Iptables and tor, reroute all traffic for security... Help?

Similar Messages

• I just purchased MBP and it is my first Apple computer. How concerned should I be about virus software and what do you recommend for security software?

  I just purchased MBP and it is my first Apple computer. How concerned should I be about virus software and what do you recommend for security software?

  1. This comment applies to malicious software ("malware") that's installed unwittingly by the victim of a network attack. It does not apply to software, such as keystroke loggers, that may be installed deliberately by an intruder who has hands-on access to the victim's computer. That threat is in a different category, and there's no easy way to defend against it. If you have reason to suspect that you're the target of such an attack, you need expert help.
  2. All versions of OS X since 10.6.7 have been able to detect known Mac malware in downloaded files, and to block insecure web plugins. This feature is transparent to the user, but internally Apple calls it "XProtect." The malware recognition database is automatically checked for updates once a day; however, you shouldn't rely on it, because the attackers are always at least a day ahead of the defenders.
  The following caveats apply to XProtect:
  It can be bypassed by some third-party networking software, such as BitTorrent clients and Java applets (see below.)
  It only applies to software downloaded from the network. Software installed from a CD or other media is not checked.
  3. Starting with OS X 10.7.5, there has been another layer of built-in malware protection, designated "Gatekeeper" by Apple. By default, applications and Installer packages downloaded from the network will only run if they're digitally signed by a developer with a certificate issued by Apple. Software certified in this way hasn't actually been tested by Apple (unless it comes from the Mac App Store), but you can be reasonably sure that it hasn't been modified by anyone other than the developer. His identity is known to Apple, so he could be held legally responsible if he distributed malware. For most practical purposes, applications recognized by Gatekeeper as signed can be considered safe.
  Gatekeeper has, however, the same limitations as XProtect, and in addition the following:
  It can easily be disabled or overridden by the user.
  A malware attacker could get control of a code-signing certificate under false pretenses, or could find some other way to evade Apple's controls.
  For more information about Gatekeeper, see this Apple Support article.
  4. Beyond XProtect and Gatekeeper, there’s no benefit, in most cases, from any other automated protection against malware. The first and best line of defense is always your own intelligence. All known malware circulating on the Internet that affects a fully-updated installation of OS X 10.6 or later takes the form of so-called "trojan horses," which can only have an effect if the victim is duped into running them. The threat therefore amounts to a battle of wits between you and the malware attacker. If you're smarter than he thinks you are, you'll win.
  That means, in practice, that you never use software that comes from an untrustworthy source. How do you know whether a source is trustworthy?
  Any website that prompts you to install a “codec,” “plug-in,” "player," "extractor," or “certificate” that comes from that same site, or an unknown one, is untrustworthy.
  A web operator who tells you that you have a “virus,” or that anything else is wrong with your computer, or that you have won a prize in a contest you never entered, is trying to commit a crime with you as the victim. (Some reputable websites did legitimately warn visitors who were infected with the "DNSChanger" malware. That exception to this rule no longer applies.)
  Pirated copies or "cracks" of commercial software, no matter where they come from, are unsafe.
  Software of any kind downloaded from a BitTorrent or from a Usenet binary newsgroup is unsafe.
  Software with a corporate brand, such as Adobe Flash Player, must be downloaded directly from the developer’s website. If it comes from any other source, it's unsafe.
  5. Java on the Web (not to be confused with JavaScript, to which it's not related, despite the similarity of the names) is a weak point in the security of any system. Java is, among other things, a platform for running complex applications in a web page, on the client. That was never a good idea, and Java's developers have had a lot of trouble implementing it without also creating a portal for malware to enter. Past Java exploits are the closest thing there has ever been to a Windows-style "virus" affecting OS X. Merely loading a page with malicious Java content could be harmful. Fortunately, Java on the Web is mostly extinct. Only a few outmoded sites still use it. Try to hasten the process of extinction by avoiding those sites, if you have a choice.
  Java is not included in OS X 10.7 and later. Discrete Java installers are distributed by Apple and by Oracle (the developer of Java.) Don't use either one unless you need it. Most people don't. If Java is installed, disable it — not JavaScript — in your browsers. In Safari, this is done by unchecking the box marked Enable Java in the Security tab of the preferences dialog.
  Regardless of version, experience has shown that Java on the Web can't be trusted. If you must use a Java applet for a specific task, enable Java only when needed for the task and disable it immediately when done. Close all other browser windows and tabs, and don't visit any other sites while Java is active. Never enable Java on a public web page that carries third-party advertising. Use it only on well-known, password-protected, secure websites without ads. In Safari 6 or later, you'll see a lock icon in the address bar with the abbreviation "https" when visiting a secure site.
  Follow these guidelines, and you’ll be practically as safe from malware as you can be.
  6. Never install any commercial "anti-virus" or "Internet security" products for the Mac, as they all do more harm than good, if they do any good at all. If you need to be able to detect Windows malware in your files, use the free software ClamXav — nothing else.
  Why shouldn't you use commercial "anti-virus" products?
  Their design is predicated on the nonexistent threat that malware may be injected at any time, anywhere in the file system. Malware is downloaded from the network; it doesn't materialize from nowhere.
  In order to meet that nonexistent threat, the software modifies or duplicates low-level functions of the operating system, which is a waste of resources and a common cause of instability, bugs, and poor performance.
  By modifying the operating system, the software itself may create weaknesses that could be exploited by malware attackers.
  7. ClamXav doesn't have these drawbacks. That doesn't mean it's entirely safe. It may report email messages that have "phishing" links in the body, or Windows malware in attachments, as infected files, and offer to delete or move them. Doing so will corrupt the Mail database. The messages should be deleted from within the Mail application.
  ClamXav is not needed, and should not be relied upon, for protection against OS X malware. It's useful only for detecting Windows malware. Windows malware can't harm you directly (unless, of course, you use Windows.) Just don't pass it on to anyone else.
  A Windows malware attachment in email is usually easy to recognize. The file name will often be targeted at people who aren't very bright; for example:
  ♥♥♥♥♥♥♥♥♥♥♥♥♥♥!!!!!!!H0TBABEZ4U!!!!!!!.AVI♥♥♥♥♥♥♥♥♥♥♥♥♥♥.exe
  ClamXav may be able to tell you which particular virus or trojan it is, but do you care? In practice, there's seldom a reason to use ClamXav unless a network administrator requires you to run an anti-virus application.
  8. The greatest harm done by anti-virus software, in my opinion, is in its effect on human behavior. It does little or nothing to protect people from emerging threats, but they get a false sense of security from it, and then they may behave in ways that expose them to higher risk. Nothing can lessen the need for safe computing practices.
  9. It seems to be a common belief that the built-in Application Firewall acts as a barrier to infection, or prevents malware from functioning. It does neither. It blocks inbound connections to certain network services you're running, such as file sharing. It's disabled by default and you should leave it that way if you're behind a router on a private home or office network. Activate it only when you're on an untrusted network, for instance a public Wi-Fi hotspot, where you don't want to provide services. Disable any services you don't use in the Sharing preference pane. All are disabled by default.

• RV016 Router Allow All Traffic For Outside IP

  Hi,
  I need to configure the firewall to allow all traffice for an IP address of a sever. What steps in the router do i need to configure this? This is a cloud based voip server and we have IP phones and we need to add an IP address of the phone server to allow all traffic for that IP.
  thanks.

  Hi Jonathan,
  I have a similar problem with VOIP traffic being dropped by my new RV016 v3 router.
  I have created one Firewall Rule, to allow ALL traffic from the external VOIP PBX provider (single IP) to connect to the internal VOIP phones, which have assigned addresses in a small IP Address range (eg. 10.1.2.50 - 10.1.2.59)
  The Aastra VOIP phones continually loose their  registration wtih the cloud-based PBX. If you make an outgoing call, it will work, but the PBX will lose connection with the phone, 3 or 4 minutes after you hang up,  and will mark it as offline. Incoming calls made within the 3 or 4 minutes will get through, but after that they go right to voicemail on the PBX system.
  We used to have an RV016 v2 router and VOIP traffic worked  OK,  with a similar Firewall Rule.  We replaced the v2 router  because its CPU crashed. 
  I tested the VOIP traffic with a WRT160 router with minimal Firewall Rules, and it works OK, as long as SIP-ALG is turned Off.   We want to use the RV016 because it provides a larger number of ports for our LAN.
  Any suggestions ?
  Kirk

• My daughter has just bought me an iPad 2 from Dubai and set it all up for me but unfortunately the iMessage function doesn't seem to work. We keep getting messages,when trying to activate it, that there is a network connection problem - help!

  My daughter has just bought me an iPad 2 from Dubai and set it all up for me but unfortunately the iMessage function doesn't seem to work. We keep getting messages,when trying to activate it, that there is a network connection problem - help!

  Thank you both for your responses but my daughter was reassured by the salesman in the iStyle store (official Apple store in the UAE) that iMessages would work but conceded that FaceTime wouldn't. My iTunes account is registered in the uk and my daughter's iPhone has iMessages even though she bought it (and uses it) in Dubai. Can anyone else throw any light on this?

• HT1725 I can't downlaod my purchased music to my iPad.I tried using the computer and it said all purchases for this account have been downlaoded.The musics are on my music folder on the iPad but they are not playing.Help me out.

  I can't downlaod my purchased music to my iPad.I tried using the computer and it said all purchases for this account have been downlaoded.The musics are on my music folder on the iPad but they are not playing.It's showing download error.Tap to retry on the download section of iTunes on the iPad.I just change from iPad2 to iPad 4G and I started having this problem..Help me out.

  Try here >  Downloading past purchases from the App Store, iBookstore, and iTunes Store

• Why is it ok for a verizon wireless service representative to lie to a customer? I went over my monthly data and i called to ask for some help with the overage because i was barely over. They told me they would take care of it and sold me on a shared data

  why is it ok for a verizon wireless service representative to lie to a customer? I went over my monthly data and i called to ask for some help with the overage because i was barely over. They told me they would take care of it and sold me on a shared data plan that would result in 2gb less data but told me i would save 20$ a month. I agreed and recieved my next statement and to my suprise my bill actually went up 15$ a month and i talked to several people and they all told me there is nothing that can be done to get back on the plan i was on and they can not even give me a discount to get me back to what i was paying. They can only offer me a convenience credit. I will be cancelling service.

  ajwest101,
  We do not want to see you go. I truly apologize for any misinformation regarding your plan. Let's investigate into this a little further. What plan were you on? What plan were you switched to? If you look at the detailed billing online of your previous bill do you see any additional charges other then the plan?
  LindseyT_VZW
  Follow us on Twitter @VZWSupport

• I need to upgrade my MacBook 13" white 2008 hard drive.  I have found a WD6400BPVT western digital Scorpio blue 640GB (5400rpm) SATA 8MB 2.5" will this fit and work? Many thanks for any help

  I need to upgrade my MacBook 13" white 2008 hard drive.  I have found a WD6400BPVT western digital Scorpio blue 640GB (5400rpm) SATA 8MB 2.5" will this fit and work? Many thanks for any help

  I had a 640GB HDD in my Early 2008 Macbook and it was just too much it would always freeze up the computer a bit for only a few seconds but ya. Then I realized that it was the size of the HDD that was causing it since the Early 2008 Macbook models can only handle a MAX od 500GB while the Early 2008 Macbook Pros could have a MAX of 640GB (Lucked out there!) lol But ya the Early 2008 Mocbooks can only handle a MAX HDD size of 500GB and that's it!! lol

• Hi my daughter has brought a itunes voucher and now it is asking for security question which she dont know answers to please help

  can anyone help as she dont know security questions and will be blocked thanks

  First try:
  Can I change the answers to the security questions for my Apple ID?
  Yes. You can change the answers to the security questions provided when you originally signed up for your Apple ID. Go to My Apple ID and click Manage your Apple ID. Sign in with your Apple ID name and password, go to the section Password and Security and click Reset your security information.
  next
  Rescue email address and how to reset Apple ID security questions
  Last contact iTunes by:
  https://expresslane.apple.com/Issues.action
  Click on "Account Management" and then on "Forgotten Security Questions". That will take you to a page where you can talk to iTunes Support right away, or you can schedule a call to talk to them. They should be able to get you squared away so that you can log on to the old Apple ID.

• Upgraded to I touch, and it deleted all my music pls help...

  I just bought a I touch, and previously had a 30g ipod video which is now no longer working, so my main reason to upgrading. I opened the box plugged the itouch in to my notebook, and it updated my itunes, at the same time starting out fresh. Thus erasing all my videos, itunes songs, and ripped cds. I tried to run a search for any songs, and come up with nothing. Anyone have any issues upgrading to the itouch, and it erasing all your itunes starting from strach? And it sounds like I cant redownload any of my past purchases right? kinda lame if u ask me. Makes me want to buy cds from now on. You would think purchasing something online would have a record of it, and if it got lost or damaged, you could pull that info back, even for a small fee to down load all my past songs which Ive already purchased from itunes....

  Well unfortunately if it was deleted then the songs are gone.
  *There are a few things you can try if you havent already:*
  There is many 3rd party software that allows you to rip music off of an iPod back to iTunes if you still have your library on your old 30g iPod.
  Also by explaining your situation to apple they may allow you to redownload your previous purchases.
  Other than that you seem stuck in a real bind mate.
  And I know this isnt something you want to hear in this situation but... in the future you really should back up your stuff, its really easy to do and saves a LOT of hassle.

• Just updated Firefox, then updated Adobe Flash player and videos and voice are all choppy. Please help.

  I allowed Firefox to update. It prompted that I may need to update my adobe player. I checked my aol account and tryed to watch a video and it would not work. I updated my Adobe flash player, shut down my pc then went back online to check out a video and it was all choppy including the audio.

  Please ask your question on a forum for the Flash Player

• Scrolling, typing and clicker "stick" all of the sudden - help?

  I bought my MBP exactly one month ago, and things have been fine for the most part. But suddenly the response rate for my clicker, two-finger touch pad scrolling and typing ave been abysmally slow. It takes the computer a few seconds to catch up with what I'm typing, scrolling down pages is no longer smooth and controlled but sticky and "jumpy", and in clicking/unclicking boxes, links (anything)there is a similar delay.
  Last night as I was watching some web-based quicktime videos everything froze up, and I had to restart...the first few attempts at restarting were unsuccessful; the grey screen popped up with the apple logo and the timer icon went round and round, but OS never booted. Once I did manage to boot up, the same thing happened again while trying to watch these videos. I restarted again, and again, and again, until the computer would boot to desktop. After that I began having this issue. Any ideas about what this is/how to fix it? Thanks.
  MacBook Pro Mac OS X (10.4.9)

  viper0066 -
       You must have DiskWarrior v 4.4 in order to run under Lion.  That does not mean you can't use an earlier version of DW if you are running a copy while booted in an earlier version of OSX provided that the version of DW is supported by that earlier version of OSX.  So, you could use DW 4.3 on a Lion startup drive provided that you are booted into Snow Leopard or older, if that makes sense.  Also, as of a few days ago Alsoft still didn't have a bootable CD/DVD for Lion, apparently they are waiting for a copy of the code from Apple to do this.  So you can't boot a computer requiring Lion from an existing DiskWarrior CD or DVD (yet).
       I seem to remember a memory error similar to what you are getting when there is not enough room left on the drive for virtual memory while DW works.  The larger the drive you are working on the more virtual memory space you need.  Remember that DW operates in a fail safe mode, that is, it writes potential changes to unused space on the drive first so you can use the preview function before committing to the final writing of the repalcement directory.  How much free space unused room do you have left on these drives, and how big are they?  I'm not sure if the free space has to be contiguous, if so you might consider iDefrag or something similar.  However, as to any drive that already has problems, do not try iDefrag, that well might make the problem worse:(
       I hope these comments help. - Randy

• HT1491 Not many of the apps say iPod... do the iPad and iPhone apps all work for the iPod touch5?

  In the iTunes store, the apps do not say iPod, just iPad or iPhone. Do the apps/games work for the iPod??

  No. Some apps are iPad only and some iPhone only. The Compatibility section on the App description page stated compatibility. For example this app is NOT compatilber with iPod touch
  https://itunes.apple.com/us/app/compass/id520985073?mt=8
  says:
  Compatibility: Requires iOS 6.0 or later. Compatible with iPhone and iPad. This app is optimized for iPhone 5.

• I am trying to download itunes but I keep getting the message  that apple application support was not found and that I need it for itunes helper. It tells me to uninstall then reinstall but that does nothing. How can I get itunes to work?

  I need to downlad iTunes for my iPod Touch to work, but I can't dowload iTunes without apple application support. How can I get apple application support or is there any other way to download iTunes?

  Hi marian289,
  Thanks for using Apple Support Communities.  This article has steps to thoroughly remove and reinstall iTunes that may help:
  Removing and reinstalling iTunes and other software components for Windows Vista, Windows 7, or Windows 8
  http://support.apple.com/kb/HT1923
  Cheers,
  - Ari

• I stopped my iCloud from syncing my notes and it deleted all my notes! help!

  i'm not sure if that was the reason but all of my VERY important notes were deleted off my phone, any suggestions?

  You can reconnect with iCloud but I suspect they won't be there.
  There are "VERY important notes" and you never backed up and you selected to have them deleted from your iPhone?

• Hi, Does itunes 10.6 still sync older firewire ipods?  I have a 1st gen 5gb, 2nd gen 10gb and 20gb and some minis.  Thanks for your help.

  Hello,
  I've been hesitant to update my itunes for fear of losing syncing ability with my older ipods.  Any help would be appreciated.

  The reason I had not done it was because I thought I had read somewhere that firewire support had been stopped being supported in itunes so I was still on itunes7.   Certainly a lot of changes, first thing I noticed is it seems to load up the ole 20gb brick superfast and somehow seems to sync the song faster.
  I've never used this support forum before, very handy tool!
  Thanks a bunch!