Firewall moved from the Sharing System Preference to Security. I had to re-enable ssh access from my Tiger setup so guess that makes up for the lack of default firewall. Hmmm....

of manually adding a port range. Also, you cannot block UDP only.. etc.. Making something simple and removing features is not the same thing.

I also wonder if the testers of the firewall placed the mac's behind a router, which I think is more typical. <shrug>

Vista is bulletproof!
The Death of 3rd Party Security Vultures and Such!
McAfee Inc., Trend Micro Inc., CA Inc. and especially Symantec, ... say goodnight! We are about to announce MS ForeFront 2.0!
Let me make it clear that while I have tolerated these "anti-virus" vendors for years, something about their very existence has not set very well with me. I mean, having a bunch of multi-million dollar companies that depend solely on there being bugs, leaks, holes, exploitables, mistakes, oversights and problems in Windows dosen't speak very well of Microsoft. They are like carrion, buzzards, jackels, ... protecting a rotten carcass from other smaller vermin. They always argue, "But, Bu-bu-but you need us!", maybe that was true in the past, but no longer!

VISTA IS BULLETPROOF!

None of these quacks bag of tricks are any longer necessary!
Between WGA and Forefront the OS and Genuine MS apps are totally impervious to attack! They are so secure that many times even the registered owners have trouble gaining access to the computer! So then how could any hacker?

These vultures will kick, choke and whine as the user-base realizes this truth, but I say good riddance, your success reflected badly on us anyway.

http://fakesteveballmer.blogspot.com

See http://leofud.blogspot.com

First off - Leopard does not need to run a single monolithic firewall. Leopard is specifically designed to grant network reception and send permissions on an app-by-app basis by default. Therefore, the firewall is actually always on. You have to make exceptions by opening up ports to allow file sharing, screen sharing, Skype, et. Otherwise, if you aren't running any servers, like sshd or "file sharing", a firewall is useless. Not running daemons that listen for outside connections is much more secure than a firewall. What a firewall is good for is allowing local network users access to services, while denying those services to other networks. But most of us have no need to run services at home, so a firewall is pretty much pointless.

If Leopard trusts the app/service (which is either trusted via cryptographic signature or by being initiated by the root user), it gets network access. Otherwise, it does not get access, plain and simple.

This means that in order to break in, you either have to have the cryptographic trust, or you already have to know the local machine's root password.

For the truly paranoid, the traditional firewall is sitting there in System Preferences, where you can turn it on at any time after installation. This will give you twice the protection that Vista could ever hope to give in its current state. So long as you don't use Windows Sharing (NetBEUI/NBT), a web server, ssh, NFS, or p2p... you generally have no need for a firewall if there's nothing on your box listening for inbound requests from the network (local or otherwise).