How to Configure Your Mac's Firewall

What You Need

- Mac OS 10.2 or later

Every Mac ships with a built-in firewall - a software package that can be configured to disallow information from entering your Mac. But what is a firewall, and why do you need to use it on your Mac? Every time you request information from the Internet, such as a web page or email message, your Mac sends data packets to request the information. Servers receive the packets, and then send other packets back to your Mac. This all happens in a matter of seconds. Once your Mac has reassembled the packets, you should have an email message or web page.

A firewall can help prevent bad packets from entering your Mac. Crackers love to run automated applications that can scan thousands of computers (including your Mac) for open ports that can be exploited. To ensure that random individuals do not gain unauthorized access to your Mac, you should enable Mac OS X's built-in firewall. It will close your Mac's open ports and disallow random network scans.

Here's how to turn on and configure your Mac's built-in firewall:

  1. From the Apple menu, select System Preferences. Click on Sharing.




  2. Select the Firewall tab. If your Mac's firewall is turned off (it will say "Firewall Off" if it is), click the Start button to turn it on. Trust us, you do want your firewall turned on!




  3. Now click the Advanced button. You have three options here: Block UDP Traffic, Enable Firewall Logging, and Enable Stealth Mode. We suggest that you select the Enable Stealth Mode check box. It doesn't have many side-effects, unless you want people to be able to perform stealth scans of your Mac.

    We also recommend that you select the Block UDP Traffic check box. This option can adversely affect some of your applications, but it's highly unlikely. In fact, we've had this enabled for over two years with no noticeable problems. Firewall Logging will record events of interest, but the logs take up a considerable amount of space (for logs), and we don't really want to see that information anyway. If you do, turn on Firewall Logging.

  4. Click OK to save your changes. Close Systems Preferences. Your Mac is now protected by its built-in firewall!


There are several third-party firewall applications available for Macs, but we don't recommend that you purchase them. Mac OS X's firewall is built on industry-standard UNIX technologies that are used to protect web servers. If you're paranoid and want a beefier firewall, bone up on your UNIX skills and write some custom rules for your firewall. Leave the third-party firewall applications at CompUSA, where they belong!



Meet Your Macinstructor

Matthew Cone is a technical writer living and working in Albuquerque, New Mexico. In his free time, he does the desert rat thing and hikes and road bikes around the Southwest. The rest of the time, he studies straw-bale houses, reads Anarchist philosophy, and pretends to not be working. You can email him at: matt@macinstruct.com

RSS

Grab our feeds

Subscribe to our RSS feeds. Get tutorials on your Desktop!

Copyright © 1999-2010 Macinstruct and respective authors.

Permission is granted to copy, distribute and/or modify this document under the terms of the GNU Free Documentation License.