|
Michael Martin
|
 |
« Reply #3 on: October 03, 2006, 05:55:01 PM » |
|
Robin --
Since you didnt mention what kind of Mac yours is, I'm going to presume a "non-Laptop".. It also sounds like both of your mac's are Wifi connected (no hard ethernet wiring).
If your Mac is non-portable and you keep it at home behind a firewall (EG: Belkin Router) AND you live in an area where no-one is close to you and could possibly get on the WIFI of your house, and you have taken all of the good security precautions with your Wifi network (setting WPA encryption, turn off beaconing, etc) then you might be ok.
Keep in mind that if you are Wifi'ed, there are at least 2 vulnerability points -- externally from the internet connected to the "other side" of the belkin router, and inside from the open nature of the wifi connection. If it is the case that your mac is wifi'ed, then there is the possibility of someone getting into your network wirelessly and gaining access to your macs (plural).
As Eugene mentioned below, part of the beauty of the MacOS is that it does have a built-in firewall where a novice user can turn on, be very well protected, and specficially enable access into your computer for known protocols. EG: if you never intend to run a webserver on your mac, dont enable it on your firewall settings -- if you want to enable FILESHAREING between the two macs, enable filesharing through the firewall.
In the case of your Laptop, if you ever venture OUTSIDE of your house with your laptop and use public access points (like starbucks or public libraries or McDonalds, etc) , engaging the firewall is even more important.
So -- Unless there's a reason why you DONT want to turn it on or beyond a shadow of a doubt, you KNOW that you are completely isolated and safe, I would suggest by default, you turn on your firewall. It basically shuts down all normally open TCP/IP ports.
I have found that the only thing that it gets in the way of, on Mac's, is that you may want to share a printer or a file, and with the firewall on -- you may not get the expected behavior (as in you'd be denied access by default rather than being allowed access by default). If this happened, all you'd have to do is go back into your firewall configuration and enable these services by checking on or off certain services ("poke a hole in the firewall" to let these things happen). By default, access to pretty all major Internet services (file sharing, FTP, Web Access, etc) are selectable by checkbox and even if there's an odd protocol that you want enabled, it's easily implemented.
Now, having said that and done my best to spread panic and paranoia -- I will say that most of your access issues are going to be coming over the Belkin -- which should have some form of firewall enabled. I have PC's and Macs in my house. By far, the PC is at more risk just accessing the internet. If I didnt have a firewall, anti-virus, and anti spyware applications loaded (and sucking the performance out of my PC), then surely within minutes my PC would become overtaken by all the mal-ware on the web. Again, 99% of this is pointed at "windows" operating system based computers (including Mac's running in Windows mode).
The Mac is way "cleaner" of an expereince on the internet and for the moment you may be just fine with your firewall set to off. However, with the increasing popularity of Mac's and the increasing vulnerability of internet tools ( Like Safari), having a firewall on may seem a bit redundant, but it increases your "safety net" greatly.
Let me know if this helps at all..
Mike
|
