|
#1
March 17th, 2003, 03:58 PM
| ||||
| ||||
 Firewall I am looking for a good firewall. I know that I can go to version tracker, but I would like to know what people are using and how they like the products, and what the best features are. I have one (Kerio Personal Firewall) for my windows based system that is great it blocks all the applications like lets say an app was trying to communicate to the internet it would pop up an alert telling me so, and I could allow or deny. that is a feature that I really like and was wondering if MAC had one that had a feature like that? Thanks! 
__________________ loom001 MortalTech --------------------------------------------------------- IMAC Intel duo 2.0gig, 250HD, DVD Burner, Video 256meg, 20in Screen. Made This addition on March 20 2006 ---------------------------------------------------------- G4 SP 1GIG, 1.25 gig ram, 60HD, DVD/CD-R, DVR-106D (iDVD working) Made the addition on March 12 2003 ---------------------------------------------------------- ibook G3 900MHz, CD, 640 ram, 20HD. Made the addition on April 06 2006  |
|
#2
March 17th, 2003, 07:29 PM
| ||||
| ||||
| Darwin has ipfw, which works at the packet level. It's very powerful, and comes with Mac OS X, I believe Jaguar (10.2) also has a configuration panel for it, but anything prior to 10.2 you'll need to get a tool like BrickHouse to configure it, unless you want to edit the rules file yourself... I would recommend using this instead of a third-party one like Norton Personal Firewall. ipfw is light, doesn't use many system resources, and does all you need. I don't know of any off-hand that pop up a request to allow or deny a connection, but I personally don't find that useful at all. You just open the ports for the services you want (FTP, SSH, HTTP, ICQ, whatever) and close everything else, simple! 
__________________ michaelsanford.com Blog Twitter Tumblr LinkedIn iMac Aluminum 24" | MacOS X 10.5-current | 3.06 GHz Intel Core Duo | 4 GB RAM | 1 TB HDD iBook G4 1.42 GHz | MacOS X 10.5-current | 1 GB RAM, 100 GB HDD AMD Athlon64 3500+ | Slackware 12 (2.6.21.5-smp) | 2 GB RAM, 2120 GB RAID 1, 2500 GB RAID 0 |
|
#3
March 17th, 2003, 07:35 PM
| ||||
| ||||
| Darwin has ipfw, which works at the packet level. It's very powerful, and comes with Mac OS X, I believe Jaguar (10.2) also has a configuration panel for it, but anything prior to 10.2 you'll need to get a tool like BrickHouse to configure it, unless you want to edit the rules file yourself... I would recommend using this instead of a third-party one like Norton Personal Firewall. ipfw is light, doesn't use many system resources, and does all you need. I don't know of any off-hand that pop up a request to allow or deny a connection, but I personally don't find that useful at all. You just open the ports for the services you want (FTP, SSH, HTTP, ICQ, whatever) and close everything else, simple!
__________________ michaelsanford.com Blog Twitter Tumblr LinkedIn iMac Aluminum 24" | MacOS X 10.5-current | 3.06 GHz Intel Core Duo | 4 GB RAM | 1 TB HDD iBook G4 1.42 GHz | MacOS X 10.5-current | 1 GB RAM, 100 GB HDD AMD Athlon64 3500+ | Slackware 12 (2.6.21.5-smp) | 2 GB RAM, 2120 GB RAID 1, 2500 GB RAID 0 |
|
#4
March 18th, 2003, 12:36 AM
| ||||
| ||||
| So is there away to totally shut down your workstation for all inbound and outbound ports? Then add them in one by one? I want to totally lock down my MAC and only let the ports that I want to go out? Thanks for the help!
__________________ loom001 MortalTech --------------------------------------------------------- IMAC Intel duo 2.0gig, 250HD, DVD Burner, Video 256meg, 20in Screen. Made This addition on March 20 2006 ---------------------------------------------------------- G4 SP 1GIG, 1.25 gig ram, 60HD, DVD/CD-R, DVR-106D (iDVD working) Made the addition on March 12 2003 ---------------------------------------------------------- ibook G3 900MHz, CD, 640 ram, 20HD. Made the addition on April 06 2006 |
|
#5
March 18th, 2003, 01:17 AM
| ||||
| ||||
| i believe brickhouse does that. and i wish the system's built-in firewall was more specific = deciding all ports etc.
__________________ MacBook Pro + Mac mini | Newton 2000 | @Work : Dell D620 & 2x20" + a lot of Macs | Workstation, VC & Fusion Twenty years from now you will be more disappointed by the things that you didn't do than by the ones you did do. ~ Samuel Clemens | Rants | Photos |
|
#6
March 18th, 2003, 08:50 AM
| ||||
| ||||
| Found a little app that I think will work great for monitoring other apps. It is called little snitch. Can be found on version tracker and the Developers website is http://www.obdev.at/products/littlesnitch/index.html . This exactly what I was looking for when it came to monitoring my applications and what they are talking to the internet for. I have the power to grant and deny. Still in search of a good firewall.
__________________ loom001 MortalTech --------------------------------------------------------- IMAC Intel duo 2.0gig, 250HD, DVD Burner, Video 256meg, 20in Screen. Made This addition on March 20 2006 ---------------------------------------------------------- G4 SP 1GIG, 1.25 gig ram, 60HD, DVD/CD-R, DVR-106D (iDVD working) Made the addition on March 12 2003 ---------------------------------------------------------- ibook G3 900MHz, CD, 640 ram, 20HD. Made the addition on April 06 2006 Last edited by loom001; March 18th, 2003 at 08:57 AM. |
|
#7
March 18th, 2003, 08:51 AM
| ||||
| ||||
| Yes you can, that method is called "Explicit Allow" (it just means that you close everything by default, and open the ports you want open). Here's an extract from my /etc/firewall.conf You don't need to know what this means, it's just an example to show you the way you can close everything, then open specific services. This firewall.conf was generated by BrickHouse (rules not in order): Code: ################################################# ## Allow All Outgoing Services ################################################# add 54016 allow all from any to any out via ppp0 ################################################# ## Deny All Incoming Services ################################################# add 54017 deny log all from any to any in via ppp0 ################################################# ## Allow Network Time (NTP) ################################################# add 4003 allow udp from any 123 to any 1024-65535 via ppp0 ################################################# ## World Wide Web ################################################# add 4008 allow tcp from any to any 80 in via ppp0 add 4008 allow tcp from any 80 to any out via ppp0
__________________ michaelsanford.com Blog Twitter Tumblr LinkedIn iMac Aluminum 24" | MacOS X 10.5-current | 3.06 GHz Intel Core Duo | 4 GB RAM | 1 TB HDD iBook G4 1.42 GHz | MacOS X 10.5-current | 1 GB RAM, 100 GB HDD AMD Athlon64 3500+ | Slackware 12 (2.6.21.5-smp) | 2 GB RAM, 2120 GB RAID 1, 2500 GB RAID 0 |
|
#8
March 18th, 2003, 08:53 AM
| ||||
| ||||
| Cool I'll take a look at Snitch, might be useful for configuring my firewall (I can't seem to allow MSN file transfers).
__________________ michaelsanford.com Blog Twitter Tumblr LinkedIn iMac Aluminum 24" | MacOS X 10.5-current | 3.06 GHz Intel Core Duo | 4 GB RAM | 1 TB HDD iBook G4 1.42 GHz | MacOS X 10.5-current | 1 GB RAM, 100 GB HDD AMD Athlon64 3500+ | Slackware 12 (2.6.21.5-smp) | 2 GB RAM, 2120 GB RAID 1, 2500 GB RAID 0 |
 |
« Previous Thread
|
Next Thread »
| Thread Tools | |
|
|
Similar Threads | ||||
| Thread | Thread Starter | Forum | Replies | Last Post |
| panther firewall problem | yokim | Mac OS X System & Mac Software | 3 | October 26th, 2003 04:58 PM |
| how do i open up a port in the firewall? | alamunky | Networking & Compatibility | 7 | May 4th, 2003 06:54 PM |
| router or software firewall? | yuki | Mac OS X System & Mac Software | 2 | March 17th, 2003 07:38 PM |
| Socks firewall problems and Mail firewall problems | muldrow | Mac OS X System & Mac Software | 0 | September 28th, 2001 10:41 PM |
All times are GMT -5. The time now is 02:37 AM.
