Sunday, October 09, 2005

Make Your Mac Invisible

Last week's topic on 'private browsing' using Safari was a piece of cake. This week we will talk about something more advanced, something called 'stealth mode'. Again, this is an Tiger-only feature.

Like all things Apple, this advanced option is just as easy to set up.
1. Open 'System Preference'.2.Choose 'Sharing'.3. In 'Sharing', click the 'Firewall' tab, then look for the 'Advanced...' button at bottom-right corner.4. Clicking on the 'Advanced...' button will pull down a page with more options. Check the box for 'Enable Stealth Mode', and you are done!

Stealth? As in Invisible?

That's right. With your Mac running in 'stealth mode', it will turn down any 'ping' or 'port scan' request from outside, so bad guys (and everybody else) just do not know you exist at all! Nifty, huh?

It's geeky, but what is 'ping' and 'port scan' anyway? Well, they are very legitimate network tools that every computer science student should know. Together, they can be used to find out whether your Mac is on a particular network, and whether you leave any doors wide-opened for bytes to sneak in. System crackers (casually known as 'hackers') usually start their attacks by pinging and port-scanning your computer. Once they plant some secretive codes inside your computer and make them run, your machine will become their faithful servant, not yours. I've seen it in action before.

For an outsider to run foreign codes on your Mac is tough, much tougher than on Windows. But if the code is bad-intentioned enough, or if you are careless enough, it could still happen. By setting up the 'stealth mode', you can avoid most casual attacks by being 'invisible'.

Fortify your network

This is beside the point, but have you also secured the wireless router in your home or small office network? Even if your Mac is in stealth mode on the network, you computer is still listed in the router's client table. So if your router is taken over, bad guys can still find you. So please, folks, crank up your router's security! (stop broadcasting SSID, setup MAC address filtering, firewall ... usual procedures, ya'know)

Yet another Mac tip is on the web!