Security

Leopard's firewall flunks security tests

Jürgen Schmidt of security site Heise Security has issued a report, claiming that the Leopard firewall flunked every security test performed by the firm.

Jürgen Schmidt of security site Heise Security has issued a report, claiming that the Leopard firewall flunked every security test performed by the firm.

Excerpt from CNET News.com:

According to Jürgen Schmidt, editor in chief at Heise Security, if you enable the Apple firewall and set it to "Block all incoming connections," access from the Internet to certain internal system services will still be allowed. As an example, he said that his team was able to query the NetBIOS Naming Service over a Lan network even with full blocking enabled. The team was also unable to specifically enable UDP filtering within Leopard, which should block access to NetBIOS.

You can read the original report from Heise Security: Cracks in the Mac OS X Leopard firewall.

An additional criticism leveled by Schmidt also noted that Apple did not include the latest versions of open-source applications within Leopard, increasing the attack vector from vulnerabilities that have since been fixed.

Additional reading:

What do you think? Are the issues with Leopard cause for real concern or just Mac-bashing in progress?

————————————————————————————————————————

Stay on top of the latest tech news

Get this news story and many more by subscribing to our free IT News Digest newsletter, delivered each weekday. Automatically sign up today!

About Paul Mah

Paul Mah is a writer and blogger who lives in Singapore, where he has worked for a number of years in various capacities within the IT industry. Paul enjoys tinkering with tech gadgets, smartphones, and networking devices.

Editor's Picks

Free Newsletters, In your Inbox