When a computer is connected to the internet, it is constantly sending and receiving data to the internet. Usually, this is to ensure that your system is operating to it’s full potential. However, there are instances when some applications will send information about you or how you use their programs, without any permission or knowledge. Little Snitch is an advanced firewall application, exclusively for Mac OS X, that allows you to selectively choose which connection attempts are successful, and which are blocked.
Macs do have a built in firewall, but it only handles incoming connections. This means any connection made from your computer is allowed. Therefore, there is great benefit to using Little Snitch, as it allows you to control all connection attempts.
1. First of all, open a web browser and navigate to http://www.obdev.at/products/littlesnitch/index.html
2. Click on the Download button located in the top right corner.
3. Download the latest release of Little Snitch 3.
4. When the disk image extracts and mounts, open the Little Snitch Installer.
5. Click on Continue to start the installation.
6. The installer will ask if you want to complete the installation even though a restart is required. Click OK.
7. Accept the user agreement and Little Snitch would begin to install.
8. Little Snitch is now installing.
9. Now, Restart your machine to complete the installation. The restart is necessary because Little Snitch replaces a networking program called iptables. (It doesn’t overwrite it)
By default, when you open Little Snitch for the first time, it will ask you of you want to allow the connection attempts that are being made, along with several options for what to do. You can choose to either allow or block the connection:
- Until you quit
- Until you logout
- Until you restart
- For 15 minutes
- For 30 minutes
- For 1 hour
- For 2 hours
You are even able to choose where the application connects to:
- Any Connection
- Only a specific port
- Only a specific domain
- Only a specific domain and port
This combination of options gives you the possibility to make an unlimited amount of rules for every scenario.
The initial setup of Little Snitch can seem like a laborious and tedious task, as you get bombarded by notifications for every connection attempt made. However, in the long run, after the applications that you use everyday have been configured to allow or block their connections, you can relax knowing that your information isn’t being spread across the internet without your knowledge.
The basic connection types, for example, Safari requesting http data through port 80, is a preconfigured rule that is allowed. All of the predefined rules are fully configurable from the list of all rules in the Little Snitch Configuration app.
Once Little Snitch is up and running, you are able to carry on with your tasks, only to be notified if a connection attempt it made. If you aren’t too interested in most connection attempts and you have setup specific rules that you require, you can run Little Snitch in silent mode. This doesn’t give any notifications for connection attempts and you have the option to allow or block all.
You can view what connection attempts are being made, in real time, by using the menu bar application that is included in Little Snitch. This is called the Network Monitor and displays a graph of incoming and outgoing connections, as well as all the applications that are using the internet. You can view which network address your applications are connected to.
The Network Monitor also, display a time/data graph which is customisable and contains detailed information. Alternatively, you may not wish to see in depth which servers are being connected to and how many connections each application has open, you might want to just see when connections are being made. The list of applications and processes are constantly updating so that the last made connection is top of the list. You can also see when an incoming and outgoing connection is being made, straight from the menu bar. The arrow pointing up flashed red when outgoing connectivity is active and the arrow pointing down flash green with incoming data.