Jump to content
Not connected, Your IP: 3.138.69.39

Recommended Posts

Hello All,

I have been using Little Snitch for about 6 month now on Mavericks. I like it!

I have a question, is there anything better? If so please tell us about it and why you think its better.

Many thanks in advance,

       Solex1

Share this post


Link to post

Hi,

 

Personally I think Little Snitch is the best you can get for OS X, a least in the 'nice GUI and easy to use' category. HandsOff is quite decent also, though I do prefer LS overall. On the more advanced side you have IceFloor and PFLists by Haynet, which take a good deal more networking understanding.

 

'Better' is a subjective term. In my eyes the most basic of firewalls (eg Little Snitch) is 'better' than the most advanced firewall on the planet, provided you actually understand how to use it properly! There is no point having a super-duper military grade firewall or somesuch, if you don't even understand how to properly set it up with safe rules. Better to stick to something that's plain and simple and easy to use, and at least know you have a secured network without any missing rules.

Share this post


Link to post

Hello rainmakerraw,

Thank you for your input. Are you a Mac User? Have you used IceFloor before, and do you know how to configure it? Also can Little Snitch be used with IceFloor running at the same time. 

Kind Regards,

   Solex1

Share this post


Link to post

Hello rainmakerraw,

Thank you for your input. Are you a Mac User? Have you used IceFloor before, and do you know how to configure it? Also can Little Snitch be used with IceFloor running at the same time. 

Kind Regards,

   Solex1

 

Hi,

 

I run mostly Linux machines at home, much easier for the family to understand (ironic, much?) and no worries about malware. I do have a mid-2012 MacBook Pro running Mavericks 10.9.3 however, and yes I've tried IceFloor and pfList (the latter is easier to use). I use Little Snitch these days, though I also used to run HandsOff. As I said, my preference is for LS. The Haynet apps are free but much more complicated and don't have the nice networking GUIs that LS and HandsOff have. They are more group policy based directly manipulate the underlying BSD firewall (PF) in OSX. I would say they are better for enterprise environments imho.

 

I'd recommend you stick with LS.

Share this post


Link to post

hello rainmakerraw,

Thank's for your speedy reply.

Was your Linux machine susceptible to the resent ssl vulnerability? Also do you use Truecrypt or Bitlocker? Do you like one over the other?

Lastly if I'm not asking to many question, What the best way to secure my MacBook Pro I'm current using LS and tunnelblick with Airvpn.

If you have any recommendation for me I would love to here them. Many Thank's

Kind Regards,

     Solex1

Share this post


Link to post

hello rainmakerraw,

Thank's for your speedy reply.

Was you Linux machine susceptible to the resent ssl vulnerability? Also do you use Truecrypt or Bitlocker? Do you like one over the other?

Lastly if I'm not asking to many question, What the best way to secure my MacBook Pro I'm current using LS and tunnelblick with Airvpn.

If you have any recommendation for me I would love to here them. Many Thank's

Kind Regards,

     Solex1

 

Hi again,

 

I'm no expert but here is my experience:

 

All fairly modern versions of openssl / libopenssl contained the heartbleed bug, whether that was on Linux, BSD, OS X  or Windows. Some old versions were still around and weren't recent enough to have the bug, but many if not most systems did. They were patched quickly and newer versions were releaed within a day or two which mitigated the vulnerability. Home systems weren't particularly troublesome compared to servers which execute the code. You couldn't exploit a patched server with unpatched clients, so basically it was the servers being patched that counted. 

 

I do not run truecrypt or bitlocker (a Microsoft Windows technology) as I only run Linux, BSD and OS X at home. I tend to encrypt my devices with LUKS (built in encryption in Linux).

 

Best advice on your Mac is pretty much the same as any other system. Run a limited user account day-to-day (not an Admin account), keep your software and system fully patched (which can be hard as Apple are slow at releasing security updates unfortunately), and run a two way firewall (as you already are). You may also consider an anti-malware product such as Avast, ClamAV, Comodo or Webroot etc though in reality you're extremely, extremely unlikely to have any issues on OS X, especially if you don't have Java enabled in your browser(s).

Share this post


Link to post

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Loading...
  • Security Check
    Play CAPTCHA Audio
    Refresh Image

×
×
  • Create New...