Taking your Mac with you to the local coffee shop, or just around the town for day-to-day needs can be an excellent way to stay connected on the go. Unfortunately, not every network is locked down and secured. In many cases, you are unknowingly trusting a completely unsecured network to keep your system safe from intrusion. For this reason, Apple has included a built-in firewall with OS X. Unfortunately, this software firewall is off by default, but you can activate it following a few simple steps.
First, keep in mind that software firewalls don’t offer 100% protection from outside intrusion, but they can do a very good job of providing that extra level of protection when you’re on a network you don’t personally know or trust. If you’re using public Wi-Fi, for example, you never know what kind of scripts other users of the network are running. Contrary to popular belief, OS X isn’t more or less secure than any other operating system, so it is never a good idea to take for granted that you’re safe just because you’re using a Mac. You aren’t.
Activating the built-in firewall in OS X Lion is a fairly simple process. You can do this by following these steps:
- Launch System Preferences
- Select Security and Privacy
- Select the Firewall tab along the upper portion of the preference pane’s content area.
- Unlock the little lock icon in the lower-left corner by clicking it and entering your login information.
- Click the Start button to activate the firewall.
- Click Advanced…
- Configure the firewall with the level of protection you’d prefer.
At this point, whether or not the firewall works for you can be a matter of trial and error. Locking things down too tightly by enabling Stealth Mode can cause certain (poorly scripted or server) applications to stop receiving information while adding a considerable amount of protection to your system. Blocking all incoming connections is also a great way to protect your system against intrusion, but can cause some applications problems sending and receiving data, as well. In reality, the standard firewall settings should work fairly well for almost anyone, allowing signed software updates to bypass while blocking most malicious transmissions. This firewall does not override the one present on your router, but it does offer a second level of protection, should the router (or public network) be compromised.