Setting Up a Personal Firewall

2001 – You are not very likely to face direct attacks from hackers because you use a computer, because those people mostly target businesses and large networks. On the other hand, the security of your files is never 100% guaranteed, even though you use a computer that less people know to hack than, say, Windows.

Description: Using a software firewall
Difficulty level: Intermediate
System version: Mac OS 8.1 to 9.2.2 and a PowerPC Mac
Required: NetBarrier firewall software

There are people who know how to scan ports to get information about your computer, and preventing this is rather smart. This is why the use of a software firewall can be useful, even if your Internet service provider has a physical firewall. I could not get my hands on Norton Personal Firewall for this article, but I have been using NetBarrier for several months, and it has proved to be quite reliable to detect intrusions, especially port scanning. I recommend it based on my positive experience, and I want to show you how you can use it.

The first step is to get NetBarrier; a step you can take after reading this. It costs US$49.95 for a downloadable version from Intego, the company that develops it. When you have NetBarrier, make sure to install it and then restart your Mac. NetBarrier should pop up a window that requires registration. Enter the information, and everything is ready to go. Also, a yellow lozenge will show up in your menu bar. This is a shortcut to open NetBarrier when it is active.

Disclaimer: NetBarrier version 1.5.2 was used for this tutorial. There is a newer version that may work differently; it offers more than the older version we are using as an example.

Firewall Settings

NetBarrier firewall software

From the above window, you can handle your general settings. When you transfer information between your computer and the Internet or a network, no restrictions is the way to go. Client only and Server only are useful if you wish to block outgoing and incoming transfers respectively. Client, local server pretty much speaks for itself, but for most dial-up and cable modem access users, this does not apply. No network is great to block any network information exchange. I sometimes put it to No network temporarily if any access to the Internet could disturb what an application (think CD burning) is doing. You would normally leave this set to No restrictions.

Antivandal Protection

On to the good stuff. It is time to set up your antivandal options. The antivandal protection is especially good at stopping intrusions.

anti-vandal protection in NetBarrier

In the above list, here is the meaning for each prevention measure:

  • Stop unknown protocols: This makes sure that any communication protocol that NetBarrier is not aware of is not going to be effective on your computer. It can be useful, but I strongly recommend you keep this turned off. The big trade-off, if you turn it on, is that some of your Internet activities could be blocked. For example, I know people who have physical firewalls that prevent them from using instant messaging software or Internet protocols that access a certain type of server. Software is more flexible than physical firewalls, but your best bet is to keep this turned off until you have a specific need for it.
  • Protect against ping attacks: Your computer will sometimes receive pings when connected to the Internet, and such pings can be harmless. But hostile pings and floods can turn into a ping attack. I recommend keeping this turned on.
  • Protect against port scans: To me, this is an important protection because it can block access to many of your resources. Keep this turned on. If you run a server, this is likely to cause problems, because whenever someone connects, he has to access ports – even for Web sites.
  • Protect against SYN flooding: This limits the number of connections made, which can prevent connection floods from causing denial of service. There are some major websites that could have used protection such as this (on a much larger scale, however) when their servers were flooded with requests, thereby making them anything but functional for Web surfers who wanted to visit :-)
  • Protect against intrusion attempts: Do I need to draw you a picture? :-)
  • TCP sequence scrambling: Keeping this checked can help stop people from taking control of your computer. On the other hand, it will not block Timbuktu software from being used to control your computer from remote locations. This is good news for someone who likes doing this. If you have two computers and use Timbuktu to avoid going back and forth between computers to execute operations, NetBarrier will not mess things up with this setting.
  • Stealth mode: It is a bit of an invisibility remedy – except that you cannot hide your IP with this – and if you have problems with certain connections to the Internet, you will have to turn it off. It prevents your computer from replying to pings, and the effect of a reply depends on what ping you are receiving. Your mileage may vary, but turn it on until you notice problems.
  • Allow Port Mode FTP Transfers: If you set up your general setting to Client only, this will cancel the setting for FTP transfers. So you can limit your uploads to FTP sessions. I find this very neat.

Antivandal Alerts

anti-vandal allerts in NetBarrier

If an intruder steps in and NetBarrier detects the move, it can put the connection in a Stop List for predetermined periods (you choose) or pop open an alert (check the Ask button) and ask you what to do. The Stop List is handy. It will prevent temporary attacks and perhaps discourage the person who tries to snoop. The alert always allows you to click on Ignore if you know what you are doing. I remember visiting the website of a very reputable television network, and I felt that the alert I got was not necessary. I clicked on Ignore. You be the judge. The Stop List tab allows you to see who is in the dog house and edit the list.

Filters

In the NetBarrier application, you can click on Filter to set up protection for specific data. For example, your credit card number is something you want to protect. Click on the Filter button, turn the function on, and click on Add. Then give a name to the filter in the Label field and type the confidential data in the next field. Make sure to select TCP/IP or AppleTalk (or both) in the pop up menu on top of the window. This will make sure that the data will be filtered over one or both protocols.

I created such a filter with a credit card number. I then created a SimpleText file with the data in it. I tried to copy the file to my iBook over AirPort through AppleTalk, and here is what NetBarrier did:

NetBarrier forbidden data transfer warning

Note: When filters are turned on, Timbuktu users will experience all sorts of problems with direct connections, especially when wanting to control the other computer. It effectively blocks all kinds of operations, without even having custom filters set up. It acts as another layer of protection.

Settings

The last step in setting up your personal firewall is to point to the Settings button and click on it. You can customize software update settings and set up a password that will prevent anybody but you from accessing your NetBarrier settings when opening the application. You can also specify if you use a dial-up connection through a modem or permanent network connections through local area networks, DSL Internet, or cable modem Internet.

After going through these steps, you should have the kind of protection that your computer needs, just in case something (or someone!) should try to snoop.

Have an excellent day.

Related Article

Keywords: #macsecurity #computersecurity #firewall #netbarrier

Short link: http://goo.gl/gl6RSa