OS X firewall - how to make it actually work
in [UK Mac]
|
From: Jim on 21 Jan 2010 04:59 On 2010-01-21, James Taylor <usenet(a)oakseed.demon.co.uk.invalid> wrote: > Jim wrote: > >> This is probably a hopelessly simplistic answer, but could you not simply >> put the Mac's network adaptor on a 10.x.y.z network, then put the VM's >> adaptors onto the realworld network? > > Nice idea Jim, but sadly that doesn't stop OS X from Bonjouring everyone > on the network about your machine name, IP address, listening services, > etc, and thus it would be very easy for a malicious agent (virus, > hacker, whatever) on the same LAN segment to see you and then attack the > IP address you were on whatever you set it to. Bother. Jim -- http://www.ursaMinorBeta.co.uk http://twitter.com/GreyAreaUK "Get over here. Now. Might be advisable to wear brown trousers and a shirt the colour of blood." Malcolm Tucker, "The Thick of It"
From: D.M. Procida on 21 Jan 2010 05:22 James Taylor <usenet(a)oakseed.demon.co.uk.invalid> wrote: > It sticks in my craw that I purchased an expensive Mac, but OS X is so > insecure it can't even be secured when you try very very hard. I feel > let down by Apple on several aspects of security actually. They just > don't seem to get it at all. I'm a little puzzled by your complaints. At the level you're speaking of, you're presumably not dealing with anything especially to do with Mac OS X; it's FreeBSD, isn't it? In which case, you should be able to make it do anything that you could make FreeBSD do. Daniele
From: Woody on 21 Jan 2010 05:32 James Taylor <usenet(a)oakseed.demon.co.uk.invalid> wrote: > Jaimie Vandenbergh wrote: > > > Then stick with VMware rather than using KVM. Server is free on Linux, > > and all the VMwares use the same machine format. > > Oh really? That's such good news. I have used VMWare server. It does mostly work but there is a good reason it is free. For servers it is mostly ok. For use as a desktop it is sluggish to say the least (ignoring its faffyness to run and set up). -- Woody
From: James Taylor on 21 Jan 2010 05:33 D.M. Procida wrote: > I'm a little puzzled by your complaints. At the level you're speaking > of, you're presumably not dealing with anything especially to do with > Mac OS X; it's FreeBSD, isn't it? Well, I'm not sure. Is the launchd system and all the listening daemons I listed earlier part of FreeBSD, or are they part of OS X? > In which case, you should be able to make it do anything that you could > make FreeBSD do. Are you suggesting that I can install FreeBSD instead of OS X, or that by using MacPorts I might be able to install FreeBSD features such as a working application firewall, or some other approach? -- James Taylor
From: Jaimie Vandenbergh on 21 Jan 2010 05:34
On Thu, 21 Jan 2010 16:48:11 +0700, James Taylor <usenet(a)oakseed.demon.co.uk.invalid> wrote: >Jaimie Vandenbergh wrote: > >> James Taylor wrote: >> >>> Can anyone tell me how to get the application firewall to actually >>> do its job and block incoming access to everything but VMware? >> >> You can't, it just doesn't do that. > >You're confirming that the firewall doesn't do its job? So Apple's own >flagship security feature is well known to be snake oil is it? Nope. It does exactly what it says it does, which doesn't happen to be what you need. Cheers - Jaimie -- BE PURE BE VIGILANT BEHAVE |