Just like DoorStop, Who's There? will show the attempt, and where it came from, but this is where the similarity ends. It also shows the relative risk of the attempt. Plus, if you double-click on a portion of the entry, more detailed information will be shown, depending on where you clicked. For example, if you double-click on the area describing the service, a window with more detail about the service will be shown. It may link to the RFC describing the protocol in detail. If you double-click on the address or host name, a lookup on the address will be done, telling you where the address is, and who owns it.

For determined attackers, Who's There? will help craft an e-mail, and even address it if the owner of the domain is available via a WHOIS lookup. The e-mail will describe the details of the attack, and when it took place. This information is of great value to those who will eventually have to deal with the problem.

To get a better idea of what types of Internet access your Mac is making, you can choose to view the data in different ways. You can sort by service, to get an idea of all the services that your Mac is using, or that those from the outside are trying to access. You can also sort by hostname and IP address, to see all of the machines you have been accessing, or that have been trying to access you.

So make sure that you know what your Mac is accessing, and more importantly, who is trying to access your Mac, with Who's There? Firewall Advisor.

Have any other Mac Gadgets that you'd want to have if you got lost in the woods? Let John know via e-mail, so he can review it, or share it with the rest of us in the Mac Gadget Forum.