Sidebar Sidebar
Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.

Do I need to switch on Firewall?

D

DRPTHPHN

macrumors member
Original poster
Mar 4, 2011
41
0
I have had my firewall off since I got my 2011 MBP a few months ago and i'm concerned I may be putting my macbook at risk. I assume the fact its off as default that I may not need it.

What do people think?
 
Harmush said:
Enable it.
And also for extra security download this.
Click to expand...
No, don't download that. Sophos is not recommended, as it can actually increase your Mac's vulnerability. You don't need any 3rd party antivirus software to protect Mac OS X from malware. Mac OS X 10.6 and later has built-in malware defenses. No viruses exist in the wild that can run on Mac OS X, and there never have been any, since it was released 10 years ago. The handful of trojans that exist can be easily avoided with some basic education, common sense and care in what software you install:
 
I was a Windows user for ages so quite paranoid re virus's, malware etc so enabled the Firewall (why isn't this enabled as default?) and that's in Mac wise.

I haven't added any extra protection apart from Firewall/Antivirus within the Windows VMWare's

So far so good :)
 
hmm... Ive never turned mine on before...
Never had a problem either.

I started using Mac since 2001 and never used it before, still no virus.
I dont even know if Firewall is going to do anything since there is no virus for Macs first of all.

I run Norton Security Suite which I got from comcast for free so :p
 
GGJstudios said:
No, don't download that. Sophos is not recommended, as it can actually increase your Mac's vulnerability. You don't need any 3rd party antivirus software to protect Mac OS X from malware. Mac OS X 10.6 and later has built-in malware defenses. No viruses exist in the wild that can run on Mac OS X, and there never have been any, since it was released 10 years ago. The handful of trojans that exist can be easily avoided with some basic education, common sense and care in what software you install:
Click to expand...

how can you make your computer more vulnerable by enabling that?
 
sparky1499 said:
If you are behind a router at home, I wouldn't bother.

The router will act as a firewall.
Click to expand...

I agree, although FWIW I read an internet security briefing document last week (wasn't Mac-specific) and in there were quite a few notes mentioning that the hardware firewall (what's in a router) can be complemented by the OS's own software firewall and they cite test results showing increased level of security having both enabled.

I enable mine in OSX and haven't had any negative effects.
 
ATC said:
I agree, although FWIW I read an internet security briefing document last week (wasn't Mac-specific) and in there were quite a few notes mentioning that the hardware firewall (what's in a router) can be complemented by the OS's own software firewall and they cite test results showing increased level of security having both enabled.

I enable mine in OSX and haven't had any negative effects.
Click to expand...

Well, yeah, it's like being on the pill and still using condoms to avoid having a kid.
 
GuitarG20 said:
how can you make your computer more vulnerable by enabling that?
Click to expand...

If you read his informative link then it mentions why :

munkery said:
I would not use Sophos because the component (and almost all of its components) of the software that receives updates is running with root privileges such that an exploit would be remote root if an exploit was found for that component.

Given that Sophos is 32 bit, the security mitigations can be defeated by bruteforce techniques if an exploitable vulnerability is found in the software.

For example, McAfee LinuxShield <= 1.5.1 Local/Remote Root Code Execution. Different OS but same principle could be used if exploit found in Mac AV software running as root.

With ClamXav, all of the components do not run as root. The exception is a daemon that scans for changes in folders to initiate launching clamscan if you use the Sentry feature but it does not receive inputs from a remote source.
Click to expand...

munkery said:
The problem with Sophos and other AV software that runs with elevated privileges is that an exploit found in the AV software would be a remote root exploit given that AV software receives remote input and the software runs with elevated privileges.

For example, McAfee Linuxshield Remote Root.

Use ClamXav or VirusBarrier Express. These two Mac AV softwares do not run with elevated privileges.
Click to expand...
 
I just turned on firewire for the first time but pretty annoying..

OSX asks me if every single thing can connect or not...
I turn on torrent, it asks me if it can connect.
I turn on Steam, it asks me if it can.
I play L4D2, it asks me if it can connect with my friends...

Reminds me of windows security...
 
yusukeaoki said:
I just turned on firewire for the first time but pretty annoying..

OSX asks me if every single thing can connect or not...
I turn on torrent, it asks me if it can connect.
I turn on Steam, it asks me if it can.
I play L4D2, it asks me if it can connect with my friends...

Reminds me of windows security...
Click to expand...

You probably have max security on or something... I'd clear the check box on the first option in your firewall Advanced settings, and check the bottom two, and check to make sure that the apps that are asking for your permission are all allowed in that box there.

It really should only ask you once (but there have been instances, and I speak from experience with iTunes, that it kept asking me permission).
 
bb426 said:
You probably have max security on or something... I'd clear the check box on the first option in your firewall Advanced settings, and check the bottom two, and check to make sure that the apps that are asking for your permission are all allowed in that box there.

It really should only ask you once (but there have been instances, and I speak from experience with iTunes, that it kept asking me permission).
Click to expand...

I just changed the settings on advanced and seems like 4 application was already on there with full permission (skype, torrent, Steam, L4D2).

The top was unchecked automatically and the 2nd one was only checked so I checked the bottom 2.

Thanks!
 
May cause issues with novice users.

The configuration provided out of the box is fine, but it IS NOT the most security configuration that's possible. Apple has a guideline that folks can use ( Snow Leopard Security Configuration ) but it says right at the top that it will impact functionality for the sake of security.
 
GGJstudios said:
No, don't download that. Sophos is not recommended, as it can actually increase your Mac's vulnerability. You don't need any 3rd party antivirus software to protect Mac OS X from malware. Mac OS X 10.6 and later has built-in malware defenses. No viruses exist in the wild that can run on Mac OS X, and there never have been any, since it was released 10 years ago. The handful of trojans that exist can be easily avoided with some basic education, common sense and care in what software you install:
Click to expand...

1. How can enabling a security program (and one that is used by HUGE companies) increase venerability?

2. I see nothing about anti-malware in 10.6 or above...

3. Viruses for Mac do exist, your stupid to say there isn't any. (I am sure other will be able to find a more complete list)

4. With Mac sales rising, you will see an increase in people trying to exploit them.

Don't be naive now...
 
Last edited:
Harmush said:
2. I see nothing about anti-malware in 10.6 or above...
Click to expand...
Xprotect

I'd respond to the rest but it's more entertaining when GGJs delivers...


tCp90.gif
 
You must log in or register to reply here.
Register on MacRumors! This sidebar will go away, and you'll see fewer ads.
Top Bottom
Back