Firewall - how do I stop the pop-ups?

Question

Firewall - how do I stop the pop-ups?

Apparently the firewall is doing this. I've set it up to 'block incoming connections'. Now I get this message every time I run an MS Office program:

"
do you want the application "Microsoft Word.app" to accept incoming network connections? Clicking Deny may limit the application's behavior.

This setting can be changed in the Firewall pane of Security preferences.
"

I don't want to change the setting, but I don't want this pop-up every time I run the applications that are blocked. Is there a way to stop this behaviour?

iMac + 17" Macbook Pro + 13" Macbook + 32Gb iPhone 3GS + Space Capsule + Mac min, Mac OS X (10.6.2)

Posted on Dec 21, 2009 12:54 AM

Reply

Answer 1

K T

Level 7

23,877 points

Dec 21, 2009 1:02 AM in response to Fustbariclation

You don't mention what version MS Office you have...some have a setting for disabling these checks and some have an app that needs to be run as I recall.

Do you have anything online configured in the 'Tools/Tools on the web' menu? Check your WORD preferences and disable anything that mentions online checks, etc. Also check to see that all related security updates have been applied.

Reply

Answer 2

Dec 21, 2009 1:08 AM in response to K T

It's Microsoft Office 2008. I had thought, from the comments I've fond on-line so far, that the message was from the firewall, not MS office. I've had a good hunt through all the menus I can find, and none seem to relate to this.

Reply

Answer 3

K T

Level 7

23,877 points

Dec 21, 2009 1:25 AM in response to Fustbariclation

The message is from the firewall, and unless it is misinterpreting, the activity that is triggering the message is from MS Office/WORD.

Typically in this type of situation, you would either quiet the firewall to ignore the activity or stop the activity to quiet the firewall. It's not unusual for applications to phone home, for several reasons. Sometimes it is trivial to deal with and sometimes is takes a bit of sleuthing. I believe that older versions used to do serial number checks...not sure if that still occurs.

This is the message, right?:

If the message contains a port number, you might want to try configuring that port as allowed in the firewall configuration.

Be sure to check the MS site for any related information.

Reply

Answer 4

Dec 21, 2009 1:25 AM in response to K T

Yes, the log-file shows the port:

21/12/2009 11:21:48 Firewall[69] Deny Microsoft Word data in from IP:51739 to port 2223 proto=17

I don't want to open the port, I'd like it to deny it silently, though! As far as I can see, the office programs spend their life sending messages across my network. I'd prefer to block them sending them in the first place, silently, preferably, but this doesn't seem possible, so blocking them receiving them seems the next best bet.

Reply

Answer 5

K T

Level 7

23,877 points

Dec 21, 2009 1:35 AM in response to Fustbariclation

See this link for details I believe may apply concering the firewall configurations (link)...

I'd prefer to block them sending them in the first place

As far as quieting MS Office....that's another discussion - if you succeed in halting the auto-checks, they may put you in a bind by not being able to update properly. The choice seems to be either the user lives with/allows the network chatter/activity or simply doesn't use the product.

Personally I avoid their products these days over this type of thing as well as others. iWork with Pages/Numbers and Keynote are working out very well for me.

Reply

Answer 6

Dec 21, 2009 1:48 AM in response to K T

Yes, that's the right problem that the site is discussing! I certainly prefer no to use M$ products myself, but, since I have a license for this, I might as well get my money's worth...

I do see the difficulty. An incoming packet has to pass through xinetd, where it can be intercepted by a firewall before arriving at an application. An outgoing packet, though, can be written straight to the port. It'd be nice, though, to have a way of preventing this, though.

I use iWork, pages, numbers and keynote too, and they are, indeed better! I'd still like to fix this, though, if it was possible.

Reply

Answer 7

R C-R

Level 6

17,782 points

Dec 21, 2009 2:04 AM in response to Fustbariclation

Fustbariclation wrote:
I do see the difficulty. An incoming packet has to pass through xinetd, where it can be intercepted by a firewall before arriving at an application. An outgoing packet, though, can be written straight to the port. It'd be nice, though, to have a way of preventing this, though.

Try Little Snitch to selectively block outbound network traffic.

Reply