Use Little Snitch to monitor what traffic is going through on your Mac!
If you don’t, it is probably about time you had a look at this. You’d be in the same position I was where I read an interesting article on how much happens on your computer without you even realising it! You would be surprised, as a lot actually happens and a lot of data is transferred without you having much to say yes or no about but that’s where Little Snitch 3 comes into it’s own!
Software Firewalls, do I need one?
Although this is an argument that you do need one for your own safety there is always an argument on the other hand that there isn’t a major need for one. It’s up to the user themselves as some AntiVirus Software, particularly Avast searches and checks pages via a proxy tunnel before opening them on your browser. For some, that might be enough but when you’re using the likes of Skype and various other pieces of software which all connect to the internet there could be anything happening! I have personally been making use of Little Snitch’s custom deny/allow list to stop any possible intruders from accessing specific ports or connecting with servers via IP address.
Why is Little Snitch so great?
Well, for a number of reasons it’s highly customisable to the point you can make it autonomous and select to either deny all or allow all traffic – although not recommended I found I had to do this with the likes of Skype I could have chosen to allow ALL IP addresses for the Skype application, as Skype constantly uses different IP addresses for various purposes but I thought for testing purposes I’d investigate how it handled this.
To my surprise it was great at handling the massive amounts of traffic and has never crashed while using it, constantly for a few weeks! I’ve used a few software Firewalls previously but Little Snitch 3 is the easiest I’ve had the pleasure to use. The easy usability and customisation of this software is unbelievable, I have included a few screenshots and explanations below.
To the left can be seen a Network Monitor that is inbuilt into Little Snitch, it’s possible to see all the traffic that is being utilised via each program and various Apple Services that are running on my Macbook. If you select a piece of software I found it isolates the graph to the network traffic of that specific highlighted software – brilliant!
If you use the slider at the bottom you can change the time-scale of the graph form anything as long as 1 hour to as short as a minute to see how much usage is being used overall or on a specific piece of software.
That’s great! So how do I know what IP Address’ are connecting to me?
The following box should appear when a service or software has found a connection trying to connect to your Mac, it will give you a few choices and selecting either to allow that specific IP and port, or the whole IP or finally any connection from that software.
You can also specify whether it should be forever or until you quit the software, logout, restart or for a specific time period. Finally, you chose whether to allow or deny the software.
I found that initially like most firewalls you start with everything blocked, this is completely normal and you should just be aware that if something pops up it isn’t as neccessarily strange as it may look. I had a few days where it was very hands on, this would probably best installed on an evening or weekend where you are willing to spend 5-10 minutes just making sure your Mac is able to connect to the browser, any external software like Skype.
Below I have included a few things I would like to see in a following version of Little Snitch, as I believe they would be beneficial although the majority may or may not use them;
- IP Risk Rating, as a way to risk the IP address based on the amount of malicious reports related to it previously
- Geo-IP location showing a bit more information about the IP address when it pops up with an IP address connecting to your computer.
I would like to personally thank Objective Development for making a wonderful piece of software that is great to use and also keeps you secure.
Skype will connect to thousands of IP Addresses using a Content Delivery Network and these are usually required, I tried denying one and found it either cut off Video connection or the whole Skype Call itself, therefore I recommend just allowing Skype to Any Connection – Forever unless you are willing to get a fair few popups a day.
To find out more about Little Snitch 3 and have a free trial or purchase the software then just visit: Objective Development – Software Firewall