{"id":36,"date":"2008-02-06T11:59:02","date_gmt":"2008-02-06T11:59:02","guid":{"rendered":"http:\/\/installingcats.com\/?p=68"},"modified":"2008-02-06T11:59:02","modified_gmt":"2008-02-06T11:59:02","slug":"is-your-mac-safe-secure-private-and-protected-little-snitch-can-help","status":"publish","type":"post","link":"https:\/\/installingcats.com\/2008\/02\/06\/is-your-mac-safe-secure-private-and-protected-little-snitch-can-help\/","title":{"rendered":"Is your Mac Safe, Secure, Private and Protected? Little Snitch can help."},"content":{"rendered":"

\u00a0My solution to keep Mac OS X protected from trojans and other nasty Internet virus related problems is an easy to use, easy to understand firewall software: Little Snitch<\/a>.<\/p>\n

\"LittleHaving a virus attack your computer and render it useless is annoying. Having a trojan install itself on your computer and send out your sensitive personal information is catastrophic. What sensitive information could be that important you ask? How about Internet banking and online stock trading accounts, usernames and passwords? You don’t even need to have that information written down somewhere on your computer for it to be stolen. Keylogger programs can capture your login and passwords as you use them on your favorite sites and send them off to eagerly awaiting crackers in some far off foreign land. This actually happened to me back in 2004. Without the help of a firewall, I would never have known. More on this later.<\/p>\n

How do we prevent our sensitive information from being beamed out to cyberspace? Setup a gate around our computer and hire a guard to watch all the traffic coming and going. Well, in a digital sense. The digital version is known as Little Snitch from Objective Development<\/a>, Germany.<\/p>\n

Little Snitch works by checking with you, a human, whenever a new program on your Mac tries to connect to the Internet. Each time a new program that tries to send information out to the Internet, Little Snitch asks you whether you want to allow this to happen and if it should remember your decision for the next time. This is really not as intrusive or bothersome as it may sound. After a day of using your computer as per normal, you’ll have just about all the programs you use normally setup with Little Snitch and the questions will stop. After this point, any time Little Snitch asks you about new outbound Internet traffic, you should pay attention: this is possibly information being sent out without your knowledge nor consent.<\/p>\n

With Version 2 of Little Snitch, ObjDev came out with a great feature: Network Monitor. This feature unobtrusively pops up a window in the top right hand corner (by default, but moveable) with the name of the program and the Internet address it is trying to reach, every time data is sent out over the Internet. This is the ultimate in keeping a watchful eye on your system. You’ll quickly get to know which Internet addresses your Mac normally talks to on a regular basis and which addresses should set off alarm bells.<\/p>\n

\"Little<\/p>\n

So how is all this useful? Let me provide an example.<\/p>\n

In 2004, I was trying to figure out some network issue with a game or what not so I popped up my firewall’s network monitor. I noticed something funny: an outgoing email connection was being attempted every minute from my computer to an email server that was completely foreign to me. I thought this somewhat odd, so I tried to load up the server address in a web browser. It was a Lycos free email account. I had no Lycos email accounts. At this point I could see the alarm bell in my head, but the ringing wasn’t too loud yet. Next I inspected what program was trying to make this Internet connection. It was a program that I had never heard of, installed in my windows directory. Looking at the compiled source code of this program it was referencing a file named “password” something or other. Returning to the directory I found this file and opened it up in a text editor. To my horror this file contained my usernames and passwords for web sites I used normally. This is when the five alarm signal started screaming in my head. In a panic I tried to delete the program, but it was constantly “in use”, making connections out to this Lycos email server, and monitoring Internet Explorer for logins that I was performing. Somehow this trojan program made it into my system, had collected all my usernames and passwords for web sites that I normally use and was trying to email them to an anonymous email account that the cracker\/trojan author obviously had access to. This trojan was so successful that the email box at Lycos had hit its size limit and was rejecting incoming emails. Luckily for me, the emails with my credentials were being bounced, not delivered. The only thing that saved me was the firewall network monitor showing me the outbound connections. Had I not seen this unusual Internet traffic coming from my computer and stopped it, the cracker would have cleared out his email box, allowing new stolen passwords to arrive and I would have been compromised. I was extremely lucky.<\/p>\n

Little Snitch 2 with Network Monitor can help you prevent this type of nightmare. If you’re interested in keeping your banking and other sensitive personal information safe, I’d certainly recommend it.<\/p>\n

You can try Little Snitch before buying. The default install allows you to run the firewall for three hours at a time before it will switch off automatically. This will give you a flavour of how it works and what to expect. At that point you can decide whether its worth the $24.95 or not. For the piece of mind I get from knowing what information is being sent out of my computer, Little Snitch is well worth it.<\/p>\n

What features could be improved?<\/p>\n