Leopard’s Firewall Faulted by Security Researchers

| News

Researchers at Heise Security have noted that, even after an upgrade from Tiger to Leopard, if the firewall was turned on in Tiger, it is turned off in Leopard, according to Robert Vamosiis C|Net Blog on Tuesday.

In addition, even if the Leopard firewall is once again turned on, some incoming connections will be allowed, determined by Leopard by default.

J?rgen Schmidt, editor in chief at Heise Security said, for example, his team was able to query the NetBIOS Naming Service on the network even with the firewall on. His team also had a problem filtering UDP packets in Leopard [in the firewall].

Heise Security also faulted Apple for not including the latest version of Samba which has bug fixes. Itis the same version as in Tiger.

TMO notes that Apple typically avoids confusion by keeping things simple for novices but offers a UNIX architecture that allows professionals to implement whatever they need. Also, in Leopard, the firewall has been moved from the Sharing System Preference to Security.

Sign Up for the Newsletter

Join the TMO Express Daily Newsletter to get the latest Mac headlines in your e-mail every weekday.

No Comments

Log-in to comment