Welcome to the MacNN Forums.

If this is your first visit, be sure to check out the FAQ by clicking the link above. You may have to register before you can post: click the register link above to proceed. To start viewing messages, select the forum that you want to visit from the selection below.

You are here: MacNN Forums > Enthusiast Zone > Networking > Really dumb firewall question

Really dumb firewall question
Thread Tools
subego
Posting Junkie
Join Date: Jun 2001
Location: Chicago, Bang! Bang!
Status: Online
Reply With Quote
Jan 22, 2004, 12:43 PM
 
Hi everybody!

I've searched for the answer to this stupid question, but apparently it's so stupid no one has committed it to print.

Just what the heck is the OS X firewall doing?

I assume if a service is disabled, there's no need to block that/those port(s) as any attempted communication would be ignored.

So you enable a single service. Okay. So what has changed? What is the firewall doing? Blocking communication to disabled services?

I'm sure I'm just missing something here, and would greatly appreciate someone screwing my head on right about this.
     
Cadaver
Addicted to MacNN
Join Date: Jan 2003
Location: ~/
Status: Offline
Reply With Quote
Jan 23, 2004, 11:29 AM
 
The firewall does at least one thing - instead of the OS reporting the port as "closed" to port scans (closed, but at least acknowledging that a computer is present), the firewall wont report one way or another. This will make it look to the outside world like there isn't a computer at that port at all.

Safer for you... hackers wont target a machine they don't know exists.
     
subego  (op)
Posting Junkie
Join Date: Jun 2001
Location: Chicago, Bang! Bang!
Status: Online
Reply With Quote
Jan 23, 2004, 11:50 AM
 
Makes sense.

Thank you!
     
kampl
Dedicated MacNNer
Join Date: Jul 2002
Location: Boston, MA
Status: Offline
Reply With Quote
Jan 28, 2004, 06:37 PM
 
From Terminal.app, sudo ipfw print . This is what your firewall is allowing and blocking. IPFW operates on a first match basis not a best match basis so the ordering of the rules is very important.
     
   
Thread Tools
Forum Links
Forum Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are On
Top
Privacy Policy
All times are GMT -5. The time now is 02:26 AM.
All contents of these forums © 1995-2011 MacNN. All rights reserved.
Branding + Design: www.gesamtbild.com
vBulletin v.3.8.7 © 2000-2011, Jelsoft Enterprises Ltd., Content Relevant URLs by vBSEO 3.3.2