 |
 |
New Tiger features? ...
|
|
|
|
|
Grizzled Veteran
Join Date: Feb 2005
Status:
Offline
|
|
I was reading this nice list of features:
http://www.apple.com/macosx/upgrade/compare.html
Does anyone know what they mean by Firewall Stealth Mode in this context? What will that buy me?
Does PDF Encryption mean that I could lock a PDF such that no one else would be able to edit it?
Thanks very much in advance,
Chris
|
|
|
| |
|
|
|
|
|
|
|
Mac Elite
Join Date: Oct 1999
Location: San Jose, Ca
Status:
Offline
|
|
Firewalls can chose to do one of three things when they get a packet on a specific TCP port: send back a "request denied" packet. Pass it through to be routed (presumably to an application). Or drop it in the bit bucket so that nothing goes back to the computer that sent the packet. This last is called "stealthing" as it makes it look like the IP address is not in use. In practice this just makes it harder to troubleshoot things, but some people love it.
As to PDF encryption... it can do a few thing: prevent people from reading, prevent people from printing (although the end software has to respect that... a dangerous assumption), and it is supposed to prevent copy-and-pasting (see the last comment).
|
|
|
| |
|
|
|
|
|
|
|
Clinically Insane
Join Date: Nov 1999
Status:
Offline
|
|
Currently, when someone tries to connect to a firewalled OSX machine, the requests "bounce off" of it. The machine sends back a response stating that the connection was refused.
In stealth mode, the requests do not bounce, but simply disappear. In theory, this would mean that someone running a scan to look for machines would simply pass you by, as your machine wouldn't be distinguishable from an IP address with no machine attached to it. However, you also benefit if The Bad Guy knows your machine is there (though he'll have to get this knowledge by other means), because when he goes to scan your machine for open ports he'll have to wait for every ping to time out, instead of getting the near-instant response of "Connection Refused" errors. This slows down port scans significantly, which can make things very annoying for The Bad Guy.
OSX's firewall has always been able to do this, even back in the 10.0 days. However, Apple's own interface to that firewall has never been able to make it do that; you had to rely on third-party configurators instead.
Does PDF Encryption mean that I could lock a PDF such that no one else would be able to edit it?
I don't believe you can lock out editing with PDF encryption. You can't do it effectively, at any rate; anyone who can view the PDF will be able to find ways to edit it. You can, however, lock it so that only people you give the password can view it.
|
|
You are in Soviet Russia. It is dark. Grue is likely to be eaten by YOU!
|
| |
|
|
|
|
|
|
|
Dedicated MacNNer
Join Date: Jan 2002
Status:
Offline
|
|
Originally Posted by Millennium
Currently, when someone tries to connect to a firewalled OSX machine, the requests "bounce off" of it. The machine sends back a response stating that the connection was refused.
In stealth mode, the requests do not bounce, but simply disappear. In theory, this would mean that someone running a scan to look for machines would simply pass you by, as your machine wouldn't be distinguishable from an IP address with no machine attached to it. However, you also benefit if The Bad Guy knows your machine is there (though he'll have to get this knowledge by other means), because when he goes to scan your machine for open ports he'll have to wait for every ping to time out, instead of getting the near-instant response of "Connection Refused" errors. This slows down port scans significantly, which can make things very annoying for The Bad Guy.
<snip>
(Last edited by m.brown; May 4, 2005 at 06:17 AM.
)
|
|
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
 
|
|
|
Forum Rules
|
|
|
|
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
|
HTML code is Off
|
|
|
|
|
|
|
|
|
|
|
|
|
Top
