• Skip to main content
  • Skip to primary sidebar
  • Skip to footer
  • Home
  • About Darknet
  • Hacking Tools
  • Popular Posts
  • Darknet Archives
  • Contact Darknet
    • Advertise
    • Submit a Tool
Darknet – Hacking Tools, Hacker News & Cyber Security

Darknet - Hacking Tools, Hacker News & Cyber Security

Darknet is your best source for the latest hacking tools, hacker news, cyber security best practices, ethical hacking & pen-testing.

Apple Fixes ‘Misleading’ Leopard Firewall Settings

November 21, 2007

Views: 4,629

[ad]

Apple has admitted that is has at LEAST three serious design weaknesses in it’s new application based firewall being rolled out with Mac OS X ‘Leopard’.

It comes (somewhat oddly) only 24 hours after a Mac OS X security update that fixed 41 OS X and Safari security vulnerabilities.

Previously independent researchers proved that Apple’s claim that the Leopard firewall could block all incoming connections was false.

In an advisory accompanying the Mac OS X v10.5.1 update, Apple admitted that the “Block all incoming connections” setting for the firewall is misleading.

“The ‘Block all incoming connections’ setting for the Application Firewall allows any process running as user “root” (UID 0) to receive incoming connections, and also allows mDNSResponder to receive connections. This could result in the unexpected exposure of network services,” Apple said.

With the fix, the firewall will more accurately describe the option as “Allow only essential services”, and by limiting the processes permitted to receive incoming connections under this setting to a small fixed set of system services, Apple said

Sounds like they are back-pedaling rather fast. They also addressed two other issues with the application based firewall.

CVE-2007-4703: The “Set access for specific services and applications” setting for the Application Firewall allows any process running as user “root” (UID 0) to receive incoming connections, even if its executable is specifically added to the list of programs and its entry in the list is marked as “Block incoming connections”. This could result in the unexpected exposure of network services.

CVE-2007-4704: When the Application Firewall settings are changed, a running process started by launchd will not be affected until it is restarted. A user might expect changes to take effect immediately and so leave their system exposed to network access.

So watch out, Apple is not the panacea of security as some people claim it to be.

Source: ZDNet

Share
Tweet
Share
Buffer
WhatsApp
Email
0 Shares

Filed Under: Apple, Hacking News Tagged With: apple, firewall, hacking apple, mac, mac-osx, network-security, os x, osx, safari, Security



Reader Interactions

Comments

  1. dirty says

    November 21, 2007 at 9:34 pm

    You know…this is such a touchy subject with Mac users. At least the ones that bought a Mac thinking that it is 100% failsafe and came to that conclusion because other snotty Mac users told them that was true. I own an Intel Mac and multiple Win boxes, so personally I believe that the Mac is an awesome computers, however it is not completely safe from blackhats.

    I like Macs but they are pretty much status symbols. Go in any coffee house in NYC, SF, LA and all the cool kids have Macs and look down upon any Windows users….

  2. Darknet says

    November 22, 2007 at 10:10 am

    Yeah I agree, Apple fanboi’s are some of the most illogical people around. No doubt OSX is a great OS and very useable, as it’s based on BSD it has stability, and they spent their R&D dollars making it look good and easy to use.

    But as for security, it’s never been great.

    Most Apple stuff is based more on style than substance, people buy it because it looks good…they don’t care about the actual advantages.

  3. Goodpeople says

    November 23, 2007 at 7:47 pm

    I was quite disappointed to find out that Apple had screwed this up so badly. I mean, we all expect the usual crap from microsoft. But it would have been nice if the competition had brought out a decent product. (which it of course still is).

  4. cpj says

    November 25, 2007 at 1:00 am

    i am biased against apple products. they don’t last very long, and the service fees are ludicrous.

    anyways, i wonder how they are selling this new firewall as being easy to use, if they even bother. for most, ease of use for a firewall is an oxymoron.

    i agree with you dirty: status symbols all the way.

  5. Nobody_Holme says

    November 25, 2007 at 8:24 am

    So um…. if the rest of us who use windows to play games and nothing else laugh at those silly mac users, can we make them go cry in a corner?

    I’m not mean… Honest…

  6. dirty says

    November 26, 2007 at 5:31 pm

    All in all, I like my Mac…but call a spade when you see it. Its not hack proof but you can pretend it is if that sort of thing makes you feel good inside. At least you can look cool while you’re getting owned, jk hahah

  7. Nobody_Holme says

    November 27, 2007 at 12:45 pm

    But Macs look stupid….

    Meh, I think anything apple makes/most things your average person thinks is cool looks stupid these days, so hey.

  8. Sir Henry says

    December 14, 2007 at 6:09 pm

    Although I am a Mac user, I am able to pull myself away from the zealous “fanboi” masses and, as dirty stated, “call a spade a spade”. It is ignorant to think that any system is 100%. Unfortunately, to state such to the zealous masses is a date with a fire fight. So eager are they to blindly back up Apple while not looking at the fact that, with more market share and, with the release of a (in my opinion) Vista-like version of OS X, Apple will soon join the ranks as a company with its own security risks in the OS.

Primary Sidebar

Search Darknet

  • Email
  • Facebook
  • LinkedIn
  • RSS
  • Twitter

Advertise on Darknet

Latest Posts

Wazuh – Open Source Security Platform for Threat Detection, Visibility & Compliance

Wazuh – Open Source Security Platform for Threat Detection, Visibility & Compliance

Views: 492

As threat surfaces grow and attack sophistication increases, many security teams face the same … ...More about Wazuh – Open Source Security Platform for Threat Detection, Visibility & Compliance

Best Open Source HIDS Tools for Linux in 2025 (Compared & Ranked)

Views: 517

With more businesses running Linux in production—whether in bare metal, VMs, or containers—the need … ...More about Best Open Source HIDS Tools for Linux in 2025 (Compared & Ranked)

SUDO_KILLER - Auditing Sudo Configurations for Privilege Escalation Paths

SUDO_KILLER – Auditing Sudo Configurations for Privilege Escalation Paths

Views: 549

sudo is a powerful utility in Unix-like systems that allows permitted users to execute commands with … ...More about SUDO_KILLER – Auditing Sudo Configurations for Privilege Escalation Paths

Bantam - Advanced PHP Backdoor Management Tool For Post Exploitation

Bantam – Advanced PHP Backdoor Management Tool For Post Exploitation

Views: 424

Bantam is a lightweight post-exploitation utility written in C# that includes advanced payload … ...More about Bantam – Advanced PHP Backdoor Management Tool For Post Exploitation

AI-Powered Cybercrime in 2025 - The Dark Web’s New Arms Race

AI-Powered Cybercrime in 2025 – The Dark Web’s New Arms Race

Views: 648

In 2025, the dark web isn't just a marketplace for illicit goods—it's a development lab. … ...More about AI-Powered Cybercrime in 2025 – The Dark Web’s New Arms Race

Upload_Bypass - Bypass Upload Restrictions During Penetration Testing

Upload_Bypass – Bypass Upload Restrictions During Penetration Testing

Views: 583

Upload_Bypass is a command-line tool that automates discovering and exploiting weak file upload … ...More about Upload_Bypass – Bypass Upload Restrictions During Penetration Testing

Topics

  • Advertorial (28)
  • Apple (46)
  • Countermeasures (228)
  • Cryptography (82)
  • Database Hacking (89)
  • Events/Cons (7)
  • Exploits/Vulnerabilities (431)
  • Forensics (65)
  • GenAI (3)
  • Hacker Culture (8)
  • Hacking News (229)
  • Hacking Tools (684)
  • Hardware Hacking (82)
  • Legal Issues (179)
  • Linux Hacking (74)
  • Malware (238)
  • Networking Hacking Tools (352)
  • Password Cracking Tools (104)
  • Phishing (41)
  • Privacy (219)
  • Secure Coding (118)
  • Security Software (234)
  • Site News (51)
    • Authors (6)
  • Social Engineering (37)
  • Spammers & Scammers (76)
  • Stupid E-mails (6)
  • Telecomms Hacking (6)
  • UNIX Hacking (6)
  • Virology (6)
  • Web Hacking (384)
  • Windows Hacking (169)
  • Wireless Hacking (45)

Security Blogs

  • Dancho Danchev
  • F-Secure Weblog
  • Google Online Security
  • Graham Cluley
  • Internet Storm Center
  • Krebs on Security
  • Schneier on Security
  • TaoSecurity
  • Troy Hunt

Security Links

  • Exploits Database
  • Linux Security
  • Register – Security
  • SANS
  • Sec Lists
  • US CERT

Footer

Most Viewed Posts

  • Brutus Password Cracker – Download brutus-aet2.zip AET2 (2,296,372)
  • Darknet – Hacking Tools, Hacker News & Cyber Security (2,173,097)
  • Top 15 Security Utilities & Download Hacking Tools (2,096,631)
  • 10 Best Security Live CD Distros (Pen-Test, Forensics & Recovery) (1,199,689)
  • Password List Download Best Word List – Most Common Passwords (933,504)
  • wwwhack 1.9 – wwwhack19.zip Web Hacking Software Free Download (776,157)
  • Hack Tools/Exploits (673,297)
  • Wep0ff – Wireless WEP Key Cracker Tool (530,172)

Search

Recent Posts

  • Wazuh – Open Source Security Platform for Threat Detection, Visibility & Compliance May 16, 2025
  • Best Open Source HIDS Tools for Linux in 2025 (Compared & Ranked) May 14, 2025
  • SUDO_KILLER – Auditing Sudo Configurations for Privilege Escalation Paths May 12, 2025
  • Bantam – Advanced PHP Backdoor Management Tool For Post Exploitation May 9, 2025
  • AI-Powered Cybercrime in 2025 – The Dark Web’s New Arms Race May 7, 2025
  • Upload_Bypass – Bypass Upload Restrictions During Penetration Testing May 5, 2025

Tags

apple botnets computer-security darknet Database Hacking ddos dos exploits fuzzing google hacking-networks hacking-websites hacking-windows hacking tool Information-Security information gathering Legal Issues malware microsoft network-security Network Hacking Password Cracking pen-testing penetration-testing Phishing Privacy Python scammers Security Security Software spam spammers sql-injection trojan trojans virus viruses vulnerabilities web-application-security web-security windows windows-security Windows Hacking worms XSS

Copyright © 1999–2025 Darknet All Rights Reserved · Privacy Policy