to a cable modem, through the wireless router, which is used for the other computers in the house.
     
  24. macrumors 6502

    Joined:
    Jan 6, 2004
    Location:
    In the apple store, in front of a G5.
    #24
    The PC is connected to the internet over a wire, not wirelessly? It is only the laptop that is wireless?
     
  25. thread starter macrumors 6502

    Joined:
    Apr 21, 2004
    #25
    Ahh...right...yes, the PC is connected through an ethernet cable... :eek:
     

Share This Page