In order for anyone to gain access to your computer through ports not intended for that purpose, there would have to be holes in the OS allowing such access. In other words, your mac allows FTP (if enabled) through ports 20 and 21. If you have not enabled FTP, those ports are closed. You may though have HTTP (Personal Web Browsing) enabled through port 80. Unless the FTP user (in NetInfo Manager) has port 80 enabled as well, no-one can ftp into your system. It works the same way for all of your ports.

Running one of the more secure operating systems, I wouldn't worry too much about hackers finding back doors such as this.

You seem to have neglected to read the whole thread or you would have seen that the original poster is running P2P software and has many open ports. The relevant "holes" are those in the P2P software.

A combination of
1. a securely set up firewall,
2. a Tripwire-like program (one easy-to-use Tripwire-like program is CheckMate),
3. Little Snitch, and
4. a Network Intrusion Detection System such as snort (for an OS X GUI for snort, use Henwen) should keep you protected and alerted to problems.

Trevor

No I didn't. I was responding to……and making the statement that unless complete control was open by the OS to one of these ports (Of which none of those ports have admin level access), then the worry is unjustified.

This is completely and utterly wrong. You should not give people this false sense of security. Mac OS X is an extremely secure operating system, and I certainly don't want to worry people--everyone is probably fine as long as they keep their operating system up to date and don't do risky things. But it is completely possible for OS X to have exploits, just as with any other operating system, when running questionable software containing vulnerabilities.

Read some of the following links for your education:
http://www.google.com/search?q=%22re...UTF-8&oe=UTF-8

Trevor

As Trevor has said, it is a worry to provide any services via open ports to the Internet unless you trust that the software that is accessible via those ports is security-hardened. Even if the software does not run with 'root' privileges, if a hole in that software allows an attacker access to your user account, all your user files are vulnerable. And access to a local account is often the first stage in gaining 'root' access.

For the standard services supplied as part of OS X (but off by default and requiring enabling in Sharing preferences), Apple makes sure that the software is secure against all known vulnerabilities. I.e. Apple takes care of the security of Apache, FTP, SSH, etc.
This is not true of most P2P software and hence use of such software is slightly worrisome.

Thanks Trevor for the secure coktail software. I'll try them asap!



Is there any P2P software which are secure..?