• Create BookmarkCreate Bookmark
  • Create Note or TagCreate Note or Tag
  • PrintPrint
Share this Page URL
Help

Chapter 7. Configuring Network Connectivity > Using the Built-in Tiger Firewall

Using the Built-in Tiger Firewall

A firewall is something interposed between the stuff that's important and the stuff that's dangerous. In a vehicle, this is the bit of the car that separates the passenger compartment from the engine, protecting the riders from dangers that might occur under the hood. In the world of computers, the firewall sits between the outside network and network services on your computer to protect the computer from network-based attacks. Not that long ago, firewalls were seldom seen, annoying things that got in your way, hindered your work, and generally annoyed everyone, including the seemingly dictatorial network administrators who imposed them on their users. Now, everyone wants one.

The most effective firewalls are completely separate devices, physically separating the protected network from the exterior network and its dangers. Much less expensive, and somewhat less effective, is firewall software that lives on the same machine it's protecting. Although a hardware firewall can interrupt network traffic upstream of the protected computer and prevent the traffic from ever reaching the protected machines, a software firewall must transparently intercept traffic as it reaches the machine, determine whether to accept it, and then hand it to the service for which it was destined. This method doesn't prevent the traffic from reaching the machine, but rather tries to prevent the traffic from reaching the services it was headed for. It's not always a successful way of trying to do things, as demonstrated by the fact that there have been a number of commercial software firewalls for a certain other operating system that provide less than complete protection. The firewall software running under Mac OS X's Firewall pane (ipfirewall, sometimes called ipfw) is well respected, however. Although not conceptually as secure as a separate firewall device, it's quite powerful and provides a good level of protection.


PREVIEW

                                                                          

Not a subscriber?

Start A Free Trial


  
  • Creative Edge
  • Create BookmarkCreate Bookmark
  • Create Note or TagCreate Note or Tag
  • PrintPrint