Help      |      Chebucto Home      |      News      |      Contact Us     

44. Make sure firewall can keep hackers out

By Mark Alberstat

Having a firewall on your PC or Mac these days should be as common as a word processor or modem.

Although Windows XP has a built-in firewall, and the latest service pack beefs it up, critics still suggest you run another one, such as ZoneAlarm. If you are running a Mac with OS X, however, you are in luck as that bundled-in firewall is top-notch.

Mac's firewall is called IPFW and is cribbed from Darwin, the FreeBSD version of Unix. This is a good thing as this firewall has been out in the wild for years and has been working well in helping keep many of the Internet's important nodes up and running.

What many Mac users don't know, however, is that, as shipped, the firewall is not enabled. The thought behind this is that not all Macs will be on the Internet. If you are cruising the Net with your Mac, enable this software through the system preferences pane.

Mac users who know about IPFW and use it often complain about its non-user-friendly interface, something that may be corrected in a future release. You can attempt to configure IPFW yourself, but oftentimes, a poorly configured firewall is worse than having no firewall at all, and OS X comes pretty secure out of the box to start with. If you don't want to wait for the next release of the OS, BrickHouse has an interface that is often recommended and is easy to install and use. Although this software is shareware, the author does ask for a $25 donation. Like all shareware, you are on the honour system. But if you consider that this software could save you hundreds of dollars in headaches, grief and repair time, the small donation may be well worth it.

With BrickHouse, you walk through a series of steps or choices to set up the firewall. Most recommend blocking all incoming and outgoing traffic except for HTTP (the service which allows in websites) and FTP for file transfer. Once established, these rules are saved and can be run each time you boot up your machine.

After you have your firewall configured the way you want, testing it - whether you are using a Mac or a PC - is as easy as pointing your browser to ShieldsUp, a free service found at

This site will scan your system for open ports and give you back a "passed" or "failed" grade.

Whether you are on a Mac or PC, no firewall is 100 per cent secure, and the more blocks you put up around your machine the more of a challenge some hackers believe it is to get in.

Keep your firewall up to date with new releases of the software and always have your virus scanner running and up to date as well.

The following are a few related links: for firewall testing.

The Mousepad runs every two weeks. It's a service of Chebucto Community Net, a community-owned Internet provider. If you have a question about computing, email If we use your question in a column, we'll send you a free mousepad.


The Mousepad Index


Originally published 10 October 2004


Our community is online here!


A feature of the Halifax Herald