Slashdot Mirror

← Back to Stories (view on slashdot.org)

OS X Leopard Firewall Flawed

Posted by kdawson on from the block-what-i-say dept.

cycoj writes with a report in the German IT magazine Heise, taking a look at the new OS X Leopard firewall. They find it flawed. When setting access to specific services and programs to only allow SSH access, for example, they found that a manually started service was still accessible. From the article: "So the first step after starting Leopard should be to activate the firewall. The obvious choice to do so is the option to 'Set access to specific services and programs,' which promises more control over network traffic. Mac OS X automatically enters all shared resources set up by the user, such as 'Remote login' for SSH servers, into the list of accessible resources... However, initial functional testing quickly dispels any feeling of improved security. A service started for testing purposes was able to be addressed from outside without any difficulty. The firewall records this occurrence... Even with the firewall set to 'Block all incoming connections' ports to netbios, ntp and other services were still open... Specifically these results mean that users can't rely on the firewall."

5 of 300 comments (clear)

  1. Re:Never put your eggs in one basket. by ScytheBlade1 · · Score: 1, Offtopic

    I trust my linux based software firewall a lot more than I trust a Linksys router doing NAT.

  2. yup by gspawn · · Score: -1, Offtopic

    I work for an ISP, and several programs we distribute don't work with 10.4 at all, but do work with anything 10.0+ and above otherwise. Yes, 10.4 has issues at the moment.

    --
    ---Vote None of the Above---
  3. Re:Software firewall by pandrijeczko · · Score: -1, Offtopic
    If it was Microsoft who had committed this "crime", all the Microsoft and Apple users would be up in arms & throwing abuse at them.

    However, because it's Apple, all the Apple fanbois think it's just fine and dandy - you're both laughable and pitiful in your devotion.

    And before you say anything, I use Windows XP about a fifth as much as I use Linux - and have never owned a single Apple product because I've never yet found a need to own one.

    --
    Gentoo Linux - another day, another USE flag.
  4. Attention: MODS by Anonymous Coward · · Score: -1, Offtopic

    This is just Stevie (HomelessinLaJolla) demonstrating, as usual, that he doesn't know what he's talking about.

    MOD. PARENT. DOWN.

  5. DRM DRM DRM by TheNetAvenger · · Score: 0, Offtopic

    DRM DRM DRM DRM DRM!!!

    Oh, wait, we only say that when it is MS, when Apple does it, it is SECURITY...