Learn about the Snow Leopard firewall. You can turn it on in your system preferences and it will block unwanted access to your Mac from inside your network or while you are on a public network.
Comments: 27 Responses to “MacMost Now 376: Snow Leopard Firewall”
Ken
15 years ago
Thank you Gary!
Any way to create custom ports on a Mac? For example. I know on a Windows PC, Remote Desktop Connection uses port 3389. I can go open specifically port 3389.
A site I like to visit to test my firewall is ShieldsUP by Steve Gibson
In Snow Leopard, don't think ports before you think applications. Applications may or may not give you control over which ports they use. For instance, in Mail you can specify different POP and SMTP ports. In my FTP program I can specify ports for any connection. So think about which application you are trying to use, and then see if it allows you to set a preference for which port it uses.
Dimitri
15 years ago
Thank you, Gary, for very informative videos.
With the firewall, is there a performance overhead, or any other undesirable side effects, if it is switched on?
Considering what you said in the video (i.e. it depends on the setup: ADSL modem or Wi-Fi, local IP or common, etc.), is there a way to determine if switching built-in Mac OS firewall on will add anything to the security?
It is difficult to say if a Firewall will add security. But it shouldn't add any overhead. The downside might be that you could turn something off that you didn't realize you needed. For instance, if you switch off file sharing and then weeks later try to access your computer from elsewhere only to remember that you had turned file sharing off. Things like that.
Phil Paxman
15 years ago
Great tutorial Gary. Cleared up some questions I had.
You don't need to worry about it. if you decide to turn Firewall on, then things you have enabled (like file sharing) will automatically be allowed. If an application you are using (like Skype) needs access, you will be asked the first time. So there really is no need to decide anything -- you can handle it all on the fly.
Kristin
15 years ago
I'm so happy that it out today. That is all. Have a good day.
Kristin
15 years ago
I'm so happy that it is out today. That is all. Have a good day.
christohper Solorzano
14 years ago
Hello i was just checking to see if turning on the firewall of my little brothers mac before he goes off to college would be a good idea? What would be your viewpoint on this? thanks for your time!
Turning it on can't hurt -- unless he doesn't know how to turn it off and he gets in a situation where he needs to. Unlikely, though. But just make sure he understands what it is for and how to work with it if he needs to.
H.A
14 years ago
Thanks alot for the video... I have a question....
how can I open a port in Snow Leopard. when I run the command:
sudo lsof -i -P | grep -i "listen"
I can see all the open ports on my laptop but the ports like 7,23 are not open... I just wanna open the port and locally connect telnet to my local host by the mentioned ports...
thanks alot
I don't know if you are approaching it in the right way. If they are closed, you should be asking yourself, why are they closed? Look in your Sharing Firewall settings. If you have the things that use 7 and 23 turned off, then those ports would appear to be "closed" as nothing is receiving on those ports. Is Remote Login turned on in Sharing? If not, then that is why you can't connect via SSH.
In Snow Leopard, don't think "ports," think "services." Turn a service on, don't "open a port."
Robert
14 years ago
I prefer use protemac. com ProteMac NetMine.It’s really good firewall.It’s must be helpful to everyone:)
fisherbim
14 years ago
i'm new to mac. do i need to add iChat in the list of allowed connections before i could use it? i tried it the first time and it won't connect. haven't used it ever since.
Allowed connections? Do you mean in your firewall? You shouldn't have to. But try it. It is more likely that something else is the problem -- like a firewall in your router or with your ISP. Very difficult to tell.
fisherbim
14 years ago
thank you.
mplmilk
14 years ago
Hi Gary,
I'm running Leopard 10.5.8 on a G5 PPC.
My old modem/router broke so I bought a new one (Actiontec). I'm having problems with it staying connected. Whenever I turn "off" Leopard firewall it connects. When I turn firewall "on" and use selected applications only, it does not connect. What file/app should I put in the list of "allow incoming applications" in order for the modem/router to connect?
Thanks...
Which applications are having trouble? Just add those. Personally, I would just turn off the firewall and leave it off. If it is causing trouble, then it isn't worth it. You can always call your ISP and ask them.
mplmilk
14 years ago
The ones that allow email, web browser (Safari), and automatic date and time settings...which are all on in "allow incoming applications".
Not sure why the firewall is getting in the way. Perhaps some setting on the router. I'd call your ISP or refer to the router manual.
mplmilk
14 years ago
Thanks for your help and time Gary! Spoke with ISP provider and router company and they were no help in resolving the problem.
One more question...If I turned "off" the OS firewall, would the one built-in to the router/modem be enough to give me the security I would need for a home network? (only print sharing is turned "on".)
Thanks again for your help:)
Thank you Gary!
Any way to create custom ports on a Mac? For example. I know on a Windows PC, Remote Desktop Connection uses port 3389. I can go open specifically port 3389.
A site I like to visit to test my firewall is ShieldsUP by Steve Gibson
https://www.grc.com/x/ne.dll?bh0bkyd2
Sorry I mean specially open port 3390 instead of 3389
In Snow Leopard, don't think ports before you think applications. Applications may or may not give you control over which ports they use. For instance, in Mail you can specify different POP and SMTP ports. In my FTP program I can specify ports for any connection. So think about which application you are trying to use, and then see if it allows you to set a preference for which port it uses.
Thank you, Gary, for very informative videos.
With the firewall, is there a performance overhead, or any other undesirable side effects, if it is switched on?
Considering what you said in the video (i.e. it depends on the setup: ADSL modem or Wi-Fi, local IP or common, etc.), is there a way to determine if switching built-in Mac OS firewall on will add anything to the security?
It is difficult to say if a Firewall will add security. But it shouldn't add any overhead. The downside might be that you could turn something off that you didn't realize you needed. For instance, if you switch off file sharing and then weeks later try to access your computer from elsewhere only to remember that you had turned file sharing off. Things like that.
Great tutorial Gary. Cleared up some questions I had.
How do you turn off File Sharing?
System Preferences. Sharing. Uncheck "File Sharing." See episode 320 for some basics: http://macmost.com/simple-mac-file-sharing.html
Being basically a newbie to Mac, how can I know what to allow or not allow to bypass my firewall?
You don't need to worry about it. if you decide to turn Firewall on, then things you have enabled (like file sharing) will automatically be allowed. If an application you are using (like Skype) needs access, you will be asked the first time. So there really is no need to decide anything -- you can handle it all on the fly.
I'm so happy that it out today. That is all. Have a good day.
I'm so happy that it is out today. That is all. Have a good day.
Hello i was just checking to see if turning on the firewall of my little brothers mac before he goes off to college would be a good idea? What would be your viewpoint on this? thanks for your time!
Turning it on can't hurt -- unless he doesn't know how to turn it off and he gets in a situation where he needs to. Unlikely, though. But just make sure he understands what it is for and how to work with it if he needs to.
Thanks alot for the video... I have a question....
how can I open a port in Snow Leopard. when I run the command:
sudo lsof -i -P | grep -i "listen"
I can see all the open ports on my laptop but the ports like 7,23 are not open... I just wanna open the port and locally connect telnet to my local host by the mentioned ports...
thanks alot
I don't know if you are approaching it in the right way. If they are closed, you should be asking yourself, why are they closed? Look in your Sharing Firewall settings. If you have the things that use 7 and 23 turned off, then those ports would appear to be "closed" as nothing is receiving on those ports. Is Remote Login turned on in Sharing? If not, then that is why you can't connect via SSH.
In Snow Leopard, don't think "ports," think "services." Turn a service on, don't "open a port."
I prefer use protemac. com ProteMac NetMine.It’s really good firewall.It’s must be helpful to everyone:)
i'm new to mac. do i need to add iChat in the list of allowed connections before i could use it? i tried it the first time and it won't connect. haven't used it ever since.
Allowed connections? Do you mean in your firewall? You shouldn't have to. But try it. It is more likely that something else is the problem -- like a firewall in your router or with your ISP. Very difficult to tell.
thank you.
Hi Gary,
I'm running Leopard 10.5.8 on a G5 PPC.
My old modem/router broke so I bought a new one (Actiontec). I'm having problems with it staying connected. Whenever I turn "off" Leopard firewall it connects. When I turn firewall "on" and use selected applications only, it does not connect. What file/app should I put in the list of "allow incoming applications" in order for the modem/router to connect?
Thanks...
Which applications are having trouble? Just add those. Personally, I would just turn off the firewall and leave it off. If it is causing trouble, then it isn't worth it. You can always call your ISP and ask them.
The ones that allow email, web browser (Safari), and automatic date and time settings...which are all on in "allow incoming applications".
Not sure why the firewall is getting in the way. Perhaps some setting on the router. I'd call your ISP or refer to the router manual.
Thanks for your help and time Gary! Spoke with ISP provider and router company and they were no help in resolving the problem.
One more question...If I turned "off" the OS firewall, would the one built-in to the router/modem be enough to give me the security I would need for a home network? (only print sharing is turned "on".)
Thanks again for your help:)
Firewall isn't that important. Setting a password for our user account is what is most important.
Thanks Gary...just put a stronger password on my User Account...