docLittle Snitch
download 
Report Transcription
Little Snitch
Little Snitch Eric Postpischil Senior Software Engineer Vector and Numerics Group Core OS Apple, Inc. I am not speaking for Apple, Inc. http://edp.org/Presentations/LittleSnitch.pdf 1 Little Snitch Introduction • • • • • • Features Purchase Installation • Some of My Settings Demonstration Tips More to Explore 2 Saturday, July 27, 2013 Little Snitch Features • • • • • Alert (snitch) when applications use network. Block applications from using network. Learn what to allow or deny. Comparison to OS X firewall. • • Firewall regulates incoming connections. Little Snitch regulates outgoing (also). Borderline general user / expert software. 3 Little Snitch Features • What I Use Little Snitch For. • Snitch when installing applications and using them for the first time, to detect portability and license problems. • • • Block email programs from accessing links. Block unwanted update checks. Block applications reporting to publisher. 4 Saturday, July 27, 2013 Little Snitch Purchase • • Published by Objective Development. • • Family: $34.95 for one seat, $69 household (five). <http://www.obdev.at/products/littlesnitch/ index.html>. Business: $129 for five seats, $219 for ten. 5 Little Snitch Installation • • • • Run installer from disk image. Enter registration information. Configure desired settings. Learn and set rules as desired. • Pesky at first. That is what you sign up for. 6 Saturday, July 27, 2013 Little Snitch Some of My Settings • Alert. • • Detail Level: Show Full Details. Confirm with Return and Escape: Off. 7 Little Snitch Some of My Settings • Monitor. • Show automatically when mouse enters menu bar icon: Off. 8 Saturday, July 27, 2013 Little Snitch Some of My Settings • Advanced. • Mark rules from connection alert as unapproved: On. • Approve rules automatically: Off. 9 Little Snitch Some of My Settings • Update. • Automatically check for updates: Off. 10 Saturday, July 27, 2013 Little Snitch Demonstration 11 Little Snitch Demonstration • Alert. 12 Saturday, July 27, 2013 Little Snitch Demonstration • Hover to show Show Details button. 13 Little Snitch Demonstration 14 Saturday, July 27, 2013 Little Snitch Demonstration • Parts of an Alert. • • • • • Application (via process). Wants to connect to some destination. Forever, Until Quit, other durations. Any Connection or fine controls. Deny or Allow. 15 Little Snitch Demonstration • Parts of an Alert. • Research Assistant. “?” button in lower left. 16 Saturday, July 27, 2013 Little Snitch Demonstration • Handling Alerts while Little Snitch is learning. • For initial training, you can select Forever and Allow for every alert. Run every program you have that accesses the network. • Little Snitch creates rules.You can delete or edit these later. 17 Little Snitch Demonstration • Allowing or denying a rule with duration other than Once creates a rule. • View rules with Menu Bar icon > Rules… 18 Saturday, July 27, 2013 Little Snitch Demonstration • Last 24 Hours, Temporary Rules, Unapproved. 19 Little Snitch Demonstration • All Rules. 20 Saturday, July 27, 2013 Little Snitch Demonstration • Calculator Rule. 21 Little Snitch Demonstration • Parts of a Rule. • Allow, Deny, Ask. • • Duration. Process. • Via. 22 Saturday, July 27, 2013 Little Snitch Demonstration • Parts of a Rule. • Owner • Server. 23 Little Snitch Demonstration • Parts of a Rule. • • Port and Protocol. Enabled. 24 Saturday, July 27, 2013 Little Snitch Demonstration • Stop/Start Network Filter (in Menu Bar icon). 25 Little Snitch Tips • Log into each configured account (including Guest) and ensure Little Snitch rules are set. • Important if you have Prey Project or other anti-theft/tracking software. Little Snitch should be transparent and allow software to work. 26 Saturday, July 27, 2013 Little Snitch More to Explore • • • • Control incoming connections. Configuring differently for different users. • Who can edit rules. Profiles for multiple networks (home, office, café). • Allow local connections at home, not in café. Network monitor. 27 Little Snitch More to Explore • Fine-grain control. • • • • • • ICMP, UDP, TCP. Host, domain, local, classes of destinations. User or system process. Port. Protocol. E.g., could disable insecure email, allow secure. 28 Saturday, July 27, 2013
