Leopard firewall revisited
Written by Arvinder Singh / March 07, 2009 / 1 min read / Filed under Ipfw, / Firewall, / Security
While bringing up firewalls for my test server, I thought of doing a little check on my machine.The logs rang a bell. Google told me, I was not the only one scared.
Leopard introduced application based firewall, while the old
ipfw still exists with just one default rule (Accept everything from everything!)
65535 allow ip from any to any
With Application firewall doing its best, lets add some ipfw rules. One way to do is making and adding new rules. However Newton said “Pigmaei gigantum humeris impositi plusquam ipsi gigantes vident(If I have seen a little further it is by standing on the shoulders of Giants.)”
To check your ipfw rules, use
sudo ipfw list. When you’re satisfied with your rules, install them for future reboots with
Tools > Rules Configuration > Save to startup configuration and
Tools > Startup Script > Install Startup Script.
I also installed WireShark, originally known as Ethereal. A look at network log is far satisfactory now than before.
Image: Cedalion standing on the shoulders of Orion from Blind Orion Searching for the Rising Sun by Nicolas Poussin, 1658. This image is in the public domain.