Although Apple users don’t like to admit it, Macs are susceptible to malicious attacks. Windows users have known for a long time how important it is to enable and manage the Windows Firewall. There’s also a software Firewall built into OS X. Here’s how to enable it.
The OS X Firewall monitors both incoming and outgoing connections to the Internet. Here I’m enabling the Firewall in Mac OS X 10.7.3 Lion. But the process is essentially the same in previous versions of OS X too.
First click the Apple icon on the Menu bar and select System Preferences.
Alternately, you can launch System Preferences from the Dock.
The System Preferences screen opens. In the Personal row click Security & Privacy.
Click the Firewall tab, then click the Start button to turn it on.
If you haven’t had the Firewall in OS X enabled before, you’ll receive a lot of messages similar to the one below. Select whether to allow or deny its connection to the Internet. In this case it’s Dropbox so I know I can allow it.
If you’re ever in doubt about an application or process that’s trying to connect to or from the Internet, click Deny. Then research the app to find out if it’s safe or not. A lot of times malicious software tries to phone home. Meaning the bad guys are receiving your data and can use your machine as a zombie computer to infect other machines.
While you’ll receive a lot of these types of messages at the beginning, the Firewall remembers your choices and you won’t have to approve an application each time it runs.
Click on the Advanced button to see what’s currently running and being allowed connections through the firewall. If you’re paranoid you’re able lock it down and block all incoming connections. Or automatically allow signed software to receive incoming connections. Provided the software has a valid certificate authority, services can be accessed from the Internet. If you enable Stealth Mode, your Mac won’t respond to packet requests at all. Not even a Ping request.
The default settings will be fine for the average user. The main reasons to enable the Firewall is if you aren’t behind a router on a home network. Or if you join an office or public network with several computers. You don’t know what’s on other peoples machines, so it’s good to have the extra layer of protection the Firewall provides. If you sign into a public WiFi hotspot, I highly recommend you turn it on as part of your security strategy.
As iOS becomes more popular, Macs are too. Generally, Macs aren’t prone to the types of attacks we’ve seen on Windows, but you can never be to safe. Having the Firewall enabled, especially on a public network will bring you peace of mind.