[macvoiceover] Re: VO-friendly firewall wanted

• From: Jude DaShiell <jdashiel@xxxxxxxxxxxxxx>
• To: macvoiceover@xxxxxxxxxxxxx
• Date: Sun, 31 Jul 2011 17:43:34 -0400 (EDT)

You do have to know enough Mac to build things when no mac packages are 
available if you want to use arnos-iptables-firewall.  I find it 
questionable to have intrusion detection in a firewall at all.  That's the 
proper job of system integrity software not a firewall.  For that the aide 
packages or shorewall or tripwire is more appropriate.  The reason it's 
inappropriate to add mission creep to firewall software is very simple.  
When a hacker does break into your system, they'll completely disable only 
one package then all of that additional mission creep added into that 
single package is just as compromised as that firewall was.  You could 
research honeypot software if you'd like to have some fun with the 
attackers as they crash your system too.  On Sun, 31 Jul 2011, Robin Kipp 
wrote:

> Hi Jude and Tim,
> Jude, thanks for the tip! However, wouldn't a firewall based on iptables be a 
> bit primitive? After all, I guess the only thing I could do would be to block 
> certain ports, so no attack signatures, no intrusion detection etc? However, 
> I checked out Arnos-iptables, but I can't find a package for Mac. Am I 
> missing something?
> Tim, sorry but I think that's not right, unfortunately. The firewall probably 
> asked you if those programs would be allowed to accept incoming connections, 
> not whether they should be allowed to access the internet. There's a free 
> firewall for the Mac called Little Snitch, but unfortunately that's totally 
> inaccessible.
> Thanks!
> Robin>
> > Click on the link below to go to our homepage.
> > http://www.icanworkthisthing.com
> >
> > Manage your subscription by using the web interface on the link below.
> > //www.freelists.org/list/macvoiceover
> >
> > Users can subscribe to this list by sending email to
> >  macvoiceover-request@xxxxxxxxxxxxx
> > with 'subscribe' in the Subject field OR by logging into the Web
> > interface at //www.freelists.org/list/macvoiceover
> >
> 
> 


>
> Click on the link below to go to our homepage.
> http://www.icanworkthisthing.com
>
> Manage your subscription by using the web interface on the link below.
> //www.freelists.org/list/macvoiceover
>
> Users can subscribe to this list by sending email to  
>  macvoiceover-request@xxxxxxxxxxxxx
> with 'subscribe' in the Subject field OR by logging into the Web 
> interface at //www.freelists.org/list/macvoiceover
>

• References:
  • [macvoiceover] VO-friendly firewall wanted
    • From: Robin Kipp
  • [macvoiceover] Re: VO-friendly firewall wanted
    • From: Jude DaShiell
  • [macvoiceover] Re: VO-friendly firewall wanted
    • From: Robin Kipp

Other related posts:

• » [macvoiceover] VO-friendly firewall wanted- Robin Kipp
• » [macvoiceover] Re: VO-friendly firewall wanted- Jude DaShiell
• » [macvoiceover] Re: VO-friendly firewall wanted- Tim Grady
• » [macvoiceover] Re: VO-friendly firewall wanted- Robin Kipp
• » [macvoiceover] Re: VO-friendly firewall wanted - Jude DaShiell

1. Home
2. macvoiceover
3. Archive
4. 07-2011

---

• » Previous by Date
• » Next by Date
• » Related Posts
• » View list details
• » Manage your subscription

---