Home » FORUMS » Computers, Networking & other technologies » All that is Apple

mac firewall...security...


  • Post reply
10 replies [Last post]
Mon, 10/05/2009 - 8:21pm
SleuthWannaBe
SleuthWannaBe's picture
I am Master of my own domain from Somewhere in the Western Hemisphere. :)

User offline. Last seen 3 days 21 hours ago. Offline
I'm Trusted Premium Member!Awesome Member!Certifed Mac UserSomeone ELSE paid $1 to put this badge on me!
Member for 2 years 32 weeks
GuG-Points: 600

So, my macbook pro is connected to my university's network through ethernet. The other day, as I was shutting down my computer, I got a popup message saying that if I were to shut down the computer at that time, a network user accessing my files would lose access to my files. That scared me, as I thought I had secured my computer with password protection (to log in, wake up from sleep, install apps and make changes to the computer) and the necessary firewall settings. When I checked my firewall settings, I saw that I had left the "personal file sharing" option on from the firewall, so I turned that off. I couldn't figure out if there were any other holes to the firewall.

Question is, is there anything else I can do to protect my computer from unauthorized use? Is there a way to see who accessed my files that day?

I emailed the network admin about all of this, but never got a reply--the guy lacks professionalism overall, so no surprise there. So, I'm hoping you guys can help.

Top
  • reply
  • 177 reads
  • Quote




Comment viewing options

Select your preferred way to display the comments and click "Save settings" to activate your changes.
Sun, 11/01/2009 - 7:31am
#1
SleuthWannaBe
SleuthWannaBe's picture
I am Master of my own domain from Somewhere in the Western Hemisphere. :)

User offline. Last seen 3 days 21 hours ago. Offline
I'm Trusted Premium Member!Awesome Member!Certifed Mac UserSomeone ELSE paid $1 to put this badge on me!
Member for 2 years 32 weeks
GuG-Points: 600
Re: mac firewall...security...

Hubby (or anyone else):

Is there a list of vulnerable ports to look up? (Sorry if my question sounds amateurish and/or idiotic and paranoid). I'm looking at my firewall logs (instead of writing an essay! LOL) and see some weird attempts that were denied. Example, :60279 which, when I google it, seems to point to something about bit torent (which I don't use...seriously, i don't), and :8080 (which seems to have something to do with proxies...I haven't used a proxy in a long, long while), and :139 (which has something to do with samba?? what is samba??), and :445 (something about hackers scanning that port??). There are many other such attempts, most on which were made on Oct. 27 for some reason...

I know I sound uber paranoid now, but soon after that initial hacking of my computer, someone charged plane tickets from and to somewhere in saudi arabia for $1200 to one of my accounts. Don't know anyone in S.A., and never been there. LOL. Could be a coincidence that all of this happened at around the same time, but then again....

Top
  • reply
  • quote
Sun, 11/01/2009 - 9:01am
#2
hubby
ɥ n q q ʎ
hubby's picture
I am always online from morning to night.

Member for 3 years 43 weeks
Re: mac firewall...security...

It's good to be paranoid - TO A POINT..

It's normal for BitTorrent ports to be scanned, because other BitTorret clients are searching for each other. Port 8080 is a common proxy port for proxy servers (if your machine is operating as a proxy, not if you simply use a proxy)-again, normal for other systems to be searching for them. Port 139 and 445 are a file-sharing ports (common to be scanned because it's hackable in some versions of Windows). I think you might just be seeing internet "noise" - which is common. Millions of bots, script kiddies and even real hackers out there scanning the ocean of the internet looking for vulnerable systems. If you could see how many times a day the GuG server gets scanned, poked, and probed, you would sh-!-t yourself.

anyway - a good place to go to make sre you dont have anything wide-open is Shield Up at GRC.com. It will scan your system and tell you if you have any vulnerable ports open.


_________________________________

If this were a real comment signature, it would say something interesting

Top
  • reply
  • quote
Sun, 11/01/2009 - 8:21pm
#3
animestrinity
hamster on a piano
animestrinity's picture
I am a Ramen Noodle from On my own planet... keep off... no visitors.

User offline. Last seen 15 min 32 sec ago. Offline
I'm Trusted Premium Member!Certified Member HelperHall-MonitorV.I.P. Member !!Job Well Done!!Linux LUVerLooked at and admired by many!Someone ELSE paid $1 to put this badge on me!
Member for 3 years 4 weeks
GuG-Points: 3116
Re: mac firewall...security...

I am now a fan of Shield Up, because it gave me lots of compliments... and you know how much girls like compliments...

It told me something along the lines that for all intents and purposes, my computer does not exist on the interwebz... dunno what that means... but it made me feel like a ninja.


_________________________________

Top
  • reply
  • quote
Mon, 11/02/2009 - 11:17pm
#4
SleuthWannaBe
SleuthWannaBe's picture
I am Master of my own domain from Somewhere in the Western Hemisphere. :)

User offline. Last seen 3 days 21 hours ago. Offline
I'm Trusted Premium Member!Awesome Member!Certifed Mac UserSomeone ELSE paid $1 to put this badge on me!
Member for 2 years 32 weeks
GuG-Points: 600
Re: mac firewall...security...

So, the moral of the story is to visit it when feeling insecure? LOL. Smiling Love your signature picture, btw.

Top
  • reply
  • quote
Mon, 11/02/2009 - 11:28pm
#5
animestrinity
hamster on a piano
animestrinity's picture
I am a Ramen Noodle from On my own planet... keep off... no visitors.

User offline. Last seen 15 min 32 sec ago. Offline
I'm Trusted Premium Member!Certified Member HelperHall-MonitorV.I.P. Member !!Job Well Done!!Linux LUVerLooked at and admired by many!Someone ELSE paid $1 to put this badge on me!
Member for 3 years 4 weeks
GuG-Points: 3116
Re: mac firewall...security...

I wonder if there's a buy in option on the site where they'll send you flowers once a week if your computer is still all stealthy Smiling

Top
  • reply
  • quote
Sun, 11/01/2009 - 11:31am
#6
SleuthWannaBe
SleuthWannaBe's picture
I am Master of my own domain from Somewhere in the Western Hemisphere. :)

User offline. Last seen 3 days 21 hours ago. Offline
I'm Trusted Premium Member!Awesome Member!Certifed Mac UserSomeone ELSE paid $1 to put this badge on me!
Member for 2 years 32 weeks
GuG-Points: 600
Re: mac firewall...security...

Thanks Hubby! I'll check it out. And thanks for making me feel less paranoid. Smiling

Top
  • reply
  • quote
Mon, 10/05/2009 - 8:28pm
#7
hubby
ɥ n q q ʎ
hubby's picture
I am always online from morning to night.

Member for 3 years 43 weeks
Re: mac firewall...security...

Well.. even if you have Personal File Sharing ON, i think a username and password is still required to access any files other than your "shared" (empty by default) folder.. The only other thing i would check is to make sure the "block all incoming connections" options is enabled and "enable stealth mode" - both in the advanced firewall settings.

Top
  • reply
  • quote
Mon, 10/05/2009 - 8:39pm
#8
SleuthWannaBe
SleuthWannaBe's picture
I am Master of my own domain from Somewhere in the Western Hemisphere. :)

User offline. Last seen 3 days 21 hours ago. Offline
I'm Trusted Premium Member!Awesome Member!Certifed Mac UserSomeone ELSE paid $1 to put this badge on me!
Member for 2 years 32 weeks
GuG-Points: 600
Re: mac firewall...security...

Hubby, I don't see a "block all incoming connections" on my advanced firewall settings, but I do see a "block UDP traffic" option. Would that be the same thing?

ETA: I took a look at my firewall logs and saw a lot of "apples-computer ipfw: Stealth Mode connection attempt to TCP xxx.xxx.xxx.xxx:56681 from yyy.yyy.yy.yyy:80" type of logs from different IP addresses...And I mean lots of that type of logs. Is that something to be concerned about?

Top
  • reply
  • quote
Mon, 10/05/2009 - 8:49pm
#9
hubby
ɥ n q q ʎ
hubby's picture
I am always online from morning to night.

Member for 3 years 43 weeks
Re: mac firewall...security...

Those settings may only be there if you have SnowLeopard..

I cant find any info on port 56681 - which means it's probably not a vector for any known exploits. and since they are only attempts and were blocked, i would not be too concerned.. i mean, hey, it's not like you're running Windows.

Top
  • reply
  • quote
Mon, 10/05/2009 - 8:51pm
#10
SleuthWannaBe
SleuthWannaBe's picture
I am Master of my own domain from Somewhere in the Western Hemisphere. :)

User offline. Last seen 3 days 21 hours ago. Offline
I'm Trusted Premium Member!Awesome Member!Certifed Mac UserSomeone ELSE paid $1 to put this badge on me!
Member for 2 years 32 weeks
GuG-Points: 600
Re: mac firewall...security...

LOL. True (about the windows thing). I'm looking up the IPs just in case.... Thanks for the help!

Top
  • reply
  • quote
  • Post reply