Sunday, October 09, 2005

Make Your Mac Invisible

Last week's topic on 'private browsing' using Safari was a piece of cake. This week we will talk about something more advanced, something called 'stealth mode'. Again, this is an Tiger-only feature.

Like all things Apple, this advanced option is just as easy to set up.
1. Open 'System Preference'.2.Choose 'Sharing'.3. In 'Sharing', click the 'Firewall' tab, then look for the 'Advanced...' button at bottom-right corner.4. Clicking on the 'Advanced...' button will pull down a page with more options. Check the box for 'Enable Stealth Mode', and you are done!

Stealth? As in Invisible?

That's right. With your Mac running in 'stealth mode', it will turn down any 'ping' or 'port scan' request from outside, so bad guys (and everybody else) just do not know you exist at all! Nifty, huh?

It's geeky, but what is 'ping' and 'port scan' anyway? Well, they are very legitimate network tools that every computer science student should know. Together, they can be used to find out whether your Mac is on a particular network, and whether you leave any doors wide-opened for bytes to sneak in. System crackers (casually known as 'hackers') usually start their attacks by pinging and port-scanning your computer. Once they plant some secretive codes inside your computer and make them run, your machine will become their faithful servant, not yours. I've seen it in action before.

For an outsider to run foreign codes on your Mac is tough, much tougher than on Windows. But if the code is bad-intentioned enough, or if you are careless enough, it could still happen. By setting up the 'stealth mode', you can avoid most casual attacks by being 'invisible'.

Fortify your network

This is beside the point, but have you also secured the wireless router in your home or small office network? Even if your Mac is in stealth mode on the network, you computer is still listed in the router's client table. So if your router is taken over, bad guys can still find you. So please, folks, crank up your router's security! (stop broadcasting SSID, setup MAC address filtering, firewall ... usual procedures, ya'know)

Yet another Mac tip is on the web!

12 comments:

john said...

I have been warned off using file sharing programes like Limewire or Bittorrent because hackers can access your computer. Will Stealth Mode protect me from this and allow me to download files from such sites safely?

Anonymous said...

yes i am wondering about the previous question also??

Anonymous said...

It won't give you any greater protection when using peer to peer applications, in fact it might actually keep them from working properly. When you use a peer to peer program, your IP address is out there for everyone to see.

Anonymous said...

From what I've read, MAC filtering is a waste of time. Anyone sniffing a wireless network will see your MAC address and can clone it.

Anonymous said...

how would this affect legitimate sharing and the use of 'bonjour'?

if i want to be found by someone (on a WAN, or a LAN), will they still be able to find me and share files?

MacNify said...

To put it simply, "stealth mode" puts your computer to mum when someone knocks on your door. Instead of shouting to the unwelcomed packages "go away", your Mac just keep silent and play dead.

On the other hand, when you yourself establish connection with another party, be it a peer-to-peer network, or a website, or whatever, you've got to give that other party your IP address, period.

Anonymous said...

After activating the "stealth" mode, the translation widget doesn't work.
It's a safe measure the "stealth" mode, but it to much safe to me :-P

Anonymous said...

helo um about the router security i tried 3 times to put a password on it and the router woukdnt work after that

can some1 help?

generic cialis said...

I, of course, a newcomer to this blog, but the author does not agree

MacNify said...

MAC address filtering won't stop the most enterprising crackers trying to break into your system.

However, it does stop your neighbors from "wandering" into your network and do things with consequences you are not prepared to deal with, like FBI cracking into your home for some dubious internet behavior originating from you home network. It also stop the spread of malware from other computers you are not in control of.

MacNify said...

I can't say for sure whether file sharing programs won't work.

However, assuming that they do, stealth mode does not protect you once you explicitly allow some program to connect with the outside world.

Anonymous said...

File sharing will work with stealth mode enabled. But your computer is still susceptible to attack due to the nature of p2p.

You can further use programs such as OpenDNS to protect against phishing.