Is OSX safe out of the box?

masker · March 1, 2002 2:30PM

I'm making the jump this weekend, and was wondering if OS X is safe to use on an always on net connection.

Does it have a built-in firewall like XP?

I also plan to have file sharing on for my local network.

I have a router bit it's built in firewall is weak. (LinkSys 4-port)

Just point me in the right direction..

Thanks,

MSKR

krazyfool · March 1, 2002 2:43PM

<a href="http://www3.sympatico.ca/dccote/firewall.html"; target="_blank">http://www3.sympatico.ca/dccote/firewall.html</a>;

I never got around to trying it but it looks clean cut

jambo · March 1, 2002 2:54PM

Take a look at Apple's <a href="http://www.apple.com/macosx/technologies/security.html"; target="_blank">OS X Security</a> page. Might find some stuff about OS X's built-in firewall there.

J :cool:

mac guru · March 1, 2002 4:47PM

My question is... if you're an average joe schmoe user and do nothing other than chat online, email, type papers etc. WHY are they all scared enough to install like 3 firewalls? I have this client who does NOTHING but eBay all day and he has 4 different Firewall apps running all the time "to keep out hackers"

I personally disabled all my firewall systems and have yet to be attacked by these "hackers" out to get my system... Am I missing something here?

Mac Guru

corvette · March 1, 2002 5:07PM

You are right.

I would guess these days Hackers are hired missionaries by private companies or organizations to do whatever they want. Why would they want to intrude on a home computer?

onlooker · March 1, 2002 5:14PM

FireWalk X is supposed to unlock and tune Apples built in FireWall as I recall. Version 2 just came out I think. (version 1 was not that great). "Brick House" seems to be the best option so far, but if you like a name brand firewall Norton's is supposed o be a good one, and there is always NetBarrier.

I still think a router with built in firewall is the best option, but I'm not an expert either.

[ 03-01-2002: Message edited by: onlooker ]

serrano · March 1, 2002 5:23PM

[quote]Originally posted by corvette:

You are right.

I would guess these days Hackers are hired missionaries by private companies or organizations to do whatever they want. Why would they want to intrude on a home computer?<hr></blockquote>

oh lord,

1. I believe you mean mercenaries, NOT missionaries... check out the mormon thread in general discussion- or better yet don't.

2. Why? Because they can. If I nmap you and telnet and ftp are open I'm not going to see 'this is joe schmoe, nothing interesting here, just move on.' It's going to show me an ip address, and port numbers. Just numbers. Your dns might tell me your isp... but at this point I'm already interested.

3. OSX has a built in firewall. Use Brickhouse or some such gui frontend to configure it. In general it's adequately safe out of the box, enough so that unless you're running some net services on it you have nothing to worry about. However the paranoid among us may find a well configured firewall reasurring.

[ 03-01-2002: Message edited by: janitor ]

neomac · March 1, 2002 7:33PM

[quote]Originally posted by Masker:

I'm making the jump this weekend, and was wondering if OS X is safe to use on an always on net connection.<hr></blockquote>

I've had OSX on a cable modem for 1 year. By default, all the 'net' services (telnet, ftp, etc) are off in OSX. I haven't used the built-in firewall. My file-sharing is on.

So how's my system security? In my book, OSX put Fort Knox to shame.

No incursion ... unlike Fort Knox, which was raided by Gold Finger.

serrano · March 1, 2002 10:55PM

[quote]Originally posted by NeoMac:



I've had OSX on a cable modem for 1 year. By default, all the 'net' services (telnet, ftp, etc) are off in OSX. I haven't used the built-in firewall. My file-sharing is on.

So how's my system security? In my book, OSX put Fort Knox to shame.

No incursion ... unlike Fort Knox, which was raided by Gold Finger.

<hr></blockquote>

exactly.

[ 03-01-2002: Message edited by: janitor ]

krazyfool · March 2, 2002 3:10AM

I never saw a need to install a firewall, maybe to block a few ports but really just being a mac user makes you a lot safer any windows user would be. Plus all I do it check mail, surf, post in AI, bla bla bla. When I'm not doing that my Ti is a sleep or off. Can't get anymore safer then that.

hacmac · March 2, 2002 11:28AM

OS X is by far the safest/tightest Unix-like system I've ever come across, at least with regards to ports listening on the network. All commercial Unix systems and almost every Linux distribution pale in comparison.

Edit: Clarification re. network ports.

[ 03-02-2002: Message edited by: hacmac ]

brian j. · March 2, 2002 1:23PM

Uh, I don't know about everyone else, but I get port scanned dozens, if not hundreds, of times a day. I think I'll leave my firewall on.

quarem · March 2, 2002 4:36PM

All my computers are OS X except for one Linux box. I have a Linksys router for a firewall. What is interesting is that I accidently left my Linux box outside the firewall for a couple weeks. I usually don't use it for much so I didn't notice anything strange until I couple weeks later when I turned the monitor on the machine on and released that I couldn't move the cursor or type anything into the terminal windows that I had left open. I then noticed some strange text in one of the terminal windows.

"rilkey 1: wonder what thos hacks were???"

This text was typed in for about four lines. I know I didn't type that in, I know nobody in my house is smart enough or motivated to type that in, so I concluded that I had been hacked.

Lesson is, people will hack you, if your not careful, just for fun.

eugene · March 2, 2002 5:13PM

I get portscanned on ports where I run no daemons, so it really doesn't bother me. They can't exploit BIND or SunRPC because there's nothing on the other end...

brian j. · March 2, 2002 11:13PM

Well, it bothers me that dozens of hackers are "casing" my @Home cable modem each and every day. For some reason, hacking is apparently more rampant on the @Home network. So, once again, I'll leave my firewall on.

thunderpoit · March 3, 2002 12:38AM

[quote]Originally posted by Masker:

I'm making the jump this weekend, and was wondering if OS X is safe to use on an always on net connection.

Does it have a built-in firewall like XP?

I also plan to have file sharing on for my local network.

I have a router bit it's built in firewall is weak. (LinkSys 4-port)

Just point me in the right direction..

Thanks,

MSKR<hr></blockquote>

you said that the built in firewall in the linksys router is weak, how so? i was planning on buying one on recommendation of another friend, but id be interested to hear your input

masker · March 7, 2002 9:04AM

From what I've read it is weak in the sense of "ease of use" not weak in security.

I also have read that it doesn't have some more advanced options regarding ports... i am no tcp/ip-network guru, but I think there was a review that said you can turn ports either on or off.. Other firewall hardware can allow you to open ports but only to specific IP addresss, so you could timbuktu into your home computer, but only from a specific IP address,

LinkSys also has no logging- or poor logging of port scans etc.. where as most firewall apps can detect ports scans and the method in which they are done to have it register asa true "attack". LinkSys also releases firmware upgrades for PC only, which require using a freeware mac app to extract the firmwaer and apply it.

My incoming data light blinks 1 or 2 times a minute with the computers off...

Port scanners.

MSKR

krazyfool · March 7, 2002 3:29PM

<a href="http://wopr.norad.org/articles/firewall/"; target="_blank">Building your own personal firewall</a>

Makes it very easy, best of all, it uses the terminal

Is OSX safe out of the box?

Comments