Firewall protection
I'm not sure if this is the right place to post so mods, if you want to move it then go ahead...
I have Norton Personal Firewall 2.0.2. It seem to block most of "attacks" except ICMP. I have it set to deny all in every type of port. Why is it that ICMP still comes through? Secondly, I tried to understand Apple's Firewall settings but I still don't understand how to set it correctly, even with the guide of the "Help" menu. Can someone inform me how I should have my settings?
Maybe I'm being paranoid a bit but I don't want to see Norton telling me that an ICMP probe has been allowed. Is there anything I can do to prevent this? I'm on a DSL line by the way (using OS X.2.3). <img src="confused.gif" border="0">
I have Norton Personal Firewall 2.0.2. It seem to block most of "attacks" except ICMP. I have it set to deny all in every type of port. Why is it that ICMP still comes through? Secondly, I tried to understand Apple's Firewall settings but I still don't understand how to set it correctly, even with the guide of the "Help" menu. Can someone inform me how I should have my settings?
Maybe I'm being paranoid a bit but I don't want to see Norton telling me that an ICMP probe has been allowed. Is there anything I can do to prevent this? I'm on a DSL line by the way (using OS X.2.3). <img src="confused.gif" border="0">
Comments
As Mulattabianca said, I believe ICMP can be considered "normal traffic". Here is an explanation:
<a href="http://www.faqs.org/rfcs/rfc792.html" target="_blank">http://www.faqs.org/rfcs/rfc792.html</a>
I don't know about Norton's firewall software, but Mac OS X's own firewall is already mighty powerful. Yes, the GUI in the System Prefs is basic and lacks advanced funcionality, but there are other ways to configure it. You can use the terminal if you are a *nix guru or you can get one of several shareware tools that act as a front-end to it, setting it up with a friendlier GUI. My personal favorite (as many others here probably know) is <a href="http://brianhill.dyndns.org/" target="_blank">BrickHouse</a>. It's free to try as long as you like (it is shareware though), it has a reviewable log, it has a tutorial for beginners, and it has other more complete controls for advanced users.
That said, I don't really trust keeping *any* Norton software on Mac OS X. There have been far too many reports of startup problems, file access problems, and even kernel panics for me to trust loading any kind of Norton app that has to run in the background like this.
Moving to Mac OS X.
As far as Norton Firewall, I have been using it for 3.5 years now under OS 9.2.2 and then 10.2.3. I have yet had a single crash (related to Norton) and this is not an exaggeration. I have always had it set to auto launch at startup and it had never failed me in it's operation.
Like I said, the only thing that Norton cannot seem to deny access to is ICMP probing. Maybe there is an extention conflict with some people.
[ 01-20-2003: Message edited by: kwondo ]</p>