This chapter is from the book
What You’ve Learned
- Mac OS X and Mac OS X Server contain a built-in stateful packet firewall that keeps track of the state of network connections
traveling across it. The packet firewall is based on the open source ipfw project.
- Mac OS X Server runs a service called emond that monitors bad login attempts. Ten consecutive incorrect login attempts cause emond to use the Adaptive Firewall to inject a rule into ipfw, blocking the offending hosts access entirely for 15 minutes.
- The Mac OS X Server packet firewall uses rules to make decisions on which packets to allow or deny. You can modify these rules
using the Server Admin graphical user interface, or the ipfw command-line tool. ipfw logs its messages in /var/log/ipfw.log.
- Mac OS X contains the Application Firewall. Unlike a traditional stateful firewall, the Application Firewall grants or denies
access to specific applications.
- tcpdump is an excellent utility to use when you’re troubleshooting a service that is not connecting and a firewall is a suspected
- Mac OS X firewall provides powerful protection for desktop and mobile Mac systems.
- Administrators can remotely enable and disable the Mac OS X firewall utilizing standard deployment and management tools.