Re: Applešs Mac OS X Leopard firewallfails every test
- From: Jim <jim@xxxxxxxxx>
- Date: Wed, 31 Oct 2007 13:09:19 -0500
In article <47281c1b$0$20605$4c368faf@xxxxxxxxxxxxxx>,
Steve de Mena <steven@xxxxxxxxxxxxxxx> wrote:
Heise Security: Apple¹s Mac OS X Leopard firewall fails every test
Tuesday, October 30, 2007 - 06:02 PM EDT
"The Mac OS X Leopard firewall failed every test. It is not activated
by default and, even when activated, it does not behave as expected.
Network connections to non-authorised services can still be
established and even under the most restrictive setting, "Block all
incoming connections," it allows access to system services from the
internet. Although the problems and peculiarities described here are
not security vulnerabilities in the sense that they can be exploited
to break into a Mac, Apple would be well advised to sort them out
pronto," Jürgen Schmidt reports for Heise Security
"Apple is showing here a casual attitude with regard to security
questions which strongly recalls that of Microsoft four years ago.
Back then Microsoft was supplying Windows XP with a firewall, which
was, however, deactivated by default and was sometimes again
deactivated when updates were installed. It was also the case that
system services representing potential access points for malware were
accessible via the internet interface by default. Despite years of
warnings from security experts, the predominant attitude was that
security must not get in the way of the great new networking
functions," Schmidt reports.
"Then along came worms such as Lovsan/Blaster and Sasser, which
rapidly infected millions of Windows computers via security
vulnerabilities in system services, causing millions worth of damage.
Even today, an unpatched Windows system with no active firewall will
be infected within a matter of minutes. However, Microsoft has since
learnt its lesson -- a serviceable firewall, activated by default, has
been included since Service Pack 2. With the standard configuration,
no services are accessible from the internet on a Windows system,"
Schmidt reports.
Full article here:
http://www.heise-security.co.uk/articles/98120
So? Most Wireless access points which are routers have hardware
firewalls which are much better anyway.
--
Jim
.
- Follow-Ups:
- Re: Apple¹s Mac OS X Leopard firewallfails every test
- From: Steve de Mena
- Re: Apple¹s Mac OS X Leopard firewallfails every test
- References:
- Apple’s Mac OS X Leopard firewall fails every test
- From: Steve de Mena
- Apple’s Mac OS X Leopard firewall fails every test
- Prev by Date: Re: THIS should keep Zero, MeowMan and other WinPussies busy....
- Next by Date: Re: SJ finally got his wish...
- Previous by thread: Re: Applešs Mac OS X Leopard firewall fails every test
- Next by thread: Re: Apple¹s Mac OS X Leopard firewallfails every test
- Index(es):
