Before anyone starts flaming me, i do know that macs have a built-in firewall. But the only wat to configure this is by entering ports - i cant know all of the ports my applications use, and some might use the same ports so thats not an option. I installed "Little Snitch" which is great, but is meant for controlling outgoing traffic only. So is there any similar program that will monitor outcoming traffic? I tried stuff like "Brickwall" which seemed to work well, but still it has no application controll options, meaning i cant make a specific rule for disabling an application from getting outcoming connection... Id prefer somethin that will notify me whether to allow or not any connection, out/in to a program and/or my computer. Just enabling some firewall like "brickwall" and "denying" all outcoming connections simply wont do the trick coz i would expect it to prevent applications such my internet browser to work
Got a tip for us?
Let us know
Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.
Firewall for Mac OS X?
- Thread starter sOwL
- Start date
- Sort by reaction score
Wirelessly posted (iPhone: Mozilla/5.0 (iPhone; U; CPU like Mac OS X; en) AppleWebKit/420.1 (KHTML, like Gecko) Version/3.0 Mobile/4A102 Safari/419.3)
Norton use to make a really good firewall that does what you are talking about. I quit using it because of was a bit overkill for me. Check it out maybe they still make it and it may suit your needs.
Norton use to make a really good firewall that does what you are talking about. I quit using it because of was a bit overkill for me. Check it out maybe they still make it and it may suit your needs.
i had very bad experiences with norton back at my work PC. It slows down the system like hell, and I have to pay like $50 for using it just for a year. Any other options?
yes i have, again too slow and not much of support, and when i decide to pay for an app, support matters a lot to me
Just to add something to this post, many people tell me that the combination of little snitch (which im not sure if ill buy it yet coz many users told that they bought it and it still reacts as demo) and the built-in firewall is the best way to go. But Mac os x's firewall doesnt really monitors incoming connections, and i just dont get how it works... Like, having it enabled, and having no "allow" rules must make any incoming traffic to fail. How then can apps like Opera, aMSN or even Transmission to work? My point is, enabling that firewall seems nonsence to an inexperienced user like me, i dont even understand which actual traffic its blocking
WaterRoof - http://www.hanynet.com/waterroof/
This app seems to be what you are after. However I havn't used it, and can't really help you set it up.
However it's open source and looks pretty in depth
EDIT - it's basically a GUI for the ipfw firewall that OSX already uses.
This app seems to be what you are after. However I havn't used it, and can't really help you set it up.
However it's open source and looks pretty in depth
EDIT - it's basically a GUI for the ipfw firewall that OSX already uses.
Have you used it? When you run an application that needs to accept connections to function, it will ask you if you want to allow it. You can also add applications to the allow/deny list in the System Preferences under Security (where you turn the firewall on in the first place). Little Snitch operates the same way, asking your permission when an application tries to send data (and unlike OS X's firewall, it has a good interface for setting up rules and comes with lots of preset data for various services/applications that you would normally want to allow).
Attachments
"Incoming" traffic usually refers to a connection that is initiated from the outside world. "Outgoing" traffic refers to connections that are initiated from your own computer. Obviously, in both cases, packets come in and packets go out.
Most modern firewalls are called "stateful", meaning that, without getting into the technical details, they're able to tell that incoming packets are tied to a specific connection. Let's say that you're trying to connect to a website with Opera : the browser will establish an outgoing connection by sending some packets. The packets sent back by the website will be identified as being part of that connection, and will be automatically allowed.
The "no incoming connections" setting in Leopard means that you are not making any services from your own computer available to the network (or, at least, it should : it actually keeps a few specific services available, including anything that runs as root).
Leopards looks a lot improved, but as i mentioned before, im using Tiger.
Anyway, thnx for help guys
Actually, no, you didn't mention it, which is why I assumed you used Leopard
And, sorry, but beyond Little Snitch, I never really looked into alternate solutions for Tiger.
Actually, no, you didn't mention it, which is why I assumed you used Leopard
And, sorry, but beyond Little Snitch, I never really looked into alternate solutions for Tiger.
yeh ur right i didnt
sry for that
Tiger's firewall allows port ranges, so you would have to find out what ports you need to open for the applications you want (this is kind of like port forwarding with a router, in terms of setup). Most Bittorrent clients at least allow you to pick your ports. You could probably search around to find out what ports MSN/aMSN needs. And Opera and other web browsers should be find without any special firewall rules.