Leopard's Firewall Faulted by Security Researchers
Leopard's Firewall Faulted by Security Researchers
by , 3:10 PM EDT, October 30th, 2007
Researchers at Heise Security have noted that, even after an upgrade from Tiger to Leopard, if the firewall was turned on in Tiger, it is turned off in Leopard, according to Robert Vamosi's C|Net Blog on Tuesday.
In addition, even if the Leopard firewall is once again turned on, some incoming connections will be allowed, determined by Leopard by default.
Jürgen Schmidt, editor in chief at Heise Security said, for example, his team was able to query the NetBIOS Naming Service on the network even with the firewall on. His team also had a problem filtering UDP packets in Leopard [in the firewall].Heise Security also faulted Apple for not including the latest version of Samba which has bug fixes. It's the same version as in Tiger.
TMO notes that Apple typically avoids confusion by keeping things simple for novices but offers a UNIX architecture that allows professionals to implement whatever they need. Also, in Leopard, the firewall has been moved from the Sharing System Preference to Security.
Observer Comments
Vista is bulletproof!
The Death of 3rd Party Security Vultures and Such!
McAfee Inc., Trend Micro Inc., CA Inc. and especially Symantec, ... say goodnight! We are about to announce MS ForeFront 2.0!
Let me make it clear that while I have tolerated these "anti-virus" vendors for years, something about their very existence has not set very well with me. I mean, having a bunch of multi-million dollar companies that depend solely on there being bugs, leaks, holes, exploitables, mistakes, oversights and problems in Windows dosen't speak very well of Microsoft. They are like carrion, buzzards, jackels, ... protecting a rotten carcass from other smaller vermin. They always argue, "But, Bu-bu-but you need us!", maybe that was true in the past, but no longer!
VISTA IS BULLETPROOF!
None of these quacks bag of tricks are any longer necessary!
Between WGA and Forefront the OS and Genuine MS apps are totally impervious to attack! They are so secure that many times even the registered owners have trouble gaining access to the computer! So then how could any hacker?
These vultures will kick, choke and whine as the user-base realizes this truth, but I say good riddance, your success reflected badly on us anyway.
http://fakesteveballmer.blogspot.com
Wed Oct 31, 2007 6:14 am Subject: The story is fake! Heise don't know how to use nmap!
First off - Leopard does not need to run a single monolithic firewall. Leopard is specifically designed to grant network reception and send permissions on an app-by-app basis by default. Therefore, the firewall is actually always on. You have to make exceptions by opening up ports to allow file sharing, screen sharing, Skype, et. Otherwise, if you aren't running any servers, like sshd or "file sharing", a firewall is useless. Not running daemons that listen for outside connections is much more secure than a firewall. What a firewall is good for is allowing local network users access to services, while denying those services to other networks. But most of us have no need to run services at home, so a firewall is pretty much pointless.
If Leopard trusts the app/service (which is either trusted via cryptographic signature or by being initiated by the root user), it gets network access. Otherwise, it does not get access, plain and simple.
This means that in order to break in, you either have to have the cryptographic trust, or you already have to know the local machine's root password.
For the truly paranoid, the traditional firewall is sitting there in System Preferences, where you can turn it on at any time after installation. This will give you twice the protection that Vista could ever hope to give in its current state. So long as you don't use Windows Sharing (NetBEUI/NBT), a web server, ssh, NFS, or p2p... you generally have no need for a firewall if there's nothing on your box listening for inbound requests from the network (local or otherwise).
Comments are currently closed. Please email the author instead.
Recent Headlines - Updated July 6th
- Mon, 11:17 AM
- Ted Landau's User Friendly View - Apple’s LED Cinema Display: A Too Short Story
- 11:11 AM
- Product News - Photo Recovery for Mac Adds Photoshop Support
- 10:39 AM
- Hot Forum Topic - iPhones in Education
- 8:47 AM
- News - Apple Employee Injured in Store Shooting
- Fri, 10:29 AM
- News - Apple Warns of Learning Interchange Security Breach
- 7:30 AM
- News - Happy Fourth of July!
- Thu, 6:07 PM
- TMO Scoop - Psystar Moves to Drop Bankruptcy Ahead of Apple Legal Battle
- 5:37 PM
- News - Uncomfirmed Reports Say Apple & Nvidia On The Outs
- 4:57 PM
- News - Microsoft Sick Over Barf Ad
- 4:09 PM
- Product News - KRK Ships R6 Passive Studio Monitor for Recording
- 3:45 PM
- John Martellaro's Blog - Particle Debris (week ending 7/2) Juiced, Joost and Goosed
- 3:12 PM
- Product News - ExactScan 2 Pro Released
The Mac Observer Reader Specials
- Download Typestyler, still the Ultimate Styling Tool for Internet, Print and Video Graphics. Works great in Classic with a Native OS X Version on the way. Free Tryout: www.typestyler.com
OWC: Big Drives, High Performance - Not High Prices! SATA 3.5" up to 1.5TB. Notebook up to 500GB. FW up to 6.0TB. 1.0TB Drive Models from as low as $97.99 www.MacSales.com
If you're using a Mac, then you've gotta check out Full Tilt Poker for Mac. This Full Tilt Poker bonus code does the unthinkable, it actually rewards!
RamJet Memory: MacBook and MacBook Pro 4GB kits for $57.99! Mac Pro 4GB Kits $99.99! iMac and Mac mini 4GB Kits for $57.99! 1TB SATA Hard Drives for $109.99! Click hereFor the latest Apple products use Ciao, a price comparison website, to find laptops like MacBook Air. Then find the best prices on MP3 players and use our comparison tool to evaluate mobile phones like the Apple iPhone.
Laptop Hardware Provided by TechRestore - Overnight Mac & iPod Repairs.
