What is the OS X firewall for?

Discussion in 'OS X Mavericks (10.9)' started by jennyp, Feb 15, 2014.

  1. jennyp macrumors 6502

    Joined:
    Oct 27, 2007
    #1
    Could someone explain, or point me to a resource that explains, what the OS X firewall is for, and how to set it up (and indeed, if I should bother setting it up)?

    What are the threats that it is designed to mitigate? Does it have any annoying downsides?

    I should say that I use filesharing over my home network to share files between my desktop iMac and my MBP, and sometimes to share screens, if that makes any difference.
     
  2. FreakinEurekan macrumors 68040

    FreakinEurekan

    Joined:
    Sep 8, 2011
    Location:
    Eureka Springs, Arkansas
    #2
    Do you have a router? If so, the firewall is mostly superfluous. Only really need it if your Mac has a public-facing IP address (i.e. it's plugged directly into an Internet modem with no router).

    If you have a router, it has NAT that prevents any incoming traffic from ever getting to your Mac unless the connection is requested by the Mac.
     
  3. jennyp thread starter macrumors 6502

    Joined:
    Oct 27, 2007
    #3
    Yes I do have a router, so maybe the firewall isn't needed. Thanks.
     
  4. maflynn Moderator

    maflynn

    Staff Member

    Joined:
    May 3, 2009
    Location:
    Boston
    #4
    Generally speaking its not needed, and there are other products like little snitch that offer a more robust firewall solution.

    I have my firewall turned on because when I travel, I'm not behind my router, and if I'm using a public wifi.
     
  5. jonesea macrumors newbie

    Joined:
    Dec 21, 2013
    #5
    Don't assume that everything on the inside side of the router is friendly.

    Use both.
     
  6. LV426 macrumors 6502a

    Joined:
    Jan 22, 2013
    #6
    Agreed. For the minimal overhead that the OS X firewall adds, you have little to lose by enabling it. Unless your network administrator advises otherwise.
     
  7. chown33 macrumors 604

    Joined:
    Aug 9, 2009
    #7
    Use both.

    Because if you ever take your computer out into the world, and use a wifi access-point at a public location (library, coffee shop, whatever), then your computer will be directly exposed to every other computer that's on that same wifi access-point.

    And that could be anyone.
     
  8. jennyp thread starter macrumors 6502

    Joined:
    Oct 27, 2007
    #8
    So really I should enable it on my MacBook Pro? Is it enough just to turn it on?
     
  9. maflynn Moderator

    maflynn

    Staff Member

    Joined:
    May 3, 2009
    Location:
    Boston
    #9
    When I'm out and about, I make sure its on. Its pretty simple to enable so why not :)
     
  10. jennyp thread starter macrumors 6502

    Joined:
    Oct 27, 2007
    #10
    Thanks for the tips. :) Think I'll enable it on my mBP when I'm out and about. Might think of using a service like NetShade as well.
     

Share This Page