Our friend [Rich Mogull] has been flipping the switches on Leopard’s new firewall and scanning it to see what’s actually going on. There is some good and some bad. The new application signing is a mixed bag. It breaks Skype and a commenter pointed out that automatically trusting Apple installed apps like NetCat isn’t a good idea either. You can roll your own firewall using user friendly tools like WaterRoof since ipfw is still included.
5 thoughts on “Investigating The Leopard Firewall”
Leave a Reply
Please be kind and respectful to help make the comments section excellent. (Comment Policy)
Software firewalls yuck!
First post W00t!
@techpagan, and hardware firewalls are better? Only difference is that you normally leave one alone for firewalling only.
@cde: you are so completely right, but I have had software firewalls crash and not realize it. I don’t even know if this is possible with a hardware firewall. I just feel safer.
@techpagan
Trust me, it is QUITE possible for a H/W firewall to crash. Be it on it’s own or via a DoS attack. I don’t think you hear about it because of different user bases (the home user vs. corporate sys admin).
Looks like he just tested the front end.
I’d like to see someone do black box testing on it using a flexible fuzzer framework. Or rootkit research.
The native UDP services that are unblocked would be cool to mess with.
The Mac droids will have to wash there abrecrombie and fitch, and clean there black framed designer glasses after the anger sweats.