Investigating the Leopard firewall


Our friend [Rich Mogull] has been flipping the switches on Leopard’s new firewall and scanning it to see what’s actually going on. There is some good and some bad. The new application signing is a mixed bag. It breaks Skype and a commenter pointed out that automatically trusting Apple installed apps like NetCat isn’t a good idea either. You can roll your own firewall using user friendly tools like WaterRoof since ipfw is still included.

Comments

  1. TechPagan says:

    Software firewalls yuck!

    First post W00t!

  2. cde says:

    @techpagan, and hardware firewalls are better? Only difference is that you normally leave one alone for firewalling only.

  3. TechPagan says:

    @cde: you are so completely right, but I have had software firewalls crash and not realize it. I don’t even know if this is possible with a hardware firewall. I just feel safer.

  4. ryan says:

    @techpagan

    Trust me, it is QUITE possible for a H/W firewall to crash. Be it on it’s own or via a DoS attack. I don’t think you hear about it because of different user bases (the home user vs. corporate sys admin).

  5. TJhooker says:

    Looks like he just tested the front end.

    I’d like to see someone do black box testing on it using a flexible fuzzer framework. Or rootkit research.

    The native UDP services that are unblocked would be cool to mess with.

    The Mac droids will have to wash there abrecrombie and fitch, and clean there black framed designer glasses after the anger sweats.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

Follow

Get every new post delivered to your Inbox.

Join 96,615 other followers