Configuring Your OS X Firewall
- 2002.03.05 - Tip Jar
Low End Mac Reader Specials
Memory To Go Special: MacPro 8 Core Memory 4GB kit $154 / 2GB kit $94, New 2008 iMac 2GB $46. MacBook Pro / MacMini / iMac Intel Core2 DUO 2GB $44 / 1GB $23--Free shipping available.
Download Typestyler, still the Ultimate Styling Tool for Internet, Print and Video Graphics. Works great in Classic with a Native OS X Version on the way. Free Tryout: www.typestyler.com
LA Computer Company: Specials on AppleCare, iMac's, Apple Batteries and Apple A/C Adapters. Also Great prices on Used Apple Computers. Call 1-800-941-7654 Click Here.
OWC: Burn DVDs, DVD-DL, CDs, DVD-Ram - FAST! Superdrive upgrades from OWC starting from $31.99 with options for nearly every Mac. Models with Lightscribe, Blu-Ray too!
Mac users can finally play Party Poker for Mac. Not only that, they can also learn how to play PokerStars for Mac.
Laptop Hardware Provided by TechRestore - Overnight Mac & iPod Repairs.
Compare products like desktop computers, laptops, and LCD TVs side by side! All the information and reviews to make the best purchasing decision for a new cell phone GPS products or MP3 players. The Ciao network makes searching products easy for you.
New MacPro Memory 800Mhz With Apple Spec Heat Sink 2GB $104 / 4GB $172 / 8GB $338. Click to Maximize your Macs...
Last week, The Practical Mac explained how to set up a basic firewall using the shareware program BrickHouse. BrickHouse provides an easy-to-use graphical interface to activate and configure the firewall which is built into OS X. Unfortunately, the default settings don't necessarily meet the needs of every user. This article will show you how to tweak your firewall settings to meet your needs.
Microsoft Office v.X
Microsoft built into Office v.X an anti-pirating "feature" which can pose a serious security risk in a network environment. When any Office application is launched, it polls other computers on the network in an attempt to discover whether any other Office installations with the same serial number are present on the network. If another installation with an identical serial number is found, the application displays a message to this effect and won't launch.
Using this mechanism, it is possible for a hacker to create packets and direct them at a particular Office v.X installation, causing any open Office applications to shut down immediately, losing any work in progress. To thwart such an attack, Microsoft recommends, among other things, disabling both incoming and outgoing traffic on UDP port 2222.
Most users would scratch their head and say, "How do I do that?" The Microsoft article certainly does not explain how to do this. Have no fear - BrickHouse allows you to easily apply this and other filters to your firewall.
Launch BrickHouse, select Quick Configuration, and click on the tab of the network service you want to add the filter to (AirPort, ethernet, etc.). Select Add Filter from the menu at the bottom of the screen.
The Filter Details screen will appear. In the dropdown box beside Action select Deny. Choose Custom Service and UDP protocol. In the Port box, erase the numbers there and enter 2222. Make sure the Source is My Computer and the Destination is The Internet. Click OK.
This will prevent your Mac from broadcasting on UDP port 2222.
Now repeat the procedure, except this time change Source to The Internet and Destination to My Computer. Click OK.
This will prevent your Mac from receive and responding to any packets directed to UDP port 2222.
Over time, you are bound to encounter other programs which will require you to either open or close certain ports on your firewall. For instance, to receive QuickTime streaming video, you must open several ports. Among them is TCP port 554 for Real Time Streaming Protocol (RSTP). There may be other ports which need to be opened to enable QuickTime streams - refer to Apple Knowledge Base articles 60688, 42604, and 106307 for more information. To get you started, we will walk through opening up TCP port 554.
Go back to the Quick Configuration screen and select Add Filter. Change the dropdown menu boxes to Allow Custom Service TCP and change the port number to 554. Set the Source as The Internet and the Destination as My Computer. Click OK.
Repeat this step for other ports you wish open. To close ports, follow the same steps, but make sure the Action is set to Deny.
Back at the Quick Configuration screen, select Save, Apply, and Install to save your configuration and enable it to reload each time your Mac boots up.
If, after installing your firewall, you have applications which quit
working, check the support Web site for your particular program. Most
network-enabled programs have technical articles on their Web sites
which will tell you what firewall ports need to be enabled in order for
the program to work. 
Steve Watkins is the Vice President for Information Technology for a mid-sized bank and also an attorney. He has been a Mac user for about ten years. He has owned some PCs along the way - but always came back to the Mac. If you find Steve's's articles helpful, please consider making a donation to his tip jar.
Recent Practical Mac Articles
- 5 things Apple is doing right in 2008 - and 5 it could do better, 03.24. Apple has made great strides in the past five years, but there are still a few areas that need to be addressed.
- MacBook Air a compelling option for the true road warrior, 02.22. Although it's not intended as a desktop replacement and has a few shortcomings, the lightweight MacBook Air with its 13" display could be the perfect field computer.
- Mailsmith a simple, powerful, spam fighting alternative to Apple Mail, 04.23. Mailsmith is bundled with SpamSieve, integrates with Address Book, and has very flexible scripting tools combined with elegant simplicity.
- Can your spam with SpamSieve, 02.02. "Right out of the box, SpamSieve exceeded the accuracy of the Apple Mail filter I've been training for over a year."
- More in the Practical Mac index.
Links for the Day
- Mac of the Day: Quadra 700, Oct. 1991 - The successor to the Mac IIci ran a 'wicked fast' 25 MHz 68040 processor.
- List of the Day: Apple TV List The Apple TV List is a forum to discuss the Apple TV.
- August 29 in LEM history: 00: My lowest low-end Mac - 01: Uncluttered organization - Microsoft wins over Mac user - 02: Salute to SatireWire - 03: Wireless Internet popping up everywhere - 05: World domination, online or off - A 3-dimensional Dock replacement - 06: Productive at the low end - PowerPC vs. Intel - Secure wireless
Recent Content on Low End Mac
- Looking for a Content Management System That's as Easy as Mac, Dan Knight, Mac Musings, 08.29. Low End Mac needs to move to a content management system, but the few we've tried just don't cut it for people used to the simple elegance of the Mac.
- First 3 Million Mac Quarter, Skinny on Mac mini Pricing, Mac-like gOS, and More, Mac News Review, 08.29. More plan to buy Apple products than ever before, complete reset can fix MobileMac synch problems, Apple boosting computer and smartphone share, and more.
- New 'Books Likely in September, 17" PowerBook Display Fault Site, SSD Security, and More, The 'Book Review, 08.29. Also 6 ways to speed up your MacBook, next generation MacBook Air CPU, MacBook Air Update, LapStrap carrying solution, rise and fall of ultraportables, bargains from $220 to $2,699, and more.
- iPhone 3G Reception 'Completely Normal', AT&T International Data Plans for iPhone, and More, iNews Review, 08.29. Also longer life for iPod earbuds, an alternative to MobileMe, new cases and apps for iPhone, AppStoreGems website launched, and more.
- Best Power Mac G4 Deals, Low End Mac Deals, 08.29. Used 450 MHz AGP, $75; 500, $99; 800 QS, $199; 1.25 GHz MDD, $375; 450 MHz dual, $179; 867 dual, $300; 1 GHz dual, $395; 1.42 dual, $575.
- Best iBook G3 Deals, Low End Mac Deals, 08.29. Used 300 MHz clamshell, $150; 500 CD, $150; 800, $200; 600 CD-RW, $240; 900 Combo, $300; 14" 600, $360; 900, $400.
- Best iPod nano Deals, Low End Mac Deals, 08.29. Used 2 GB iPod nano, $89; refurb 3G 4 GB, $99; new, $140; refurb 8 GB, $149; new, $179.
- 10 Mac Browsers Compared, Simon Royal, Mac Spectrum, 08.28. A look at Internet Explorer, Radon, Opera, Safari, Shiira, iCab, Firefox, Netscape Navigator, Flock, and Camino running in Leopard.
- Clone and Boot: Another Advantage of the Mac OS, Kev Kitchens, Kitchens Sync, 08.28. Unlike Windows, Apple makes it possible to clone a bootable drive (Classic Mac OS or OS X) and use it with another supported Mac.
- Best MacBook Deals, Low End Mac Deals, 08.28. Used 1.83 GHz, $799; 2.0 black, $875; refurb 2.1 GHz, $899; 2.4, $1,099; black, $1,299; new 2.1, $1,019 after rebate; 22, $1,094; 2.4, $1,219 a/r; black, $1,394 a/r.
- Best iMac G5 Deals, Low End Mac Deals, 08.28. Used 17" 1.6 GHz Combo, $499; 1.8 SuperDrive, $530; 2.0, $600; 1.9 iSight, $625; 20" 1.8 GHz, $580; 2.0, $650; 2.1 iSight, $700.
- Best classic Mac OS Deals, Low End Mac Deals, 08.28. System 6, $10; 7.1, $12; 7.5.1, $4; Mac OS 7.6, $13; 8.0, $13; 8.1, $48; 8.5, $25; 8.6, $20; 9.0, $20; 9.2.2, $20; more.
- CrossOver Strikes Out, Frank Fox, Stop the Noiz, 08.27. Running Windows apps on a Mac without paying for Windows is great in theory, but actually getting Windows software working is another story.
- MacDrought: 4 Months with No New Macs, Dan Knight, Mac Musings, 08.27. The most recent Mac update was over four months ago, and the Mac mini has been unchanged for over a year.
- Resurrecting a Dead Pismo, Spotlight Search Tip, and EasyFind a Good File Finder, Charles W. Moore, Miscellaneous Ramblings, 08.27. Lots of tips on bringing a comatose Pismo back to life, a Spotlight file name search tip, and EasyFind as an alternative to Spotlight.
- Best Intel iMac Deals, Low End Mac Deals, 08.27. Used 17" 1.83 GHz, $625; 20", $599; 2.16, $749; 24", $950; refurb 20" 2.4, $999; 2.66, $1,299; 24" 2.4, $1,299; 2.8, $1,549; new 3.06, $2,094 after rebate; more.
- Best 15" PowerBook G4 Deals, Low End Mac Deals, 08.27. Used 1.25 GHz Combo, $600; SuperDrive, $650; 1.33 Combo, $640; 1.5, $680; SD, $725; 1.67, $730; hi-res, $800.
- Best Time Capsule and AirPort Deals, Low End Mac Deals, 08.27. 500 GB Time Capsule, $294; 1 TB, $468; AirPort Extreme Card, $39; 802.11n Base Station, $166; 802.11g AirPort Express, $60; 802.11n, $98.
- More links in our archive.
About LEM | Support | Usage | Privacy | Contacts
Have a question?
Ask an expert!
Navigation
Used Mac Dealers
Apple History
Best Used Macs
Video Cards
Email Lists
InfoMac's Low
End Mac Forum
Favorite Sites
MacSurfer
MacMinute
MacInTouch
MyAppleMenu
InfoMac
Macs Only!
The Mac Observer
Accelerate Your Mac
RetroMacCast
PB Central
MacWindows
The Vintage Mac
Museum
DealMac
DealsOnTheWeb
Mac2Sell
ramseeker
Mac Driver Museum
JAG's House
System
6 Heaven
System 7 Today
the pickle's Low-End
Mac FAQ
Abandonware
Petition
Mac vs. PC Info
Affiliates
The Apple
Store
Mac
Connection
MacMall
TechRestore
MacResQ
ExperCom
Crucial
Memory
batteries.com
Advertise
