Sidebar Sidebar
Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.

Any suggestions for firewall against OUTBOUND traffic?

C

CoffeeMonkey

macrumors regular
Original poster
Feb 23, 2003
108
0
I'm thinking about paying the $25 for Little Snitch, but was wondering if there are any good alternatives.

I paid $40-$50 for Zone Alarm a few years ago when I had a PC, and I'm pretty cautious/paranoid about data security, so the $25 for Snitch isn't a problem. But I am surprised that OS X doesn't have similar built-in functionality.
 
I'm not sure why you'd be surprised, or why you don't think that OS X supports this functionality. Assuming you aren't already familiar with ipfw, a quick glossing over of its manpage would tell you that it can filter both incoming and outgoing traffic. It tells you this in the FIRST paragraph.

The "man" (short for "manual") pages provide you with excellent help on almost every program run from within the Terminal application. You can view man pages by:

1. Double-click on the Applications folder on your hard disk (usually named "Macintosh HD").

2. Under the Applications folder, you will see a folder called "Utilities", double-click that.

3. Scroll down a bit and look for the Terminal application icon.

4. Double-click the Terminal application icon to launch Terminal. You should see a white window, with black text in it.

5. Next, make sure the Terminal window is selected and type 'man ipfw' (without the single quotes, obviously).

6. And from there you should be okay. ipfw is an extremely easy program to learn. I taught my grandma how to write simple csh scripts with the ipfw rules she wanted and now she can do it all herself.

However, with your level of knowledge, I would recommend that you don't mess with anything beyond what Apple's System Preferences gives you. They don't allow you to configure outgoing filters in the GUI for a reason. If you don't know what you're doing, it's quite easy to block legitimate traffic and cause malfunctions.

Hope that helps!
hkb


CoffeeMonkey said:
I'm thinking about paying the $25 for Little Snitch, but was wondering if there are any good alternatives.

I paid $40-$50 for Zone Alarm a few years ago when I had a PC, and I'm pretty cautious/paranoid about data security, so the $25 for Snitch isn't a problem. But I am surprised that OS X doesn't have similar built-in functionality.
Click to expand...
 
Any Specific Reason

Is there any specific reason you'd like to stop outbound traffic from leaving your computer? I can think of a few reasons, but many aren't worth the bother.
 
stopping traffic

I don't want to completely stop it - just monitor/control which apps are phoning home.
 
hkb said:
I taught my grandma how to write simple csh scripts with the ipfw rules she wanted and now she can do it all herself.
Click to expand...

Something tells me that your grandma is a bit more technically inclined than most grandparents.... :)
 
From what I've seen on their site, Little Snitch looks like a good program for no-brainer connection management. However, as part of the "no brainer" nature of it, it doesn't seem to let you know how much traffic is going back and forth, or how often an "allowed" connection is made, but for $25, it's a lot easier than playing with ipfw, which isn't very friendly and presupposes that you know what you want from it - and you can mess up your system, something Little Snitch won't do.

Hey, it's $25. Download it, play with it, and spend the $25 if you think it's of value. It's free to try it.
 
hkb said:
I'm not sure why you'd be surprised, or why you don't think that OS X supports this functionality. Assuming you aren't already familiar with ipfw, a quick glossing over of its manpage would tell you that it can filter both incoming and outgoing traffic. It tells you this in the FIRST paragraph.
Click to expand...

Well, you'd need to know to look there in the first place. When people say that "OS X supports" something, they generally mean that it's accessible from the GUI, not via the Terminal. Also, ipfw lets you set up rules to govern packet transmission, but, as far as I know, it doesn't warn you when something's trying to send something out - i.e., you'd have to block everything and then try to figure out why apps weren't working so that you could unblock certain things. Hardly "supported" functionality, in my book. No dynamic notification within the GUI, certainly.
 
CoffeeMonkey said:
I don't want to completely stop it - just monitor/control which apps are phoning home.
Click to expand...

Wow, definately paranoid. Is that how you got your nick CoffeeMonkey? Either that or you're running illegal software...Which doesn't make sense if you're wanting to buy software that keeps others from knowing your using stolen software...

I was thinking of reasons like keeping people from hacking your wireless connection and running porn/warez servers from your broadband connection, etc... This would be done on the router/firewall though and not the workstation...
 
Not too common on Macs, but a legit use is Spyware. On my PC at work, I get alerts all the time that some hidden app or app I choose to run unknowingly is sending SOME sort of data somewhere else without my permission or knowledge.

Many times, I want to know what and who and why.

Its not all folks trying to stop Macromedia, Quark and others from phoning home.

Most Mac users are not at all at home with Terminal.This is a whole other topic, but the fact is most like the GUI and wrapper Apple has put on a BSD Unix. Personally, I have a moderate working knowledge of BSD and other *nix and OS X does not always behave as anticipated. I am sure its a factor of my limited expereince and Apple's implementation. But that said, just cause BSD and Darwin say its there, does not make it accessible for mere mortals.

As for the grandmother comment, that was severely patronizing. Not only did you berate a newbie from asking a legit question, but you implied it was so easy a granma could do it. I for one have a smart Grandma, with an MD and PhD even, and she does not know how to script or use terminal. What is easy for you may be rather difficult for others, even intelligent others. If you intend to help others on the forum, try to do it in a manner which lends a helping hand.

As to the original post, Little Snitch works but lacks the absolute control you may want. But it can certainly let you block new apps and test them out and see if they phone home.
 
Think Positive

seamuskrat said:
As for the grandmother comment, that was severely patronizing...
Click to expand...

I think hkb was really trying to help CoffeeMonkey with this comment. A little encouragement is all that someone needs in order to get motivated to learn *nix. I think most of the people here are around to try and help others, not belittle them. If you don't look so negatively at hkb's comment about his grandmother, maybe he was trying to say that with a little effort, research and thought YOU CAN DO IT TOO!!!

Don't be discouraged, the glass is half full; all you have to do is tip it to your lips and take a drink!

As always when working with a computer, know what you want to make it do before you dive in and make it do it. Sometimes it takes a few google searches and some reading.
 
I bought little snitch.

It becomes worth it after the first time something creeps.

I hate spyware sooo much. It's nice to have the tools to stop it in its tracks.
 
You must log in or register to reply here.
Register on MacRumors! This sidebar will go away, and you'll see fewer ads.
Top Bottom
Back