Should I enable the Snow Leopard Firewall?

1

1

Snow Leopard has in its Security Panel a Firewall option, which is off by default. That means (according to the help message there) that all incoming connections to the computer are allowed.

Can/should I turn it on? What kind of applications would that break?

Conversely, am I at risk at an Internet cafe when I do not turn the firewall on (assuming that all sharing features are disabled either way)?

Also, what about outgoing connections, can they be filtered, too?

Thilo

Posted 2009-11-27T09:34:18.133

Reputation: 2 975

Answers

4

I'd suggest turning it on regardless of what it "breaks". You can tell if one of your apps is being blocked and quickly make an exception for it easily. The firewall can filter incoming and outgoing connections, depending on how you want it configured. For more advanced configuration, grab a copy of Waterroof (a frontend for ipfw). Better safe than sorry.

John T

Posted 2009-11-27T09:34:18.133

Reputation: 149 037

Why is it off by default, then? – Thilo – 2009-11-27T09:40:32.333

1Because all network communication ports are blocked by default, and all network services are turned off. But if you turn on a service such as sshd you open yourself up to attacks. – John T – 2009-11-27T09:45:22.323

3

I just want to re-emphasise what John T commented on - it is off by default because there are no shared services by default. Therefore if you have changed the default settings and have services with ports open, then I would always turn the firewall on. Note that there is more than one firewall, the one accessible through system prefs is an application-centric one, but there is an additional ipfw based one which, as John T mentions, is configurable using Waterroof, or they have a simpler NoobProof GUI too (you can hack at it using the terminal if so inclined).

I would also recommend an outgoing connection firewall like Little Snitch, as the Application firewall and ipfw are traditionally incoming-only firewalls. Not sure if you can hack ipfw to do reliable outbound checking...

The Tentacle

Posted 2009-11-27T09:34:18.133

Reputation: 4 621

Asked: 2009-11-27T09:34:18.133

Viewed: 3 205 times

Active: 2009-11-27T15:16:38.840