Jump to content
Surfer220

Web Sharing & Firewall - Viruses?

Recommended Posts

I think I've got a problem. I recently turned on/activated Web Sharing, but I forgot to turn on the Firewall. Now I think I may have gotten malware, viruses, or some other sort of bad stuff on my machine.

 

Am I right in this thinking? If so, what steps might I take to offset the damage? Thanks.

 

Quick background note: I was experimenting with the using the Apache server that comes built in with Mac (because I'm learning mysql, php, etc.) And this tutorial mentions the importance of activating the Firewall if the user turns on Web Sharing http://www.macinstruct.com/node/112

 

Specs:

OS 10.6.6

Processor 2.53 Ghz Intel Core 2 Duo

Memory 4GB 1067 Mhz DDR3

Edited by Surfer220

Share this post


Link to post
Share on other sites

where is your Mac in relation to "the internet"? are you using a router or does you Mac connect directly to your Cable Modem / DSL gateway. if you are connected to a router then nothing can get to your Mac even if the web server is turned on. Apache in it's default mode is very resistant to attacks. and Apple is good about keeping it up to date.

 

most of the exploits that come knocking are aimed at unpatched Microsoft products. the next most common brute force is aimed at Linux servers.

Share this post


Link to post
Share on other sites

And, you don't mention any symptoms of trouble on your system.

Are there any?

Share this post


Link to post
Share on other sites

where is your Mac in relation to "the internet"? are you using a router or does you Mac connect directly to your Cable Modem / DSL gateway. if you are connected to a router then nothing can get to your Mac even if the web server is turned on. Apache in it's default mode is very resistant to attacks. and Apple is good about keeping it up to date.

 

most of the exploits that come knocking are aimed at unpatched Microsoft products. the next most common brute force is aimed at Linux servers.

 

Thanks for those additional clarifying details. Regarding your question, ... most of the time, I'm working at home and connecting via wireless. I use Time Capsule as my router.

Share this post


Link to post
Share on other sites

And, you don't mention any symptoms of trouble on your system.

Are there any?

 

Sorry, I should have included that. My system seems to be running slower than normal. Not a huge difference, but definitely noticeable.

Share this post


Link to post
Share on other sites

Have you checked Activity Monitor to see what is eating the cycles?

Share this post


Link to post
Share on other sites

Have you checked Activity Monitor to see what is eating the cycles?

 

Right now, the Activity Monitor>CPU shows approximately

-57% idle

-8-9% User

-2-3% System

 

But I don't have much open right now because it's the end of my work-day. But I'll check again tomorrow. Thanks for the suggestion.

Share this post


Link to post
Share on other sites

most of the time, I'm working at home and connecting via wireless. I use Time Capsule as my router.

 

it's pretty much impossible for your Mac to get "infected" by any specific attack as long as it's sitting on your closed wireless network. every router that is serving a single IP address is doing this using NAT. NAT is a firewall. although it is completely dumb. it automatically dumps incoming packets that were not requested by you browsing, reading mail, IM, Skype, etc. dumb works. the only way that you could expose yourself would be to open a specific port on the router and have it forwarded to your Mac. but you didn't say that you did that so lets say you didn't.

 

the way to tell if you mac did have something running on it (ed: impossible. unless you typed an admin password for an installer) is to open Activity Monitor and watch it run. do it with NO apps running or run it with your normal toolset. if you don't do anything you'll see close to 0% CPU activity. you can also watch your network by clicking on the tab below. if something is running chances are it's out going data. the RED out going chart will be anything but ZERO if you have a problem. but some ticks during idle are normal.

 

finally, if you really aren't sure what's going on install Little Snitch and turn it on to full notification. it will tell you every attempt made to phone home.

Edited by johnfoster

Share this post


Link to post
Share on other sites

it's pretty much impossible for your Mac to get "infected" by any specific attack as long as it's sitting on your closed wireless network. every router that is serving a single IP address is doing this using NAT. NAT is a firewall.

 

Thanks for the explanation! Definitely clarifies my understanding.

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

  • Recently Browsing

    No registered users viewing this page.

  • Who's Online (See full list)

    There are no registered users currently online

×