1 2 Previous Next 15 Replies Latest reply: Feb 8, 2013 10:57 AM by sanjampet
pulpman Level 1 Level 1 (0 points)

My building is installing a WI FI set up, which all owners will access by the same Password.

I don't know if I have a Firewall, doubt it, but should I get one, and what is recommended.

 

Thanks


Mac Pro, Mac OS X (10.7)
  • 1. Re: Firewall for mac
    ds store Level 7 Level 7 (30,305 points)

    OS X has a built in firewall.

     

    The full features of the firewall (outgoing and incoming) are accessible via the Terminal (command line program) and thus complicated for most.

     

    The incoming portion of the firewall is handled via the System Preferences > Security > Firewall with a easy graphical user interface with basic ability.

     

    The full features of the OS X firewall can be accessed with a graphical user interface program using donationware software

     

    NoobProof (for beginners) or

     

    WaterRoof (for more advanced users)

     

    http://www.hanynet.com/applications/index.html

  • 2. Re: Firewall for mac
    sanjampet Level 5 Level 5 (7,550 points)

    There is a firewall in your Mac. go to system preferences>security & privacy, click on firewall tab, click turn frewall on. Click firewall options, click Block all incoming connections, your good to go.

  • 3. Re: Firewall for mac
    pulpman Level 1 Level 1 (0 points)

    I found the system preferences and I do have the firewall turned on. Will this be suffficient to prevent viruses etc? Or do i need another system also?

     

    Thanks

  • 4. Re: Firewall for mac
    pulpman Level 1 Level 1 (0 points)

    Please see my reply to sanjampet.

     

    Thanks

  • 5. Re: Firewall for mac
    Baby Boomer (USofA) Level 9 Level 9 (55,575 points)

    Macs do not get viruses.

     

     

     

     

     

     

     

     

     

     

     

     

     

     

     

     

     

     

    2ue5vgy.gif

  • 6. Re: Firewall for mac
    ds store Level 7 Level 7 (30,305 points)

    pulpman wrote:

     

    I found the system preferences and I do have the firewall turned on. Will this be sufficient to prevent viruses etc?

     

    No.

     

    And since your all on the same local area network, there really isn't much you can do if someone capable wants to be malicious.

     

    Your incoming Firewall will assist protecting you from those trying to get into your machine, however you also need to make sure all your System Preferences > Sharing services are turned off.

     

    You can install the free ClamXav to scan once in awhile for mostly Windows malware that doesn't affect a Mac.

     

    http://www.clamxav.com/

     

    Make sure to set a very good password for your machine, I would recommend something 20 random characters, letters and symbols in length.

     

    A pain to remember, but a pain to crack which on a LAN they likely will do a man in the middle attack with a fake software update to get in if they wanted too, but it's harder to do than brute forcing your weak password.


    http://howsecureismypassword.net/

     

    Also they can mimic your MAC address of your wifi card, then fake theirs to match yours, connect to the router first and thus you can't connect.

     

    There is software to randomize and rotate your MAC address so you appear as another to the router each time you want to connect.

     

     

     

    As long as you trust everyone else on the LAN (local area network) and the admin of it, then you shouldn't have a problem.

     

     

    You should use Firefox and the HTTS Everywhere add on, this will ask for a encrypted connection from every web site you visit, not all provide it, but many now do so people on the LAN can't watch what your doing online.

     

    https://www.mozilla.org/en-US/firefox/new/

     

    https://www.eff.org/https-everywhere

  • 7. Re: Firewall for mac
    sanjampet Level 5 Level 5 (7,550 points)

    Like Baby Boomer said Macs don't get viruses.  I would go to Safari>safari preferences>security>and unclick

    Safari screen shot>security.  Java, and unclick plug ins (Screen shot 2013-02-07 at 3.31.08 PM.pngunless you need them for a site) which would be rare. Don't download any software, unless you go to manufactuers site for it, and never click on anything that pops up, just close it. All the best

  • 8. Re: Firewall for mac
    Network 23 Level 6 Level 6 (11,695 points)

    pulpman wrote:

     

    I found the system preferences and I do have the firewall turned on. Will this be suffficient to prevent viruses etc? Or do i need another system also?

    You'll want to read up on what it is you're trying to prevent. Viruses are just a small part of the malware landscape. And viruses are the thing Mac users fear the least, since there are none. But you still have to be concerned about other types of malware (Trojan horses, man-in-the-middle attacks, phishing...), and a firewall is not the right solution for them all.

     

    Also, the Mac firewall only blocks incoming intrusions. It will not prevent outgoing transmissions, such as if there is software on your Mac "phoning home." For that you need software like Little Snitch which was designed to filter outgoing traffic and has recently been upgraded to also filter incoming traffic. But you have to have some expertise to run it, since some less knowledgeable users become suspicious of traffic that is actually routine and end up screwing up their systems. (If you block unknown requests from 127.0.0.1 because you think it looks fishy, you basically disable all your networking).

     

    No firewall can prevent phishing and social engineering. If you get an email with a bad link, no software will stop you from clicking that link. You have to know not to click on unknown links, you have to know how to spot a fake bank page so you don't type your password into it. It doesn't matter how strong and complex your password is if you submit it to a fake site so that they get to see your exact password anyway.

     

    If you want to generally scan for viruses and some types of malware, you can use ClamXav, a free malware checker.

  • 9. Re: Firewall for mac
    ds store Level 7 Level 7 (30,305 points)

    Baby Boomer (USofA) wrote:

     

    Macs do not get viruses.

     

    They did, but it's been awhile.

     

    https://en.wikipedia.org/wiki/Category:Macintosh_viruses

     

    Mac's do get viruses, but Windows ones that don't affect OSX  (unless it's a program virus like a Excel macro ) and can send them to other Windows users on files they share, thus the ClamXav to scrape them off.

     

    A Mac running Windows will get viruses in Windows for sure.

     

     

    So to be more specific, it's OS X that hasn't gotten a virus in quite some time, but the sure did get trojans and backdoors recently, like Finfisher and Flashback.

     

     

    So Mac's have gotten malware recently and the Flashback botnet is still over 750,000 Mac's still supposedly.

  • 10. Re: Firewall for mac
    ds store Level 7 Level 7 (30,305 points)

    has recently been upgraded to also filter incoming traffic.

     

    Awesome, 10.6 compatible and the upgrade from LS 2 was only $17

     

    Sweet, the incoming filter is going to come in handy with my vm's.

     

     

    Thanks.

  • 11. Re: Firewall for mac
    MadMacs0 Level 4 Level 4 (3,725 points)

    ds store wrote:

     

    So Mac's have gotten malware recently and the Flashback botnet is still over 750,000 Mac's still supposedly.

    I didn't realize anybody was still tracking that info since Flashback was declared extinct by at least two A-V labs. Do you recall where you heard/read this? I'd guess Dr. Web or Kaspersky?

  • 12. Re: Firewall for mac
    pulpman Level 1 Level 1 (0 points)

    Thanks-very helpful.

    One question,regarding file sharing: I do share a printer for use by another family member; (wireless) would turning off sharing affect this process?

  • 13. Re: Firewall for mac
    Network 23 Level 6 Level 6 (11,695 points)

    The Sharing check boxes ds store mentioned, which are on your Mac, only affect sharing of items in your Mac or directly connected to your Mac with non-network cables. If you are using your Mac to share a printer, you must have Printer Sharing on. If your printer shares itself, or if your router shares your printer, then you don't need to turn on any sharing on your Mac.

     

    Printer sharing from your Mac is sort of a last resort if your printer can't already be shared by your router or by itself.

     

    I use the sharing services on my MacBook Pro...but only when I'm home. When I take my MacBook Pro out of the house, I turn off all sharing on my MacBook Pro to enhance security. And that includes sharing that is not part of the Sharing preferences, such as iPhoto and iTunes library sharing that you control from those applications. My printers are all network-capable, so they share themselves on my home network, and my Macs are simply clients that can see the printers on the network and use them.

  • 14. Re: Firewall for mac
    sanjampet Level 5 Level 5 (7,550 points)

    Just as a rule, it is a good habit to turn off all sharing when you are done using your machine. You don't want to become non-chalant about anything. Just a good habit to get into. Other than that, network23 is correct. As a rule I leave all sharing off at all times, unless I ned them, then turn them off. Good habit to learn, certainly can't hurt if all sharing is off, possibly could if you forget or miss one that leaves you vunerable.

     

    Just my habit.

1 2 Previous Next