cycoj writes "German IT magazine Heise takes a look at the new OS X Leopard firewall. They find it flawed. When setting access to specific services and programs for example to only allow SSH access, they found that a manually started service was still accessible. From the article:
"So the first step after starting Leopard should be to activate the firewall. The obvious choice to do so is the option to "Set access to specific services and programs", which promises more control over network traffic. Mac OS X automatically enters all shared resources set up by the user, such as "Remote login" for SSH servers, into the list of accessable resources.
However, initial functional testing quickly dispels any feeling of improved security. A service started for testing purposes was able to be addressed from outside without any difficulty. The firewall records this occurrence."
Even with the firewall set to "Block all incoming connections" ports to netbios, ntp and other services were still open.
"Specifically these results mean that users can't rely on the firewall. Even if users select "Block all incoming connections," potential attackers can continue to communicate with system services such as the time server and possibly with the NetBIOS name server.""
This discussion was created for logged-in users only, but now has been archived.
No new comments can be posted.
Stealth Mode (Score:1)