OS X’s built-in firewall is good enough to protect most Mac users from hacker attacks. But it doesn’t have many bells and whistles and isn’t very easy to customize. So to find out whether you can get better protection from third-party firewall applications, Macworld teamed up with
AV-Test to test Intego’s NetBarrier X3 10.3, Pliris’s FireWalk X2, Symantec’s Norton Personal Firewall 3.0 (NPF), Sustainable Softworks’ IPNetSentry X, and OS X’s built-in firewall (see “Firewall Software Compared” for details).
None of these third-party programs was a huge improvement over OS X’s built-in firewall option. But NetBarrier, while pricey, provided the greatest protection, as well as an easy-to-configure interface.
With the exception of NPF and FireWalk X2, each program stealthed all ports, effectively hiding the Mac from attackers. NPF closed but did not stealth ports 0 and 1; that didn’t change even when the application was set to maximum security. While those two ports couldn’t be hacked into, they did allow the computer to be seen. By default, FireWalk X2 leaves both port 427 and port 548 open—these are ports used by AppleShare—but we were able to manually disable them.
Of the five applications, only NetBarrier alerted us to possible external attacks. But the program was sometimes a bit overzealous. For example, it opened a dialog box and issued a loud buzz every time a Telnet server on the network tried to determine whether a session we’d opened was still alive. Fortunately, it was easy to add the server to a white list, or list of acceptable servers, and stop the alerts.
During port scans, all the firewalls told the scanner which operating system was being used—a potential clue as to how to attack the computer. None of the applications alerted us when the computer joined a new network, changed dial-up accounts, or switched to an insecure wireless connection.
Only NetBarrier was able to detect software that was illegally attempting to connect to the Internet, which many malware programs do. NetBarrier also detected when a program’s name had been changed in order to gain access to legitimately open ports. NPF was able to detect applications attempting to open closed ports.
With the exception of NPF and IPNetSentry X, all the applications evaded attempts to deactivate them while they were active. All but IPNetSentry X couldn’t be deleted from the hard drive.
Ease of Use
It’s easy enough to turn on OS X’s built-in firewall: all you have to do is click on a button. However, you can’t access some features except through Terminal or by using a third-party program such as
Brian Hill’s BrickHouse.
NPF and NetBarrier are by far the easiest programs to configure. Each runs you through a simple setup process, and lets you easily adjust settings. FireWalk X2 also had an easy setup process, but changing and maintaining firewall settings after the fact is much less straightforward and may be intimidating for users with little or no knowledge of firewalls. As for IPNetSentry X, its drag-and-drop installation is easy enough, but only a dedicated gearhead could love its difficult user interface.
Macworld’s Buying Advice
If you’re looking to save a dime and are willing to forgo extras and configuration ease, OS X’s built-in firewall can handle most of your firewall needs. Although considerably more expensive, at $60, Intego’s NetBarrier X3 offers a more user-friendly interface, significantly more intelligent intrusion detection, and better overall protection than any of the other firewall applications currently being offered.
NetBarrier X3 provides the best protection and has numerous features that ease the firewall setup process.