Investigating the Leopard firewall

posted Nov 1st 2007 9:36pm by Eliot Phillips
filed under: macs hacks

Our friend [Rich Mogull] has been flipping the switches on Leopard’s new firewall and scanning it to see what’s actually going on. There is some good and some bad. The new application signing is a mixed bag. It breaks Skype and a commenter pointed out that automatically trusting Apple installed apps like NetCat isn’t a good idea either. You can roll your own firewall using user friendly tools like WaterRoof since ipfw is still included.

Read

Comments [5]

tagged: apple, firewall, leopard, mac, software

Reader Comments

Software firewalls yuck!

First post W00t!

Posted at 11:33 pm on Nov 1st, 2007 by TechPagan

@techpagan, and hardware firewalls are better? Only difference is that you normally leave one alone for firewalling only.

Posted at 2:08 am on Nov 2nd, 2007 by cde

@cde: you are so completely right, but I have had software firewalls crash and not realize it. I don’t even know if this is possible with a hardware firewall. I just feel safer.

Posted at 7:47 am on Nov 2nd, 2007 by TechPagan

@techpagan

Trust me, it is QUITE possible for a H/W firewall to crash. Be it on it’s own or via a DoS attack. I don’t think you hear about it because of different user bases (the home user vs. corporate sys admin).

Posted at 9:17 am on Nov 2nd, 2007 by ryan

Looks like he just tested the front end.

I’d like to see someone do black box testing on it using a flexible fuzzer framework. Or rootkit research.

The native UDP services that are unblocked would be cool to mess with.

The Mac droids will have to wash there abrecrombie and fitch, and clean there black framed designer glasses after the anger sweats.

Posted at 10:49 am on Nov 2nd, 2007 by TJhooker

Investigating the Leopard firewall

Recent Posts

Reader Comments

Leave a Reply

Hacks

Resources

RSS newsfeeds

Most commented on (30 days)

Recent comments