Focus on Apple
Apple releases Mac OS X v10.5.1 with Application Firewall security updates Nov 15 2007 07:11PM
Todd Woodward (todd_woodward symantec com) (1 replies)
Application Firewall security updates Nov 15 2007 08:08PM
Radoslav Dejanoviæ (radoslav dejanovic opsus hr) (4 replies)
Re: Application Firewall security updates Nov 21 2007 03:00PM
Dave Piscitello (dave corecom com) (2 replies)
Re: Application Firewall security updates Nov 21 2007 09:27PM
Ansgar -59cobalt- Wiechers (bugtraq planetcobalt net) (3 replies)
Re: Application Firewall security updates Nov 22 2007 06:35PM
Derek Chesterfield (dez mac com)
Re: Application Firewall security updates Nov 22 2007 04:28PM
Bruce Carter (bcarter nd edu)
RE: Application Firewall security updates Nov 21 2007 10:43PM
Todd Woodward (todd_woodward symantec com)
Re: Application Firewall security updates Nov 21 2007 09:02PM
Chris Adams (chris improbable org)
Re: Application Firewall security updates Nov 16 2007 03:58AM
Mike Savory (mike_lists nzbox com)
RE: Application Firewall security updates Nov 15 2007 09:55PM
Todd Woodward (todd_woodward symantec com)
Re: Application Firewall security updates Nov 15 2007 09:51PM
Dave Schroeder (das doit wisc edu) (3 replies)
Re: Application Firewall security updates Nov 15 2007 11:36PM
Mark Senior (senatorfrog gmail com) (3 replies)
Re: Application Firewall security updates Nov 17 2007 02:54PM
Chris Pepper (pepper reppep com) (1 replies)
Re: Application Firewall security updates Nov 19 2007 12:59PM
Sandor Szücs (sszuecs zedat fu-berlin de)
Re: Application Firewall security updates Nov 16 2007 11:03AM
Radoslav Dejanoviæ (radoslav dejanovic opsus hr) (2 replies)
Re: Application Firewall security updates Nov 16 2007 05:30PM
Mark Senior (senatorfrog gmail com)
Re: Application Firewall security updates Nov 16 2007 04:34PM
Derek Chesterfield (dez mac com) (1 replies)
Re: Application Firewall security updates Nov 17 2007 12:30AM
Mark Senior (senatorfrog gmail com)
Re: Application Firewall security updates Nov 16 2007 04:47AM
Derek Chesterfield (dez mac com) (2 replies)
On 15 Nov 2007, at 23:36, Mark Senior wrote:
> Incidentally, can anyone with access to a 10.5 system tell me, is
> there a CLI interface to the new application firewall? Is there a
> useful man page?

No man pages that I could find. 'sudo /usr/libexec/ApplicationFirewall/
socketfilterfw -i' provides some reasonable output [sent to
system.log] - it appears to show which currently running apps are
being allowed, but some of the output is unintelligible. [At least it
does when I have set the firewall to 'allow specific' - not tried
'allow all' or 'allow essential'].

The -h option to that command prints some other options. -d provides
some different info, but is more unintelligible! It appears to list
what is configured, rather than what the current allowed set is.

I haven't figured out how to change the 'ask' option. The difference
between 'accept' and 'listen' is that if you are set to 'allow
specific', then you run an application that isn't already in the list,
it can prompt you either when the listener is bound to the port
[listen mode - which is Leopard's default] or it can allow the
listener anyway, and defer the prompt until a remote connection is
actually attempted [accept mode]. I prefer the idea of the deferred
prompt, since it prevents benign listeners incurring the prompt.

[ reply ]
Re: Application Firewall security updates Nov 16 2007 04:08PM
Scott Russell (ScottRussell nd edu)
Fwd: Application Firewall security updates Nov 16 2007 04:55AM
Derek Chesterfield (dez mac com)
Re: Application Firewall security updates Nov 15 2007 10:08PM
Radoslav Dejanoviæ (radoslav dejanovic opsus hr)
Re: Application Firewall security updates Nov 15 2007 10:05PM
Dave Schroeder (das doit wisc edu)


 

Privacy Statement
Copyright 2010, SecurityFocus