Submit Hint Search The Forums LinksStatsPollsHeadlinesRSS
14,000 hints and counting!

Click here to return to the 'Non Unix- Non network person's question...' hint
The following comments are owned by whoever posted them. This site is not responsible for what they say.
Non Unix- Non network person's question...
Authored by: mistersquid on Oct 20, '05 05:21:20PM

Yes, Mac OS's built-in firewall does offer protection. However, a router at the Internet gateway offers an additional layer of protection, especially since most routers are incapable of offering most services (e.g. ftp).

If one does expose a computer as a DMZ host, the safest thing to do is to offer only those services that are absolutely necessary. Below, I see some people suggesting port-forwarding. This is a solution only when one is offering between one and ten services. If you are hosting, for example, AFP, BitTorrent, DNS, HTTP, HTTPS, POP, POP SSL, SSH, SMTP, VNC--you quickly run out of port-forwarding ranges and you don't necessarily want to turn your DMZ on and off.

Or, if your port-fowarding slots are mostly full and you want to log on to World of Warcraft for an hour or two and don't want to change your port-forwarding settings, a quick cmd-Tab to Terminal and a few keystrokes will set you up with the script detailed in this hint.

Routers do offer an additional layer of protection, but that protection comes at the price of convenience.

[ Reply to This | # ]