The rise in permanent Internet connections via cable modems and DSL has raised fears of crackers breaking into individual computers and wreaking havoc. For Windows users, those fears are real, since most of the automated attacks look specifically for security holes in Windows network services. Macs are significantly less vulnerable to such problems, especially if Personal Web Sharing and Personal File Sharing via TCP/IP are turned off or properly secured, but a number of companies are now producing personal firewall products for Mac users who want additional peace of mind or who want to know precisely what’s happening. Intego’s NetBarrier and Open Door Networks’ DoorStop (now the foundation of Norton Personal Firewall) were first on the scene, and they’ve just been joined by IPNetSentry from Sustainable Softworks, the network wizards who brought us IPNetRouter.
IPNetSentry — The $35 IPNetSentry tries to differentiate itself from the others by using a "trigger" approach rather than a "firewall" approach. In short, rather than building a wall and punching holes in it for specific services by default, as with traditional firewalls, IPNetSentry watches for typical sorts of suspicious activity, and when it notices such activities, blocks the attack. Sustainable Softworks explains this approach by noting that firewalls make sense for installations with multiple users, where an administrator is better able than individual users to decide what the firewall should allow or block. But where there’s a single machine, that approach is overkill and may cause more work than is necessary. Peter Sichel of Sustainable Softworks also passed on an interesting side effect of running IPNetSentry or IPNetRouter. Since those programs look at every packet coming in, they can (and do) throw away malformed packets, and it turns out that approach actually eliminates a few seemingly random crashes when something on the Mac fails to deal with a malformed packet correctly.
Who’s There — Also new at the show was the $40 Who’s There from Open Door Networks. Building on the expertise gained in writing the DoorStop product that’s now at the heart of Norton Personal Firewall, Open Door created an application that works in conjunction with DoorStop or Norton Personal Firewall to watch your Internet connection, log all access attempts, and help you understand what’s actually going on. My main worry is that Who’s There and similar utilities may cause some people to obsess unreasonably about possible problems, much as fictional characters who suddenly find themselves with the ability to read the thoughts of others struggle to deal with the previously unknowable information. Put another way, would you really want to know every time someone had an idle thought about your car?
NetBarrier 2.0 — Even though its huge inflatable castle booth at Macworld Expo didn’t sprout a moat, Intego has updated the $60 NetBarrier to version 2.0, adding the capability to control cookies, block banner ads, and filter spam on your POP server. NetBarrier 2.0 can also filter outgoing information to avoid sending identifying information about your computer and browser, plus filter personal information sent via forms. Intego is clearly trying to address a wide variety of security issues with NetBarrier, and although I haven’t had a chance to evaluate the new version, I worry a little about letting a program filter mail before I even download it, since no spam filter is 100 percent accurate.