Got a tip for us?
Let us know
Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.
The Mac 10.4.3 Firewall, do you use it?
- Thread starter DSL Steve
- Start date
- Sort by reaction score
I use it, and only turn on what I actually need turned on. For example, I don't use iPhoto's photo sharing feature, so that can be safely turned off.
Normally I have it switched off, since I access the internet through a router (a server PC, with software firewall) which is enough protection really.
I only enabled it on my PowerMac G5, after I forwarded a few ports on the router, for testing purposes. I'll turn it back off when I'm done though, as it's pointless running software firewalls on every system on the network.
I only enabled it on my PowerMac G5, after I forwarded a few ports on the router, for testing purposes. I'll turn it back off when I'm done though, as it's pointless running software firewalls on every system on the network.
cruxed said:
First, just as a technicality, it works in the opposite fashion. When you put up the firewall, you close / turn off ALL incoming ports. Then, you selectively open / turn on the ones you need.
More seriously, you can open ports in the firewall in OS X by going to System Preferences -> Sharing -> Firewall, and then you check the boxes for the ones you want, or click New to add ones that aren't listed. You will have to see the Transmit docs for the right ports. But if they're generic to BitTorrent, then according to this, you need ports 6881-6999 to be open. When you create a new port to be opened for BitTorrent in Sys Prefs, you can enter the string "6881-6999" rather than create the ports individually (please, God, do not create more than 100 ports individually!) Name them something like "BitTorrent" so that you know what they are. Then make sure the box is checked for them, and you're good.
However, if you have a router with a hardware firewall, you will also have to open ports on that firewall.
mkrishnan said:
just outta curiosity, why does BitTorrent NEED 118 open ports, for what ? Sounds like a recipe for rampant intrusions to me........
SmurfBoxMasta said:
It doesn't, really, if you can configure the port your client use. One is enough. I have mine set to the same port as the Blizzard downloader use.
I only download one at the time though. Might be that you need more open if you download more than one at a time.
Edit: And to answer the OP. I have a hardware firewall, so I don't bother with any other. Off on the Mac and the PC.
I keep my built-in firewall turned on all the time. As far as I know, it's never caused any problems for me. I've never had to turn it off for any reason.
I keep mine on all the time. Sometimes I will enable Personal file sharing and Windows file sharing when I have to transfer some stuff over the network to other computer.
When I am in school, I can't really trust other people on the network.
Has any one tried using the Firewall Logging to see if any one tried to access you computer from outside?
When I am in school, I can't really trust other people on the network.
Has any one tried using the Firewall Logging to see if any one tried to access you computer from outside?
Attachments
I almost always have it on. Even at home, behind the firewall ( but wireless) and at work ( behind the corporate firewall). Never bothered me.
Only disabled it last week when a colleague needed to test some application
use the X display of my powerbook. (and I was to lazy to add a rule to
the firewall)
Only disabled it last week when a colleague needed to test some application
use the X display of my powerbook. (and I was to lazy to add a rule to
the firewall)
Mac_Freak said:
Well if you have a external firewall too then you should not get anything. But at my school i help out with our computer, and we receive about 100 denied attempts of some type per hour. We have not even started hosting yet, so we are not a target for hackers. Most of these attempts are viruses. We use http://www.mynetwatchman.com/. This kind of attempts are common on most internet connections. If you have a dynamic address you may receive a little less but you still will receive a large number. (unless your ISP blocks them)
Anyway, make certain you have a firewall at all times. especially if you have a PC, as they can be infected within a matter of minutes with no firewall. I have done it way back.
i have mine off on my pm g5. i am behind a firewall anyway, but with a mac there is little reason to have a firewall. its not windows where u need one or your computer will get attacked 24/7
Is there even any need to turn the firewall on if you're behind a NAT?
I mean I have mine on and in stealth mode but I guess there is no point for people behind a NAT.
I mean I have mine on and in stealth mode but I guess there is no point for people behind a NAT.
Diatribe said:
There was a thread on this topic a while ago...IIRC, a few people here said it *was* worthwhile, in case your internal network was somehow compromised. But somehow it seems hard to imagine that kind of balls-to-the-wall attack going on against your home network.
I don't think it would be worth it. It is true that if your home network is compromised then you want it on. However, with a wireless network that has WPA, MAC address filtering. I really don't think someone would put the time into cracking it. Unless you are a target for a reason.....or work for the FBI.mkrishnan said:There was a thread on this topic a while ago...IIRC, a few people here said it *was* worthwhile, in case your internal network was somehow compromised. But somehow it seems hard to imagine that kind of balls-to-the-wall attack going on against your home network.
trainguy77 said:
*Makes shifty eyes*
Well...
Hehehe...I leave mine on because I use my computer on multiple networks, some of which lack the security of my own (which is invisible / MAC filtered / firewall'd / WPA2).
macg4 said:i have mine off on my pm g5. i am behind a firewall anyway, but with a mac there is little reason to have a firewall. its not windows where u need one or your computer will get attacked 24/7
That's not entirely true.. your Mac is still culnerable to attack and compromise. Since you're behind a hardware firewill, you should be OK, but it's not right to think that you're safe just beacuse you have a Mac. It's still a UNIX box and there are plenty of skilled crackers out there who can get into your box.
mkrishnan said:There was a thread on this topic a while ago...IIRC, a few people here said it *was* worthwhile, in case your internal network was somehow compromised. But somehow it seems hard to imagine that kind of balls-to-the-wall attack going on against your home network.
Yeah, I guess my ex-girlfriend lacks the knowledge...