Re: [Fed-Talk] Firewall
Re: [Fed-Talk] Firewall
- Subject: Re: [Fed-Talk] Firewall
- From: Boyd Fletcher <email@hidden>
- Date: Mon, 07 Apr 2008 22:52:40 -0400
- Thread-topic: [Fed-Talk] Firewall
Title: Re: [Fed-Talk] Firewall
we use the command line interface but its a pain the butt. Apple needs to reinstate the old approach via an advanced tab.
Apple’s approach has actually significantly degraded the system’s security because it so much more complex to do it for specific ports/protocols that people won’t bother and you should not have to add a 3rd party tool to configure a core operating system function especially one that worked fine in a previous release of the o/s.
boyd
On 4/7/08 10:46 PM, "Todd Heberlein" <email@hidden> wrote:
On Apr 7, 2008, at 7:38 PM, Boyd Fletcher wrote:
> unfortunately Apple chose to degrade the firewall capability in
> leopard from
> the much better one in Tiger. I wish they would put back the port and
> protocol setting capability instead of having to do it by hand
> which is not
> very user friendly :(
Everything is still there, it just isn't as easy to get to. I suspect
there already are free GUI-based applications to control the packet-
centric firewall system in Leopard.
Apple, for its GUI-controlled firewall, went to an application-
centric approach in which, as far as I can tell, the OS enforces
network activity at the system call level instead of the packet
level. They claim that it is easier for novices to use, but for
someone who has spent years and years configuring access based on
protocols, addresses, and ports, the Apple approach makes me
uncomfortable. It has taken me out of my comfort zone.
Todd
_______________________________________________
Do not post admin requests to the list. They will be ignored.
Fed-talk mailing list (email@hidden)
Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden