Firewall Software for Mac OS X: Best Options & Tips

  • Thread starter Thread starter Moonbear
  • Start date Start date
Click For Summary

Discussion Overview

The discussion revolves around recommendations for firewall software suitable for Mac OS X, particularly version 10.3.9, with considerations for future upgrades to Tiger. Participants explore the necessity of software firewalls in conjunction with existing router protections and discuss various encryption methods for wireless networking.

Discussion Character

  • Exploratory
  • Technical explanation
  • Debate/contested
  • Conceptual clarification

Main Points Raised

  • One participant inquires about firewall software for Mac OS X, expressing a need for protection against unauthorized access while using a dial-up connection and considering future upgrades.
  • Another participant mentions that OS X includes a built-in Unix-based firewall called ipfw, suggesting it is effective compared to Windows XP's firewall.
  • A participant expresses relief at discovering the built-in firewall, indicating a preference to avoid purchasing additional software.
  • Some participants argue that a software firewall may not be necessary for a home network using a router, as the router itself provides substantial protection.
  • Discussion includes details about WEP encryption options for wireless networks, with participants sharing personal experiences regarding password management and security settings.
  • Concerns are raised about the potential performance impact of software firewalls, with some participants noting that they have disabled their software firewalls due to interference with home networking.
  • One participant mentions that while routers provide a level of security, they do not protect against threats from malware already present on the computer.
  • Another participant highlights the importance of router features like stateful packet inspection when selecting a router for enhanced security.

Areas of Agreement / Disagreement

Participants express differing views on the necessity of software firewalls in home networks, with some advocating for their use while others believe that router protections are sufficient. The discussion remains unresolved regarding the best approach to firewall protection for Mac OS X users.

Contextual Notes

Participants mention various encryption types and configurations for wireless networks, but there is uncertainty regarding the effectiveness of WEP encryption and the implications of using different password lengths. Additionally, there are references to personal experiences with network performance and security, which may not apply universally.

Moonbear
Staff Emeritus
Science Advisor
Gold Member
Messages
11,959
Reaction score
54
Okay, as we were discussing cable vs. DSL internet, it occurred to me I should ask this question over here in software. What firewall software would folks recommend for a Mac running OS X (10.3.9, but I might want to upgrade to Tiger within the next year, so something that will work with my current OS but won't become obsolete when I upgrade is preferable...if that is an issue with any)? I would set up my internet to connect through airport, again, if that matters. I don't currently have anything since I just use dial-up, but I know if I'm going to be always connected, I need some form of firewall protection.

I'd especially appreciate recommendations of specific software, but otherwise, even information about what I should look for in firewall software would be helpful since I really don't know what I should be looking for and what all the different terminology means in terms of types of encryption, etc., and how to know what's relevant for my purposes, which is basically just to keep someone else from gaining access to my computer and using it for nefarious purposes.
 
Computer science news on Phys.org
OS X uses a unix based firewall called ipfw which is damn good. It is a very sophiscated firewall compared to the junk windows xp provides.

If you want to manually configure it, here is the manual:

http://developer.apple.com/documentation/Darwin/Reference/ManPages/man8/ipfw.8.html

If you just want to turn it on, which is good enough for you, then follow these instructions:

http://helpdesk.its.uiowa.edu/firewall/instructions/macosx.htm
 
Last edited by a moderator:
Thanks! I didn't even know I already had one. That's sure a lot easier than having to buy something new. :smile:
 
Frankly, for a pc on a home lan (airport is a home router, right?), you don't need a software firewall. The way a home router works acts as a nearly impenetrable firewall already. Just make sure you turn on wep encryption.
 
Airport is the wireless networking thing for macs. I know when I first set it up, it had 3 different types of encryption/password choices. When I move to a townhouse, I'll be changing whatever my current settings are to something that requires a login every time I use it so I don't end up with neighbors using my wireless. Right now that's not an issue because I have my airport set up so I do get signal out on my deck but it's pretty weak anyplace else outside my house, so I don't worry about what anyone can or cannot access. Okay, so WEP encryption it will be. I wonder if that's the one I picked randomly. Something I chose when setting it up required a 16 character password instead of the usual 8 character ones, and I'm not sure I remember what it was (I guess I don't choose easy to guess passwords since I can't even guess them sometimes...I can't count the number of times I've had to have passwords reset because I lose track of what I use.)

Unless the software firewall is going to slow things down or do something that will annoy me constantly, it probably won't hurt to turn it on.
 
It doesn't hurt to have it and will be transparent to you since packets are monitored at the kernel level.
 
Moonbear said:
When I move to a townhouse, I'll be changing whatever my current settings are to something that requires a login every time I use it so I don't end up with neighbors using my wireless.
Generally, its just a password stored in your networking settings - so you don't enter it every time you connect.
Something I chose when setting it up required a 16 character password instead of the usual 8 character ones...
WEP comes in 64 or 128bit (8 or 16 characters). Some routers/computers use a password and the software generates the key, others require you to enter the entire hexidecimal key manually.
 
dduardo said:
It doesn't hurt to have it and will be transparent to you since packets are monitored at the kernel level.
Granted. I try to keep my computers lean and mean, though.
 
russ_watters said:
Generally, its just a password stored in your networking settings - so you don't enter it every time you connect.
I might already have it set up that way then. It was so long ago that I set it up that I don't remember what I did at the time. (Do I sound like the ditzy blonde today or what? :rolleyes:)

WEP comes in 64 or 128bit (8 or 16 characters). Some routers/computers use a password and the software generates the key, others require you to enter the entire hexidecimal key manually.
I'm going to take a wild guess that it's something software generated since I haven't seen anything anywhere to indicate to me there's a key somewhere I'd need to enter manually (I wouldn't even know where to find it to enter it)...so I'll hope that's the case.
 
  • #10
I tried wireless once but the performance wasn't up to snuff and ended up wiring the house with cat6 ethernet. I did have fun using one of my neighbors network for a short while.
 
  • #11
dduardo said:
I tried wireless once but the performance wasn't up to snuff and ended up wiring the house with cat6 ethernet. I did have fun using one of my neighbors network for a short while.
I only notice a difference between wireless and being wired if I start wandering too far from the base station where the signal gets weak, but I have to really try hard to do that (basically when I first got it, I wandered all over the house to see how far I could get signal and how it affected performance as I was choosing a location for the airport). I haven't had any trouble with it. I've known people with other types of wireless who have to keep resetting it, get interference (my one friend had issues between the wireless and a baby monitor...I think it was that the wireless made the baby monitor buzz constantly or something really annoying like that), or have problems with the connection dropping. Mostly I got it because I love sitting out on my deck in the spring and summer, and it was easier than running a phone line out my window, which is what I was previously doing. Plus, to me it defeats the purpose of having a laptop if I have to be tethered to a wall to connect to the internet.

Yeah, I know more than a few people who have used their neighbors' networks until their neighbors figured out they should put a password on their system, which is why I'm asking all these questions.
 
  • #12
russ_watters said:
Frankly, for a pc on a home lan (airport is a home router, right?), you don't need a software firewall. The way a home router works acts as a nearly impenetrable firewall already. Just make sure you turn on wep encryption.

Most of the time that's true. For awhile I had my software firewall off because it would interfere with my home network. However it doesn't block say email/web viruses or programs already on your computer conneting to the outside. That's why I got zone alarm. It's the only firewall that tells me what is attempting to connect externally. For mac's however I don't think there's a problem with programs installing without permission.
 
  • #13
Even with NAT, pre SP2 windows xp would still be vunerable to sasser and other remote exploitable worms. It really depends on how sophisciated the router's firewall is. Look for stateful packet inspection when purchasing a router.
 

Similar threads

Windows Vista - Internet/Firewall doesn't work
  • · Replies 3 ·
Replies
3
Views
2K
How can I set up remote assistance software without configuring firewall rules?
  • · Replies 2 ·
Replies
2
Views
2K
Specifications for buying a laptop for study and research purposes
  • · Replies 35 ·
2
Replies
35
Views
10K
Windows vs Mac for Engineering?
  • · Replies 16 ·
Replies
16
Views
92K
Finding the Right OS for a PhD Student: Making the Best Choice
  • · Replies 60 ·
3
Replies
60
Views
11K
Mac vs PC: Which is Better for a PhD Student?
  • · Replies 14 ·
Replies
14
Views
10K
Is remote desktop connection affected by security DLL functions in Windows?
  • · Replies 1 ·
Replies
1
Views
3K
Vim colours in Mac OS X disappeared
  • · Replies 1 ·
Replies
1
Views
3K
What options are available for software development on Mac OS X?
  • · Replies 1 ·
Replies
1
Views
3K
Best Video Editing Software for G4 Mac with Tiger 10.4.9
  • · Replies 7 ·
Replies
7
Views
3K