A Security Primer for Mac OS X
Subject:   Symantec firewall scan
Date:   2004-02-27 14:39:30
From:   won
Disclaimer. While I'd class myself as an advanced-to-power Mac user, I freely admit that the inner workings of firewalls are mysteries to me. I can set them up, given the correct tools and advice...

Or can I?

All of my attempts to glean a useful response from Symantec's so-called firewall scanner produced what seems to be the exact same result, regardless of personal software firewall configuration.

Firstly, it won't run in Mozilla. Minus ten points. :-)

After having spent quite some time earlier hardening my Firewalk and built-in Apple firewalls using the GRC site (, I was shocked and dismayed (the woe! the agony! gnash, rend etc.) to see that my FTP ports (20-21) were wide open, my "RPC backdoor" port (514) was open, port 80 was open and my computer was responding to pings like an unpatched Windows machine at a h4x0r symposium.

I then tried explicitly blocking those exact ports and firming up the ping response in Firewalk. To no avail. Apparently the same results. GRC, meanwhile was still reporting that my Mac was 100% stealthed.

As they say in modern parlance, WTF?

I tried the Symantec thing days later in Safari after having deleted the cache and, get this, AFTER HAVING DISABLED BOTH FIREWALLS.

Same result.

I then fired up Explorer. Same result.

Doubtless, you can understand why I no longer trust Symantec's analysis. Were I a little richer and perhaps more paranoid, I'd have ordered one of the two products so prominently displayed on the results page, Norton Personal Firewall or Norton Internet Security.

Is it that I NEED a hardware firewall? Is there some hidden magic that Symantec products work that will protect me from things other than their scanning page?

Suspiciously, (though probably ignorantly) yours,

1 to 1 of 1
  1. FJ de Kermadec photo Symantec firewall scan
    2004-02-28 02:01:28  FJ de Kermadec | O'Reilly Blogger [View]

1 to 1 of 1