Do you use your Macs firewall?

Since Mac's boast about not having viruses etc. I am wondering how many people use the inbuilt firewall. Do you use it? Why do you use it? Should you bother using it?

 

Well viruses don't exactly have that much to do with firewalls, as they are more designed to defend against hackers, however I can see how others can think it though.

I use my Firewall, even know I have a hardware firewall. You can never be too secure, plus OS X's firewall isn't intrusive like the windows counterparts are. Many Mac professionals and journalists even use the built in firewall just because you can never be too safe.

So if the hacker can somehow figure out to get by my router's NAT and SPI firewall, they have another firewall to go up against, hackers don't like to spend much time in a system due to fears of being detected.

Most leave Macs alone because we aren't Windows, among other facts like most hackers respect unix and open source software (Mac OS X uses many open source software)

 

I don't. I have my router. And as xbandaidx says, they don't help against viruses, just network worms and the like. Hackers too I suppose, but anything that is software can be gone around if someone is determined enough.

 

how do u turn it on

 

System Preferences --> Sharing --> Firewall

 

thk u
do you have any other app to protect mac osx ? some spyware cleaner for exampl ?

 

You don't need spyware cleaner for Macs, unless your running windows on it, which you would run under windows anyways.

 

A bit OT, but whatever. This is one thing I absolutely dread about Windows. how can people assume that having to run an antivirus and spyware-catcher is *normal* ? How can people be so easily mind-washed? It's revolting. The real reason computers are insecure is because people aren't educated enough to know what is going on with them, like with this commom misconception that firewalls help preventing virus. Well, most people do not know the difference between a virus, a trojan and a worm anyways. This way software makers can get away selling crappy products - no one knows who's to blame.

 

mac osx is hosting a firewall so i've turn it on but i don't know if a firewall from a third party is better.

so if i'm using only Mac OSX (which is what i do), i DON'T need any firewall, cleaner, or antivirus apps ?

 

It is always a good idea to have a firewall running. Question is, if you use cable/adsl chances are you already have a firewall at the router/modem. If you use dial-up, then use OS Xs built in firewall.
There are no virus (well, there are a few proof-of-concept) in the wild for OS X; just keep your system updated. Spyware as we know it is due largely to some design decisions in windows, and it is very hard to "implement" in other OSs. Trojan horses are a different story however; since they are regular programs, that just disguise themselves as something else, they can be found for any platform. Use a non admin account and you will limit its damages; download only from trusted sources and you'll probably avoid them. Worms are self-replicating and transmitting code that use vulnerabilities found in services and programs that keep ports open. Use only the services you need, and update your system constantly again, but there are no known worms in the wild for OS X.

So, if you follow security guidelines, including having strong passwords, using a non admin account, and keep your system updated, you are pretty much secure with OS X. But the best defense is knowledge. Don't take my word for it, go research and find out more. It's all in the "internets"

 

thk u for the further info, i use a wifi transmitter which have a firewall (though configurated on medium) so i am partly protected.

"trojan horses are a different story however; since they are regular programs, that just disguise themselves as something else, they can be found for any platform. Use a non admin account and you will limit its damages; "

this is one point i'd like to develop, why should i use a non admin account ? how would this limit the damages ? is it because the non admin do not have access on the system ?

 

Non-admin accounts are limited in their powers, they can't do all system preferences changes, as well as do not have permission to alter system files, and if any damage were to occur it would be limited to the non-admin home directory.

Admins have much more control, and can affect more of the system than a non-admin can if it were infected or whatever. The absolute worst damage that could be done is if you were using root, which has access to every single file on the system. There are files even admin does not have permission to alter, only those files can be altered by the root account.

 

oooh ok !!! thk u, but what about the shared files ? if i wanna listen to my music on both accounts ? where can i put my files ? is there a specific folder ?

 

You can allow access to any file or folder to other user; select it, command-I (get info) and open Ownership and Permissions, you can set the permissions you want there. There is a default folder called Public which comes with read only access permissions for other users, but you can change the other folders' if you see fit. Note that you should only use an admin account if you are administrating the system (i.e., no listening to music ) normal tasks should be done with a restricted account. You can have a number of restricted accounts if you need or want to as well.

Again I disagree with you in that. I asked which files you were talking about and I don't remember you answering. But then, even if it were true, what's the difference if an admin (or anyone who knows the admin password) can become root? That it's why the difference is semantic. An attacker, either a person or a malware, must only break in an admin account to gain total control of your system (type: sudo su - followed by your admin password and see what happens). That is why a good password policy is needed.

 

yes I have answered your question in that other thread, I guess you just never looked at it again for the answer.

To make it easy for you, I went ahead and found the thread where you asked about root and answered your question.

Theres your answer from one of the most respected Mac journalist in the industry. You're free to look it up the next time your in a book store, that is Page 455 in David Pogues "Mac OS X Tiger, The missing manual"

Your pretty much right about whats the difference if someone gets admin access on your computer and this will hold true for Tiger, however leopard is reported to have those tools that are used to enable root as being removed from Leopard, you could still enable root somehow, but it will be much harder than it is now. basically like you said just use sudo, which correlates to what David said, however he said he does not recommend enabling the root account.

 

First, if I sounded harsh I apologize; it was not my intention. Discussions are a nice way to further our knowledge about any matters and it is in this spirit that I post here.
That said, while I respect the opinion of Pogues (as well as yours) it is known that not everyone thinks that way; for example, Ubuntu, which is a very popular Linux distro, uses exactly the same model as OS X - i.e., an admin account which is a sudoer instead of a proper root account. Other distros such as Fedora Core/Red Hat do not. My personal opinion is that there is no fundamental difference in the security provided by the two methods, for the reasons I showed. It does provides safeguards against accidental deletion of files depending on how you set it up, but no additional security.

What I would like to know is which files exactly are not accessible. Even then, I do not see how is that more secure if one can access these files by becoming root; and hidden as it may be, there got to be a way to become root if one wants to be able to maintain, upgrade and tweak the system (for example, I have a Nokia internet tablet that runs linux; its root account is disabled by default; in order to access the root account, you must first reflash the device. This might be possible to use in a general-use computer, but if one wants to upgrade a system file it would only be possible by using some kind of disk-mode; it is not practical).

 

First off, I didn't think you were coming on as harsh or anything. I understand on the internet you can't see a persons expression when they speak and whatnot, and I shouldn't take things I read as a bad way.

Secondly, I have used many distros however I have not used ubuntu, its interested to see they have a system setup like OS X, and that I did not know. Thats cool though.

Third. The files you are wondering about.
Macintosh HD > System > Library. These are root editable only however admin readable.

while yes an Admin could do a 'get info' and change the group that has read and write permission to their own username and get that read/write access, however we all know how touchy OS X is with permissions and doing that would most likely increase the chances of crashes as well.

This also further explains why people should use standard accounts for everyday use and I will give an example.

Say a 'virus' gets on your Mac and your running under admin, the admin account has read/write permission to a fairly large amount of files on the system, but thats not to say it doesn't have that permission for the directory I just said.

Because really a virus could execute a sudo command to grant access to write to those files as an admin (however it would need the admin password) so it's most likely to be stopped and restricted to the admins home directory and those folders it has access too that don't require the password.

EDIT: I have removed a part of my post in discovery of an Mac OS X security exploit. I apologize for this removal, and I will be contacting Apple about this.