Monday, November 5, 2007

The Firewall In The Mac OSX Leopard Is Mostly Useless, Say Experts

"Best firewall – no firewall" has been a common joke in the IT world for some time. However, it seems that Apple has taken it for serious, and their latest released OS goes to prove it.

As Heise Security's report points out, the firewall included in the Leopard OS managed to fail every security test performed by the firm. - Now that's a bummer

Jurgen Schmidt writes:

“The most important task for any firewall is to keep out uninvited guests. In particular, this means sealing off local services to prevent access from potentially hostile networks, such as the Internet or wireless networks.

But a quick look at the firewall configuration in the Mac OS X Leopard shows that it is unable to do this. By default it is set to "Allow all incoming connections," i.e. it is deactivated. Worse still, a user who, for security purposes, has previously activated the firewall on his or her Mac will find that, after upgrading to Leopard, the system restarts with the firewall deactivated.”

Also, it seems that the firewall is also unable to to make the difference between trusted networks and networks that present a certain risk; Leopard will treat them all the same, at least initially.

Of course, there's always the possibility of blocking all incoming connections, but this time the option won't be much help either. The report points out that potential attackers will still be able to communicate with at least two system services, the time server and the NetBIOS name server.

The report notes that the “problems and peculiarities described here are not security vulnerabilities in the sense that they can be exploited to break into a Mac”. However, it suggests that Apple users would do better not to rely on the firewall for the time being.

PS: all OS have their vulnerabilities, whether you choose to accept it or not.

3 comments:

Emo Scene Layouts said...

lol , apple make good products. But i guess not in firewalls

Anonymous said...

Hi,

I'm Alisha from Wowzio, and I'm excited to tell you about our new widget platform that helps bloggers increase readership by providing engaging widgets containing your blog's rich content. You can check out widgets customized for your blog here:

Wowzio Widgets for your Blog

I wanted to reach out to you to ask for your feedback on these widgets (feel free to install them on your blog, if you feel they are a good fit). I'm sorry for leaving this message via a comment, it's not at all our intent to spam you ( which is why i'm leaving this comment on an older post and you can always remove this comment ). Again, we would love to hear your feedback.

Thanks,
Alisha Wright
alisha.wright1@gmail.com

Anonymous said...

You have a very good blog that the main thing a lot of interesting and useful! erectile dysfunction Read a useful article about tramadol tramadol