Separate names with a comma.
Discussion in 'MacBook Pro' started by wayland1985, Oct 6, 2008.
Is it better to use a firewall that's built into the OS, or one in built into the router???
It's better to use BOTH!
The one in the OS is an industrial grade, Unix quality but it won't protect your entire network. Where as the one on the router will!!
For me, I have the OS one enabled along side the hardware router!
I see.... So what settings are you using? "Set access for specific services and applications"?
And if so, do I just add the applications I use there? Like Transmission and iChat? Or is there more to it???
Too lazy to type... lol!
So nothing more to it, eh?
I knew everything on the mac was easy.... but wow!
How does "Stealth mode" impact anything???
Also... does "Block incoming connections" affect your Limewire or Azureus???
I tried to block or reduce my uploads cause my connection seems to hate it and often i get kicked off!! It's kinda nice using a "symmetric" fibre line but when it's upstreams are higher than your actual downstreams, it's a little worrying. And this occasion it didn't work!
Maybe I need to make actual adjustments in the application...
In a "non stealth" mode, when an outside application tries to connect to a closed port of your device, your OS sends back a (RST, ACK) (reset) packet to inform the client application that the port is closed. Hence, the client application knows that there is a device on that address but the port is closed
In a "stealth" mode, the device just doesn't answer and drops the packet so that the client application doesn't know if there is something on that address.
Nevertheless, it is commonly said that this "stealth" behavior doesn't bring anything to security. Why ? If there was really nothing on the address you are trying to reach, the router just before that address wouldn't route the packet and send you back an "host unreachable".
This "stealth" mode breaks the rules of the TCP/IP standard. It just sounds goods and sells good and that's why people buy it
Even if you get a commercial grade firewall from say Barracuda or Cisco, it will never beat staying away from malicious sites etc.