Firewalls and Virus Protection?

Discussion in 'Mac Apps and Mac App Store' started by BandontheRun, Oct 25, 2007.

  1. BandontheRun macrumors newbie

    Oct 25, 2007
    My new iMac is arriving tomorrow. My first one. I am a PC guy that now just wants a machine that works.

    I connect to the internet via my wireless Linkysys router with 128 bit WEP.

    Assuming I need firewall software (ala ZoneAlarm), what is the best/most popular? I have heard of many Mac owners who don't even have software firewalls and that virus protection just isn't a big deal on a Mac.

    With the recent WSJ article on how Mac is outpacing PC growth, I can only wonder how many "new" viruses might end up approaching the Mac..

    So bottom line question, do I need Firewall and/or Virus Protection software for my iMac? If so, what?

  2. Blubbert macrumors 6502

    Nov 1, 2006
    There is a software firewall included in OSX, and its perfectly suitable for almost everyone. It is located in system preferences under the sharing heading. I would reccomend using it.
    As far as virus protection goes, there is none. Mostly because there are no viruses for OSX. There are virus scanners that will scan your computer for windows viruses, but thats only useful or needed if you send a lot of files to a windows computer.
    I also dont think that OSX will experience a sudden surge in viruses given their rapid rise in popularity. Even at this point, 5% of the users is a significant part of the market, and yet no viruses were created. That compounded with the fact that OSX is rare in being a platform that is completely virus free, and yet no hackers have written a virus to destroy that record and gain fame for being the first to do so.
  3. mkrishnan Moderator emeritus


    Jan 9, 2004
    Grand Rapids, MI, USA
    Hi and welcome. :)

    Is this a dealbreaker for you? Why are you using WEP? You should really migrate to WPA (version 1 or 2 doesn't really matter) unless you absolutely have devices that have to be on WEP. WEP is the technological equivalent of putting a spare key under the doormat.

    You get lots of variation on this one... I personally say:

    - Firewall -- OS X has a fine incoming firewall based on the ipfw technology built in. If you trust the apps you use, then this is all you need. It's in Sys Prefs -> Sharing -> Firewall, I believe (not in front of a Mac). Or you can spotlight it by typing firewall into the spotlight bar in the sys prefs window.

    Turn it on, enable the smallest number of ports you need, put it in stealth mode, block UDP if you don't need it. Never think about it again. If you do NOT trust your own applications, you could potentially need an outgoing firewall as well; Mac people seem to like Little Snitch (I've never bothered). Outgoing firewall is less necessary on Macs purely because there is no spyware as of now, and so any outgoing transmissions are the result of software for which you authorized installation yourself.

    The alternate theory applies if and only if you activate no incoming services on your Mac. The logic is that if no services are listening to any incoming ports, there is no value in having a firewall, as it is blocking "deaf ears." If that situation applies, you can read more about this and possibly decide for yourself to do without a firewall. But as I understand it, this doesn't really apply once you have services listening on ports.

    - Virus protection -- get ClamXAV (free) installed, just to have it there if you need it ever. But you won't get any Mac viruses. I have it installed on my iMac but I don't have its Sentry (background scan) enabled, and I don't make a regular practice of running virus scans.

    If you run Windows in Parallels, VMWare, or Bootcamp, and allow the Windows partition to see the internet, you should also continue to do what you do in Windows now in terms of virus protection. I believe (correct me if I'm wrong) that Parallels and VMWare don't "pierce" the OS X firewall, and so you don't need a separate firewall for Windows with them. With Bootcamp, you should use a Windows firewall of your choice.

    I really wouldn't hold my breath. It's likely there will eventually be a virus someday, but it's less likely that we'll end up in a situation like Windows for a variety of reasons related to (1) our install base size, (2) the paucity of OS X machines used in mail / web server environments (so the servers don't get infected and become vectors), and (3) the architecture of OS X.

    Hopefully answered this question?
  4. BandontheRun thread starter macrumors newbie

    Oct 25, 2007
    Thank you for your responses!

    I'm not sure the Linksys router does WPA? If it does, I will look into it and see, I've been using WEP since before WPA, so I'm just used to it.

    It sounds like I can use the built in Firewalls and that if I get paranoid, there is freeware virus scanning for the MAC environment.

    Outside of that, seems like I can just use my old Windoze ZoneAlarm etc. for the bootcamp windows I will run.


Share This Page