the firwall on your mac...

Discussion in 'macOS' started by copykris, Nov 3, 2009.

?

do you use the firewall on your mac?

  1. yes

    23 vote(s)
    69.7%
  2. no

    10 vote(s)
    30.3%
  1. copykris macrumors 6502a

    copykris

    Joined:
    Sep 25, 2009
    Location:
    home
  2. copykris thread starter macrumors 6502a

    copykris

    Joined:
    Sep 25, 2009
    Location:
    home
  3. Hellhammer Moderator

    Hellhammer

    Staff Member

    Joined:
    Dec 10, 2008
    Location:
    Finland
    #3
    I do. I don't want that something possibly harmful would happen to my Mac.
     
  4. someguy macrumors 68020

    someguy

    Joined:
    Dec 4, 2005
    Location:
    Still here.
    #4
    No. Rarely am I not connected to a private network. I'm comfortable enough with the protection that NAT provides.
     
  5. arkitect macrumors 601

    arkitect

    Joined:
    Sep 5, 2005
    Location:
    Bath, United Kingdom
    #5
    I am curious as to why this is even a question…

    If not then why not?
     
  6. Peace macrumors P6

    Peace

    Joined:
    Apr 1, 2005
    Location:
    Space--The ONLY Frontier
    #6
    I use my NAT but I'm sure PETA's gonna have something to say about this.
     
  7. copykris thread starter macrumors 6502a

    copykris

    Joined:
    Sep 25, 2009
    Location:
    home
    #7
    reason i'm asking is i just switched mine on for a couple of days to see if i notice any difference in performance while running the firewall in the background, if i don't --might aswell keep it on from now on...
     
  8. HLdan macrumors 603

    HLdan

    Joined:
    Aug 22, 2007
    #8
    The reason why there's an option for it to be turned off has nothing to do with performance, it's about certain networked transmissions being blocked with the firewall. For instance, iTunes streaming works with the firewall off.
     
  9. arkitect macrumors 601

    arkitect

    Joined:
    Sep 5, 2005
    Location:
    Bath, United Kingdom
    #9
    Do you really have to turn off the Firewall for iTunes streaming to work?
    Bizarre…
     
  10. Greenman85 macrumors regular

    Joined:
    Jun 16, 2009
    #10
    A. what exactly is firewall?

    B. how do I know if i have it and if so how can i turn it on/off?

    THX
     
  11. yg17 macrumors G5

    yg17

    Joined:
    Aug 1, 2004
    Location:
    St. Louis, MO
    #11
    I don't use mine because NAT works just fine.
     
  12. arkitect macrumors 601

    arkitect

    Joined:
    Sep 5, 2005
    Location:
    Bath, United Kingdom
    #12
    Cool.
    So a belt and braces approach is not needed?
    :)
     
  13. angelwatt Moderator emeritus

    angelwatt

    Joined:
    Aug 16, 2005
    Location:
    USA
    #13
    System Preferences > Security
     
  14. yg17 macrumors G5

    yg17

    Joined:
    Aug 1, 2004
    Location:
    St. Louis, MO
    #14
    No. The nature of NAT makes it virtually impossible for someone to get into your computer through any ports except for ones you have specifically forwarded to your Mac. And if you're forwarding them in your router, you've probably opened them up in your firewall too.
     
  15. miles01110 macrumors Core

    miles01110

    Joined:
    Jul 24, 2006
    Location:
    The Ivory Tower (I'm not coming down)
    #15
    A firewall is something that protects a computer or a network from various types of external intrusion. If you have OS X you have a firewall; go to System Preferences -> Security -> Firewall to turn it on/off.
     
  16. splitpea macrumors 6502a

    Joined:
    Oct 21, 2009
    Location:
    Among the starlings
    #16
    You should be able to just enable iTunes sharing in the firewall section of the system prefs.

    I run the firewall, leave open the iTunes sharing ports, and then punch very specific holes in it to allow active FTP to a specific server, and so machines on my local network can reach the Macports Apache instance I'm running.

    Never noticed any sort of performance issues with it, but then it shouldn't be receiving much malicious traffic anyway, since I'm already behind a built-in firewall in my router.
     
  17. QuantumLo0p macrumors 6502a

    QuantumLo0p

    Joined:
    Apr 28, 2006
    Location:
    U.S.A.
    #17
    Yes, I use the OS firewall and would not use a net connected computer without it. It is generally an accepted practice according to many IT and security experts. I will not cite sources because I don't care to write an encyclopedia in this thread, but please check it out for yourself if you doubt it.

    IMO, not using a firewall is as living in a bad neighborhood and not locking your doors and windows. No, router NAT will not protect you enough. There are thousands of network ports for everything from general internet traffic to telnet and ftp. You could be behind a decent router connected to your cable/dsl modem but there could still be (there IS, actually) a lot of data going in and out without your knowledge. Legit apps send out data all the time but so does malware.

    I like to use Little Snitch along with the OS-X firewall and a Linksys router running DD-WRT firmware. Consumer routers are generally weak and buggy compared to commercial offerings. Most people write off router glitches as nothing to worry about but usually there are issues that the user is unaware of.

    Here's another reason NAT cannot be relied on. The fact is when using a typical wireless router an eight year old with 30 minutes could crack WEP or WPA/WPA2 and then they are IN your network at your computer's unlocked doorstep. NAT will not help you.

    Before my Linksys, with DD-WRT firmware, I used a retired computer running Smoothwall so I could isolate my wireless network from my wired. Forgot the root password and I didn't feel like re-doing the whole thing so I jumped on DD-WRT which is a lot more robust than the OEM Linksys firmware. The biggest thing I like about it is the ability to reduce or increase the wireless transmit power. I like to use a lower setting to reduce the chance of unwanted visitors.
    :D
     
  18. Detektiv-Pinky macrumors 6502a

    Detektiv-Pinky

    Joined:
    Feb 25, 2006
    Location:
    Berlin, Germany
    #18
    Network Address Translation is NOT as security measure!

    It might mitigate some simple attacks.

    But what happens if somebody with a hacked Windows-Box joins your network?
    What if your NAT box has a common default password / or none at all and is vulnerable to XSS attacks:
    http://www.gnucitizen.org/blog/bt-home-flub-pwnin-the-bt-home-hub-5/

    I rather also have a Firewall running on ever host. But then, I also run my boxes from a non-Admin account...
     
  19. yg17 macrumors G5

    yg17

    Joined:
    Aug 1, 2004
    Location:
    St. Louis, MO
    #19
    I don't have any Windows boxes on my network, my WiFi network is secured with WPA2 and a good password, and my router's password is not the default.
     
  20. Detektiv-Pinky macrumors 6502a

    Detektiv-Pinky

    Joined:
    Feb 25, 2006
    Location:
    Berlin, Germany
    #20
    Good for you, but I doubt that the majority of people run such a tight setup.

    Also, what do you do if somebody (friend, colleague, neighbour) want's to join your network with their Windows box?
     
  21. copykris thread starter macrumors 6502a

    copykris

    Joined:
    Sep 25, 2009
    Location:
    home
    #21
    you just allow the connection when the firewall prompts you

    i'm liking it so far
     
  22. iPhone 62S macrumors 6502a

    iPhone 62S

    Joined:
    Aug 18, 2009
    #22
    Firewall on, router set up properly (WPA2), but the router in question is a BT Home Hub, so I don't really trust it's security so much if I'm honest.
     

Share This Page