What firewall should I get?
December 31, 2003 8:14 PM   Subscribe

I have broadband now, and I guess I should get a firewall. Any recommendations? I'm running OS X on an iBook G3 700MHz, and I'm toying with the idea of getting a Netgear Router/Switch. [more inside]

I’m probably going to pull the trigger on the Netgear hardware soon, but I want software on my laptop as well. Does this make sense, to have a firmware firewall as well as additional software? Should I have something installed right now, as I’m browsing the web? Any input is appreciated.
posted by rocketman to Computers & Internet (8 answers total)
 
I don't know a durned thing about Apple's port filtering options, but considering the general BSDishness of the OS, you probably don't need to buy any software for it, unless Apple has utterly hobbled the kernel.

Meanwhile, yes, you very much should have something acting as a filtering bastion host, and one of those cheap NAT "routers" will probably serve you quite well. I have a fully-functional dual homed host acting as my router/NAT/firewall, and I'm considering trading it out for consumer hardware of the kind you're talking about since I'm no longer doing VPN and the like.
posted by majick at 8:23 PM on December 31, 2003


Okay. I can't really talk that kind of talk, but based on a quick search, it appears that OS X has a built-in firewall. Neat. But when I look at it, I get a dialog box that tells me other firewall software is running and I need to disable it before making changes. ???

I didn't think I'd installed anything, but it could be talking about Mozilla, which does some basic filtering.
posted by rocketman at 8:29 PM on December 31, 2003


I just installed BrickHouse, which supposedly custom configures the OS X firewall. It should suffice along with the hardware I plan to get.

Thanks for the feedback, majick.
posted by rocketman at 8:43 PM on December 31, 2003


Another good one for running on the system which is, like Brickhouse, better than the built-in firewall, is Firewalk. Unless you're running other computers on your home network, there's really no point in getting a hardware router.
posted by Mo Nickels at 10:35 PM on December 31, 2003


Going WiFi at this point would be as good a time as any, given the rather small price difference these days, and you get all the same port blocking as any wired consumer router.
posted by Space Coyote at 10:51 PM on December 31, 2003


I'm still a big fan of the (discontinued) NetGear RT314.

BTW, if you're behind a NAT box, you don't *need* OSX's built-in firewall, unless you're opening up ports tunneled from the outside.
posted by mrbill at 11:01 PM on December 31, 2003


I meant, you don't need a hardware firewall.
posted by Mo Nickels at 9:06 AM on January 1, 2004


"... you don't need a hardware firewall."

While a single layer of security -- packet filtering on the host -- is better than no security at all, multiple layers of filtering on heterogenous hardware is better than leaving the whole host out on the external network. So while it might be true in a certain technical sense that you won't need a firewall in addition to filtering on the host (nor do you necessarily "need" filtering and security at all), you want a firewall.
posted by majick at 11:20 AM on January 1, 2004


« Older Can anyone recommend some good French-language...   |   Children's Metric Cookbook Newer »
This thread is closed to new comments.