Firewall for Mac OS X?

Discussion in 'macOS' started by sOwL, May 29, 2008.

  1. sOwL macrumors 6502

    sOwL

    Joined:
    Sep 25, 2007
    Location:
    Nerd Cave
    #1
    Before anyone starts flaming me, i do know that macs have a built-in firewall. But the only wat to configure this is by entering ports - i cant know all of the ports my applications use, and some might use the same ports so thats not an option. I installed "Little Snitch" which is great, but is meant for controlling outgoing traffic only. So is there any similar program that will monitor outcoming traffic? I tried stuff like "Brickwall" which seemed to work well, but still it has no application controll options, meaning i cant make a specific rule for disabling an application from getting outcoming connection... Id prefer somethin that will notify me whether to allow or not any connection, out/in to a program and/or my computer. Just enabling some firewall like "brickwall" and "denying" all outcoming connections simply wont do the trick coz i would expect it to prevent applications such my internet browser to work
     
  2. Siron macrumors 6502

    Siron

    Joined:
    Feb 4, 2008
    Location:
    North Carolina
    #2
    Got to System Preferences and click on Security. You can change the settings right there.
    Alan
     
  3. sOwL thread starter macrumors 6502

    sOwL

    Joined:
    Sep 25, 2007
    Location:
    Nerd Cave
    #3
    i can tell you didnt read any of my post and just replied to the subject...
     
  4. kornyboy macrumors 68000

    Joined:
    Sep 27, 2004
    Location:
    Knoxville, TN (USA)
    #4
    Wirelessly posted (iPhone: Mozilla/5.0 (iPhone; U; CPU like Mac OS X; en) AppleWebKit/420.1 (KHTML, like Gecko) Version/3.0 Mobile/4A102 Safari/419.3)

    Norton use to make a really good firewall that does what you are talking about. I quit using it because of was a bit overkill for me. Check it out maybe they still make it and it may suit your needs.
     
  5. Siron macrumors 6502

    Siron

    Joined:
    Feb 4, 2008
    Location:
    North Carolina
    #5
    I did read it but didn't pick up on your main question - sorry :(
     
  6. sOwL thread starter macrumors 6502

    sOwL

    Joined:
    Sep 25, 2007
    Location:
    Nerd Cave
    #6
    i had very bad experiences with norton back at my work PC. It slows down the system like hell, and I have to pay like $50 for using it just for a year. Any other options?
     
  7. darthvader66 macrumors newbie

    Joined:
    May 29, 2008
    #7
    have you tried NetBarrier X5.. its a really good one and is very configurable.
     
  8. sOwL thread starter macrumors 6502

    sOwL

    Joined:
    Sep 25, 2007
    Location:
    Nerd Cave
    #8
    yes i have, again too slow and not much of support, and when i decide to pay for an app, support matters a lot to me

    Just to add something to this post, many people tell me that the combination of little snitch (which im not sure if ill buy it yet coz many users told that they bought it and it still reacts as demo) and the built-in firewall is the best way to go. But Mac os x's firewall doesnt really monitors incoming connections, and i just dont get how it works... Like, having it enabled, and having no "allow" rules must make any incoming traffic to fail. How then can apps like Opera, aMSN or even Transmission to work? My point is, enabling that firewall seems nonsence to an inexperienced user like me, i dont even understand which actual traffic its blocking
     
  9. vandozza macrumors 6502a

    vandozza

    Joined:
    Jun 14, 2006
    Location:
    Australia
    #9
    WaterRoof - http://www.hanynet.com/waterroof/

    This app seems to be what you are after. However I havn't used it, and can't really help you set it up.

    However it's open source and looks pretty in depth :)

    EDIT - it's basically a GUI for the ipfw firewall that OSX already uses.
     
  10. apfhex macrumors 68030

    apfhex

    Joined:
    Aug 8, 2006
    Location:
    Northern California
    #10
    Have you used it? When you run an application that needs to accept connections to function, it will ask you if you want to allow it. You can also add applications to the allow/deny list in the System Preferences under Security (where you turn the firewall on in the first place). Little Snitch operates the same way, asking your permission when an application tries to send data (and unlike OS X's firewall, it has a good interface for setting up rules and comes with lots of preset data for various services/applications that you would normally want to allow).
     

    Attached Files:

  11. boz0 macrumors regular

    Joined:
    May 21, 2007
    Location:
    /dev/null
    #11
    "Incoming" traffic usually refers to a connection that is initiated from the outside world. "Outgoing" traffic refers to connections that are initiated from your own computer. Obviously, in both cases, packets come in and packets go out.

    Most modern firewalls are called "stateful", meaning that, without getting into the technical details, they're able to tell that incoming packets are tied to a specific connection. Let's say that you're trying to connect to a website with Opera : the browser will establish an outgoing connection by sending some packets. The packets sent back by the website will be identified as being part of that connection, and will be automatically allowed.

    The "no incoming connections" setting in Leopard means that you are not making any services from your own computer available to the network (or, at least, it should : it actually keeps a few specific services available, including anything that runs as root).
     
  12. sOwL thread starter macrumors 6502

    sOwL

    Joined:
    Sep 25, 2007
    Location:
    Nerd Cave
    #12
    Leopards looks a lot improved, but as i mentioned before, im using Tiger.
    Anyway, thnx for help guys
     
  13. boz0 macrumors regular

    Joined:
    May 21, 2007
    Location:
    /dev/null
    #13
    Actually, no, you didn't mention it, which is why I assumed you used Leopard :D

    And, sorry, but beyond Little Snitch, I never really looked into alternate solutions for Tiger.
     
  14. sOwL thread starter macrumors 6502

    sOwL

    Joined:
    Sep 25, 2007
    Location:
    Nerd Cave
    #14
    yeh ur right i didnt :p sry for that
     
  15. ascender macrumors 68000

    Joined:
    Dec 8, 2005
    #15
    How does the firewall built-in to the AEBS compare to the software one in Leopard? Do you really need to use the Leopard one if you're sitting on a network behind an AEBS?
     
  16. apfhex macrumors 68030

    apfhex

    Joined:
    Aug 8, 2006
    Location:
    Northern California
    #16
    Tiger's firewall allows port ranges, so you would have to find out what ports you need to open for the applications you want (this is kind of like port forwarding with a router, in terms of setup). Most Bittorrent clients at least allow you to pick your ports. You could probably search around to find out what ports MSN/aMSN needs. And Opera and other web browsers should be find without any special firewall rules.
     

Share This Page