Is an outbound firewall necessary?

owen

I didn’t realize until today that Macs don’t have an outbound firewall. Is this something to be concerned about for a personal use machine?

Topic: Security
Answer this Question

Answers

2 total
MrsMith
Vote Up (9)

I’d say, no, it isn’t really necessary. A solid inbound firewall is obviously important, but outbound firewalls have little demonstrated benefit that I’ve seen. I guess it could help prevent your machines from spewing out spam (which means you have other problems if you don't work at Spam R US), assuming the outgoing firewall could distinguish between the spam and legit traffic. Others may disagree. Here is an article on the topic that you might like:

http://www.davescomputertips.com/do-outbound-firewalls-really-offer-any-...

jimlynch
Vote Up (8)

Is an outbound firewall needed?
http://ask-leo.com/is_an_outbound_firewall_needed.html

"Firewalls protect you from the certain classes of bad things out on the internet.

Note that's "protect you from them". That implies that the primary function of a firewall is to prevent bad stuff "out there" from reaching or affecting your computer.

My preference is to use a hardware device such as a router with NAT (Network Address Translation) enabled. This does an incredibly effective job of hiding your computer from outside access. You can connect out, but outside computers cannot initiate a connection without your having explicitly configured your router to allow it.

Using a router also takes the burden of that work off of your computer. In fact, a single router can act as a single effective inbound firewall for all the computers that are connected behind it.

An "outbound" firewall looks for threats originating on your computer attempting to connect out to the internet. In a sense, it's "protecting them from you". While that may be very generous of you to protect everyone else from your computer, the real difference is that it will presumably block and more importantly tell you when something suspicious is happening so that you can take corrective action."

Ask a question

Join Now or Sign In to ask a question.
Attackers deploy Web-based reconnaissance tool to gather information about potential targets in different industries
Europol launched a cybercrime task force Monday to fight online crime in the EU and other countries.
A file-encrypting ransomware program called CryptoWall infected over 600,000 computer systems in the past six months and held 5 billion files hostage, earning its creators more than US$1 million, researchers found.
Former U.S. Secretary of State Hillary Clinton called for a "global compact" on surveillance and the use of collected data, saying the U.S. isn't the only country that does it and American technology companies are unfairly targeted for the government's actions.
Electric carmaker Tesla Motors wants security researchers to hack its vehicles. The Silicon Valley based high-tech carmaker will hire up to 30 full-time hackers whose job will be to find and close vulnerabilities in the sophisticated firmware that controls its cars.
Two recent vulnerabilities are examples of problems that could have been avoided if we had just applied the lessons already learned in similar contexts.
Windows XP users may now download a fourth service pack for the 13-year-old operating system, but it isn't coming from Microsoft.
The growing number of data breaches resulting in massive numbers of payment cards being stolen from retail stores and other businesses is occurring because they're failing to keep up with the Payment Card Industry's data security standard, according to the PCI Security Standards Council.
Email addresses and encrypted passwords of around 97,000 users who tested early builds of the Bugzilla bug tracking software were left exposed for three months following a server migration.
Join us:
Facebook

Twitter

Pinterest

Tumblr

LinkedIn

Google+

randomness