Mac Gems: Little Snitch snitches on misbehaving apps
Our Macs can be chatty even when we wish they weren’t. Apps, and even the OS itself, regularly reach out to the rest of your local network and to the Internet to probe, query, and blab. Little Snitch 3 intercepts these requests and presents them to you for inspection and approval. The latest update to the software adds inbound-connection management, too. Little Snitch has graduated from being a sort of outbound-only firewall with notifications to being a full-fledged firewall product with a friendly interface that informs you about any network-related activities.
OS X’s built-in firewall, when enabled, functions based on services and applications, allowing only inbound connections aimed at particular pieces of software—for example, a connection to iPhoto’s shared-library service. But the OS X firewall can’t be configured to allow a connection from a particular Internet protocol (IP) address. Little Snitch offers this type of functionality, but it reveals this power in stages, allowing a simple approach for those who want security without fuss, while using configurable rules to provide levels of deeper and deeper access for those who want more-precise control.
A dialog explains that BBEdit is trying to reach a remote server. You have many options to control whether this connection is blocked, and for how long and to what degree of specificity.
As in previous versions, Little Snitch’s most obvious use is in alerting you to the network activity of applications and low-level software. For instance, launch Google Chrome, and Little Snitch warns you that the browser is attempting to connect to
www.google.com (to check for updates, ostensibly). Should Little Snitch let it proceed, and, if so, for how long and with what limits? The utility even differentiates between IP addresses and ports. (An IP address is a destination, like an apartment building; a port is like a specific apartment within the building.)
Little Snitch comes configured to allow common activities—for example, Safari requesting data from port 80 (standard Web pages) and port 443 (https-secured pages)—to pass through without notice. Many OS X system daemons, autonomous bits of low-level software, also get preapproved. But even these passes are explicitly allowed via rules that you can view, with descriptions, in the Little Snitch Configuration app.
To read this article in full or to leave a comment, please click here
http://www.macworld.com/article/2017161/mac-gems-little-snitch-snitches-on-misbehaving-apps.html
