F-Secure for Mac Beta B9871.C9041 Firewall Issues/ Bug?

Rusli
Rusli Posts: 1,019 Influencer

Hi

 

I so not know whether F-Secure for Mac Beta (B9871.C9041) contains a bug in the Firewall?

 

So I am not so sure if it supposed to work this way.

 

I got "Your Computer is Not Protected".

 

Inorder for me to get the Protected I have to enable the F-Secure For Mac Beta Firewall.(Under Status Option).

 

But I noticed that the Firewall in the Mac OS X 10.6.7 was turned on in Green. (when you turned on the F-Secure Firewall Status option)

 

But when you checked the System Preferences, the Mac OS X 10.6.7 Firewall did not have the Option of "Block All Incoming Connection" and "Enable Stealth Mode" turned on.

 

So I wonder if this is a bug in the F-Secure for Mac software.

 

Did any of you guys encounter this problem on Mac OS X Lion with this beta build???

 

 

 

 

Comments

  • MJ-perComp
    MJ-perComp Posts: 432 Superuser

    Hi,

     

    while I am not familiar with MAC and its firewall; why do you think this is a problem?

     

    Generally a firewall does not need to block ALL incomming traffic (but it could)

    and it does not need to stealth to fulfill its task.

     

    If you are 100% sure you only need outbound connections, then block all incomming traffic. But already when you want your system to answer a ping you can not use that.

     

    Stealth means not to even send a reject but tro drop any incomming (unwanted) packets. Some programs need really long to timeout on such connections requests if they do not get the answer (or REJ). To avaoid problems in the users network I would always recommend not to stealth.

     

    This is general firewalling, based ob linux and windows. I doubt it is much different in a MAC (which is also based on ??nix) - but I might be wrong...

     

    my2ct

  • Rusli
    Rusli Posts: 1,019 Influencer

    Hi

     

    In the Mac OS X. (Regardless which version you are using). The standard Mac OS X procedure is to Enable "Block All In Coming Connections" and "Enable Stealth Mode".If you ask known Bastille founder, (Mr Jay Beale) he too recommended you to use this option.

     

    If you know Mr Jay Beale, he is well known Security Linux Guru in Bastille. Bastille do run in Mac OS X 10.4 Tiger.

     

    You do a Video search via Youtube for Mr Jay Beale. He did a session with Bastille Security on Mac OS X Tiger.

     

    I know that very well. I can give you the link if you wanted to.

     

    Mac OS X and Linux are generally not the same thing. Linux is using IPCHAINS Command base. You can set the rule in Linux OS.You can set the rule and customised your rules settings.

     

    On a Mac, you either use Firewall command base (which is the same as FreeBSD variant) or the GUI Base. There are third party software. (Depends on your needs)

     

    In Linux you can make use of any Firewall programs to run it. But it a Firewall Builder,Firestarter,Guarddog etc.Even on RedHat or Fedora built in Firewall you can select option to enable the stealth mode.

     

    As for Windows they have Firewall option in the Control Panel.

     

    As for the stealth mode is just a ping option!

     

    I have used Ubuntu, Fedora Linux before. So  on windows platform. ( I have try and used Freebsd & Solaris before since 1998-1999-Trial and error.)

     

    You can run a test with your firewall via Steve Gibson's www.grc.com

     

    You can used nmap if you wanted to.

     

    Things can get too Technical to say everything here.

     

     

     

     

     

  • Rusli
    Rusli Posts: 1,019 Influencer

    This is Apple own Knowledge base.

     

    Please read.

     

    http://support.apple.com/kb/ht1810

     

    You can check with any CERT.

     

    You know what is CERT is right?

     

    You can check with them.

     

    or CCC in Germany. (Just Kidding)

     

     

  • Rusli
    Rusli Posts: 1,019 Influencer

    Please read this link.

     

    http://homepage.mac.com/johnhood/PDF/Mac_OS_X_Security.pdf

     

    The above link the basic steps in securing your Mac.

     

    It says ...

     

    Firewall > AdvancedCheck the following:*Block all incoming connections*Enable stealth mode (Alas, sounds cooler than it actually is)

     

    By the way.

     

    I am not one of FanBoys! Whatever you might want to call it. LOL! (Don't ever says that the Mac is secure! It is not)

     

    Anyone who test the Beta Build (the current version as of this writing). 

     

    There are some issues which I have highlighted.

     

    I hope the F-Secure Beta team take note of these.

     

    If you were to disable the "Block Incoming Connection and Enable Stealth Mode". 

     

    F-Secure for Mac will go "Your Computer is Not Protected."

This discussion has been closed.