Firewall

Discussion in 'Mac Basics and Help' started by JJLT76, May 28, 2007.

  1. JJLT76 macrumors newbie

    Joined:
    Jan 16, 2007
    #1
    does the firewall in my macbook come turned on or do i have to turn it on? i just got a new macbook yesterday
     
  2. Eraserhead macrumors G4

    Eraserhead

    Joined:
    Nov 3, 2005
    Location:
    UK
    #2
    You have to turn it on, with a new Mac there aren't any services running. I heard that running the firewall and no internet services actually decreases security.

    I do have the firewall enabled however and you can enable the firewall in System Preferences==>Sharing==>Firewall.
     
  3. mad jew Moderator emeritus

    mad jew

    Joined:
    Apr 3, 2004
    Location:
    Adelaide, Australia
    #3

    Intriguing. What do you mean by this? :)
     
  4. Eraserhead macrumors G4

    Eraserhead

    Joined:
    Nov 3, 2005
    Location:
    UK
    #4
    Because in theory the firewall itself could be hacked, whereas when it's off it can't be hacked.

    This only really applies because the Mac Firewall only stops bad stuff getting in, not stuff getting out from your computer.

    This is only what I've heard from other people on this site, so may not be entirely true.
     
  5. mad jew Moderator emeritus

    mad jew

    Joined:
    Apr 3, 2004
    Location:
    Adelaide, Australia
    #5
    How very interesting. I'll be sure to look further into it mate. Thanks. :)
     
  6. Sherman Homan macrumors 6502

    Joined:
    Oct 27, 2006
    #6
    First question: by default the firewall is off. If you are directly connected to a broadband modem, you should definitely turn your firewall on. Although if you aren't running any server processes (ssh, email, web, ftp etc) then there aren't any services for a hacker to exploit. The most important thing the firewall can do is to put your computer in "stealth" mode where port scanners can't even see it.
    If you are behind a router that has an active firewall on you could argue that you don't need the client computer's firewall running also. But it doesn't hurt and the demand on the processor/ram/hd is very minimal.
    I don't understand how turning on the firewall can make your computer less secure.
     
  7. grapes911 Moderator emeritus

    grapes911

    Joined:
    Jul 28, 2003
    Location:
    Citizens Bank Park
    #7
    Nonsense. Turning it on doesn't make the computer much more secure because most of the time users are already behind a somewhat better firewall built in to their router. Even that isn't that great though. It is one extra barrier to get through though. It would be like building a 4 foot wooden fence around around your house. Will it keep a thief out? No way, but it certainly doesn't make your house less secure.

    You are correct in saying that it only stop incoming traffic, not outgoing traffic. Little Snitch is pretty good at stopping outgoing traffic.
     
  8. Eraserhead macrumors G4

    Eraserhead

    Joined:
    Nov 3, 2005
    Location:
    UK
    #8
    ^^^ Read the final post in this thread, which links to this page.

    If you are an average user on Windows running a firewall makes sense because you don't know what to block, whereas a Mac doesn't have anything that needs blocking in the first place.
     
  9. Nightkrawler macrumors regular

    Joined:
    Sep 4, 2006
    Location:
    Vienna, Austria
    #9
    ...
    http://securityresponse.symantec.com/avcenter/security/Content/2004.05.12.html
    http://www.heise-security.co.uk/result.xhtml?url=/news/83772&words=firewall&T=firewall
    http://www.heise-security.co.uk/result.xhtml?url=/news/84266&words=firewall&T=firewall
    just some examples. If you don't have a serious purpose for a personal firewall, dont use one.

    In windows is it possible to have zero open ports, without using a firewall:
    http://www.dingens.org/index.html.en
    in OS-X, there aren't any open ports normally.

    And if you use a personal Firewall to block programs phoning home, then read this: http://www.adobe.com/support/security/bulletins/apsb07-11.html
    Also, why are you running programs when you don't trust them?
     
  10. grapes911 Moderator emeritus

    grapes911

    Joined:
    Jul 28, 2003
    Location:
    Citizens Bank Park
    #10
    The OS X firewall is not meant to block internal traffic. It is only for external traffic and all it does is close all ports that you do not specifically allow. In reality, it is just the basic unix firewall that is tried and true for years. There is absolutely nothing about it that makes it easier to hacking a Mac.
     
  11. SmurfBoxMasta macrumors 65816

    SmurfBoxMasta

    Joined:
    Nov 24, 2005
    Location:
    I'm only really here at night.
    #11
    How in the h*ll can running a (unix) firewall and NO internet services make your system less secure.........thats a new one on me .................:confused:...................
     

Share This Page