Hi:
I found this on my firewall tonight:
To the best of my knowledge this is not supposed to be on there. Activity monitor shows this:
I inspected each and these are the results:
First Control Center
Second control center
So--do you think these are both legitimate processes and if so why is one on the firewall? Don't recall seeing this before?
Thanks for your time.
iMac 24″, macOS 14.5
Ok, thanks...
To find out if it's system wide or user specific, try this...
Open System Preferences>Users & Groups, unlock the lock, click on the little plus icon, make a new admin account, log out & into the new account.
Does it work in the new account?
If you iMac is at home and behind a router you don't need the firewall. It's really for laptops out and about using public WiFi networks like Starbucks or at hotels.
Under the conditions that you describe this situation denotes some attention and at the very least a need for explanation. It could be suspicious or quite normal. The filtering rule that is listed is to allow inbound traffic specifically to your control center application. This filtering rule would not affect your regular internet traffic, it is designed to allow or prevent a device from triggering an action in your control center. This could be screen mirroring or other aspects within the app. I see from your screenshots that you have bluetooth enabled, which would allow some actions to be performed. I would check to see if you recently made any changes to your device or enabled services such as described. If your firewall is set to block all incoming connections and you recently enabled something of the sort, this would explain the filtering rule being added to your firewall that would allow that to function as designed. This would not be required if the firewall was not enabled, but it is always good to employ security regardless of your environment. If you remove the filtering rule from the firewall with the inbound connections to signed applications permitted the filtering rule should not reappear after a reboot. If it does this could be an indication that something is wrong. You can delete the Safari history and information and check for any rogue extensions and start up applications in "Settings / General / Login Items". Set your firewall rules to your preference, it is always good practice to limit the traffic to what you require. Clean the cache folders for your user accounts, "/Users/"User"/Library/Cache" and "/var/tmp" files and reboot your system to see if this resolves the issue for you. I hope that this corrects the situation for you or provides you with an answer as to why this happened on your system.
The main concern is that this appeared on the firewall (control center) and I was told via chat with Apple that it should not be there but it persists in remaining there. Wanted to make sure that this is typical or at worst a bug and nothing more serious like malware.
Update--tried to quit the process but when I restart it is back.
What are all your Settings in Control Center?
Ok--here's screenshots of the settings
And this is the actual display on my desktop:
yes--same thing. When opened, control center is still on the firewall.
What happens if you block all incoming connections?
What are the settings here...
And can you refresh your concerns?
I tried the switch to blocking incoming connections--no noticeable affects. Here is a screenshot of my firewall controls:
I have not attempted a reinstall of 14.5 yet.
Thanks OT!:)
BDAqua wrote:
Thanks OT!:)
is this suspicious?
