Setting up a Firewall in OS X
A 'Best of the Practical Mac' Column
- 2002.02.26 - Tip Jar
Low End Mac Reader Specials
Memory To Go Special: New 2008 iMac 2GB $42 / iMac Intel Core2 DUO & MacBook Pro 2GB $36 - 1GB $20. MacPro 8 Core Memory 4GB kit $154 / 2GB kit $94 -- Free shipping available.
Download Typestyler, still the Ultimate Styling Tool for Internet, Print and Video Graphics. Works great in Classic with a Native OS X Version on the way. Free Tryout: www.typestyler.com
LA Computer Company: Specials on AppleCare, iMac's, Apple Batteries and Apple A/C Adapters. Also Great prices on Used Apple Computers. Call 1-800-941-7654 Click Here.
Other World Computing has the Upgrades, Enhancements, and Accessories for getting the most from your Mac. Quality Products, Competitive Prices, Expert Support Staff - www.macsales.com
Mac users can finally play Party Poker for Mac. Not only that, they can also learn how to play PokerStars for Mac.
Laptop Hardware Provided by TechRestore - Overnight Mac & iPod Repairs.
Compare products like desktop computers, laptops, and LCD TVs side by side! All the information and reviews to make the best purchasing decision for a new cell phone GPS products or MP3 players. The Ciao network makes searching products easy for you.
New MacPro Memory 800Mhz With Apple Spec Heat Sink 2GB $88 / 4GB $138 / 8GB $274 - Click to Maximize your Macs...
You're trying to decide if you need a firewall. Perhaps you read The Practical Mac column, Internet Security for the Home User. In that column, we stated that the longer you stay connected to the Internet, the greater your need for a firewall.
If you use OS X as your primary operating system, there is good news. You already own a firewall program and may not even know it!
Mac OS X, or more properly, its underlying Unix OS, contains a built-in firewall program. Configuration of this firewall is typically done at a Unix command prompt. That fact in itself would make it unsuitable for the vast majority of Mac users. After all, many of us first started using a Mac years ago because we did not want to be faced with the DOS command prompt.
However, a very nice GUI-based program exists to allow the user to configure the most popular firewall options from the comfort of their Mac desktop. The program is called BrickHouse, was written by Brian Hill, and is available for a $25 shareware fee. This could be the best $25 you ever spend.
After you have downloaded and installed BrickHouse (and paid for it!), open the program. At the initial screen, you may have to click on the lock icon and enter the administrator password in order to make changes. From the icon menu at the top, select the Assistant.
At the first Assistant screen, select your method of connection to the Internet and whether you have a static or dynamic Internet (IP) address. Click Continue.
At the next screen, you will be asked for the service that you wish to allow others to access on your Mac. The caption is a bit misleading. It implies that the selections you make here will only pertain to those who try to access your Mac from the Internet. In fact, these settings apply to anyone who tries to access your Mac from anywhere, even on the local network.
If others ever need to connect to your Mac for file sharing or you use iDisk, you should check "AppleShare IP/iDisk and "Network Browser (SLP)." These are the most common services you might need to leave open for access. If your Mac is ever accessed via Timbuktu for remote control or troubleshooting, you will need to check that box as well. We recommend you leave all others unchecked unless you have specific needs for those services. Click continue.
The next screen lists a large number of know hacks and attacks. As a general rule, you want to prevent these kinds of attacks (that is the primary purpose of a firewall, after all), so we recommend you check every box except for the first two, TPC and UDP Standard Services. At some point, particularly if you are on a corporate network, you may encounter a legitimate program which uses the same port(s) as one of these identified attacks and is prevented from working properly due to your firewall. If so, you can always enable access to the necessary port(s) by unchecking the box beside the attack which uses the same port(s). Click Continue.
Congratulations! Your firewall is configured and ready to be enabled. Click on Apply Configuration to make your firewall active. Then click on Install Startup Script to create a startup item which will enable your firewall each time you boot up your Mac. Now click Done.
Exit BrickHouse. Your firewall is installed and will be present until you uninstall it. If you decide you wish to uninstall the firewall in the future, simply select Options>Remove Startup File from the menu bar, and it will be gone once you reboot.
BrickHouse also offers an easy way to set up IP Sharing at this screen. If you have a single Internet connection and wish to share it with other computers (including Windows or Linux PCs) on your network, you can do so by clicking on Setup IP Sharing. The Mac which IP Sharing is setup on has to be running in order for any other computers to access the Internet through IP Sharing.
This could can very useful in a pinch, but for permanent Internet sharing, the better solution is to use a dedicated hardware device such as a router.
It is very important to point out that this only works in OS X. If you reboot into OS 9, the firewall is not present. Any applications running in Classic under OS X are protected, however.
If you use OS 9 as your primary OS, the firewall
recommendations we made in Internet Security for the Home User
still apply to you. 
Steve Watkins is the Vice President for Information Technology for a mid-sized bank and also an attorney. He has been a Mac user for about ten years. He has owned some PCs along the way - but always came back to the Mac. If you find Steve's's articles helpful, please consider making a donation to his tip jar.
Recent Practical Mac Articles
- 5 things Apple is doing right in 2008 - and 5 it could do better, 03.24. Apple has made great strides in the past five years, but there are still a few areas that need to be addressed.
- MacBook Air a compelling option for the true road warrior, 02.22. Although it's not intended as a desktop replacement and has a few shortcomings, the lightweight MacBook Air with its 13" display could be the perfect field computer.
- Mailsmith a simple, powerful, spam fighting alternative to Apple Mail, 04.23. Mailsmith is bundled with SpamSieve, integrates with Address Book, and has very flexible scripting tools combined with elegant simplicity.
- Can your spam with SpamSieve, 02.02. "Right out of the box, SpamSieve exceeded the accuracy of the Apple Mail filter I've been training for over a year."
- More in the Practical Mac index.
Links for the Day
- Mac of the Day: Centris 650, Feb. 1993 - The replacement for the Quadra 700 has room for an internal CD-ROM.
- List of the Day: Old Mac MP covers 604-based multiprocessor Macs and clones.
- September 7 in LEM history: 98: Banner exchanges - 00: Tips from the Mac manager - Getting a Mac job - 01: Apple and the gray market - Repositioning the 'Books - 04: Tray loading iMac a good choice for OS X? - Pismo CPU upgrades - 06: Mac mini value equation - Setting up a Mac Classic II - Putting the Intel transition in perspective - 07: Region free DVD viewing, - My Newton - Solving Mac disk and hardware problems - 2 apps every MacBook should have
Recent Content on Low End Mac
- Anticipation: New iPods Now, New Macs Later, Kev Kitchens, Kitchens Sync, 09.05. The season of new iPods is at hand, but new Macs may wait until 2009.
- Buy a MacBook Now or Wait?, MacBook touch Patents, Samsung X360 Takes on MBA, and More, The 'Book Review, 09.05. Also 20 years of portable Macs, data backup and preservation, universal U-Charge battery charger for Mac 'Books, bargain 'Books from $150 to $2,699, and more.
- Listen to Just the Music with the V-Moda Vibe Earbuds, Tommy Thomas, Welcome to Macintosh, 09.05. Well built, the noise canceling earbuds will let you hear all the nuances of your music without letting through background noise.
- Source of iPhone 3G Problems, Army Uses iPods as Field Translators, Gains with Business, and More, iNews Review, 09.05. Also UK bans iPhone ad as 'misleading', iPhone password easy to bypass, GM to offer radios with USB in 2009 models, weather tracking software, and more.
- Macs Gain Ground in August, Consumers Most Likely to Buy Macs, LaCie USB Speakers, and More, Mac News Review, 09.05. Also migrating Time Machine to a new drive and two new keyboards from Logitech.
- Best iPod touch Deals, Low End Mac Deals, 09.05. Refurb 8 GB, $199; new, $284; refurb 16 GB, $299; new, $370; refurb 32 GB, $399; new, $453.
- Best 15" MacBook Pro Deals, Low End Mac Deals, 09.05. Used 1.83 GHz Core Duo, $999; 2.16, $1,125; new, 2.2, $1,450 after rebate; refurb 2.4, $1,699; 2.5, $1,999; 2.6 Santa Rosa, $1,849; rebates on new.
- Best iMac G4 Deals, Low End Mac Deals, 09.05. Used 15" 700 MHz CD-RW, $279; 800 Combo, $300; 1 GHz $390; 17" 800 MHz SD, $439; 1.25 GHz, $449; 20", $569.
- Overclocking a Mac mini Got Me Hooked on Souping Up Macs, Adam Geller, My First Mac, 09.04. Stories of hot rodding iBooks, G3 iMacs, and PCI Power Macs on the cheap.
- Apple Will Not Abandon Optical Drives, the Mac Drought, Purposeful Mac Acquisition, and More, Dan Knight, Low End Mac Mailbag, 09.04. Also Mac OS X 10.5 on a G4-upgraded Blue & White G3 and problems using a flat panel display with a Quadra 700.
- Only Leopard Runs Routine Maintenance Tasks after Startup or Waking from Sleep, Charles W. Moore, Miscellaneous Ramblings, 09.04. Mac OS X 10.5 runs routine system maintenance scripts as soon as possible after starting up or waking up your Mac. Earlier versions of OS X do not do this.
- Tomorrow's Solid State Drives and Notebooks, Dan Knight, Mac Musings, 09.04. Flash drives are great but have some shortcomings. Some thoughts on building better SSDs and notebooks to use them.
- Best Mac mini Deals, Low End Mac Deals, 09.04. Used 1.25 GHz G4 SD, $549; 1.42 Combo, $409; new 1.83 Core2 Combo, $569 after rebate; 2.0 SD, $769 after rebate.
- Best 12" PowerBook G4 Deals, Low End Mac Deals, 09.04. Used 867 MHz Combo, no APX, $490; 1 GHz, $550; SuperDrive, $625; 1.5 GHz w/o APX, $660; w/APX, $675.
- Best 17" PowerBook G4 Deals, Low End Mac Deals, 09.04. Used 1 GHz, $779; 1.33 GHz, $799; 1.5 GHz, $859; 1.67 GHz, $910.
- 11 Mac Browsers Compared, Simon Royal, Mac Spectrum, 09.03. The latest versions of Internet Explorer, Opera, Safari, Shiira, iCab, Radon, Firefox, Netscape Navigator, SeaMonkey, Flock, and Camino tested in Leopard.
- Save Internet Radio, USB and Hard Drives, Hardware Manufacturers vs. Linux, and More, Dan Knight, Low End Mac Mailbag, 09.03. Also Mac won't book after cleaning, newer versions of OS X improve wake from sleep, downgrading to OS 8.6, unreadable pages on Low End Mac, and more.
- Another Free POP3 Provider, Recharging a Dead PRAM Battery, Current Kanga Value, and More, Charles W. Moore, Miscellaneous Ramblings, 09.03. GMX email now available in US, Panasonic UJ-841S drive won't burn discs, restoring a dead PRAM battery in a Pismo, and thoughts on Kanga value today.
- Best eMac Deals, Low End Mac Deals, 09.03. Used 700 MHz Combo, $120; 1.25 GHz SuperDrive, $150; 1.42 GHz, $349.
- Best Mac OS X 10.5 'Leopard' Deals, Low End Mac Deals, 09.03. Mac OS X 10.5, single user, $99; 5 users, $140; 10.5 Server, 10 users, $395; unlimited, $850.
- Best MacBook Air Deals, Low End Mac Deals, 09.03. Refurb 1.6 HD, $1,499; new, $1,690 after rebate; refurb 1.8, $1,699; new, $1,919 a/r; refurb 1.6 SSD, $2,099; new, $2,294 a/r; refurb 1.8, $2,299; new, $2,400 a/r.
- Psystar Strikes Back, Countersues Apple, Frank Fox, Stop the Noiz, 09.03. Psystar is trying to paint Apple as a monopoly and force it to license the Mac OS.
- More links in our archive.
About LEM | Support | Usage | Privacy | Contacts
Have a question?
Ask an expert!
Navigation
Used Mac Dealers
Apple History
Best Used Macs
Video Cards
Email Lists
InfoMac's Low
End Mac Forum
Favorite Sites
MacSurfer
MacMinute
MacInTouch
MyAppleMenu
InfoMac
Macs Only!
The Mac Observer
Accelerate Your Mac
RetroMacCast
PB Central
MacWindows
The Vintage Mac
Museum
DealMac
DealsOnTheWeb
Mac2Sell
ramseeker
Mac Driver Museum
JAG's House
System
6 Heaven
System 7 Today
the pickle's Low-End
Mac FAQ
Abandonware
Petition
Mac vs. PC Info
Affiliates
The Apple
Store
Mac
Connection
MacMall
TechRestore
MacResQ
ExperCom
Crucial
Memory
batteries.com
Advertise
