Blocking outgoing internet connections

Fortunately the Mac world doesn't see as much of this as the poor Windows users do, but any application can open up a connection back to its home base. That may be for legitimate reasons, but "phoning home" can have its darker side.

You can see what's happening with your internet connections by using "lsof":

 $ lsof -i
 firefox-b   935  apl    9u  IPv4 0x02cff7d4      0t0  TCP> (ESTABLISHED)
 firefox-b   935  apl   43u  IPv4 0x0288d50c      0t0  TCP>94.70-84-79.reverse.theplanet.com:http (CLOSED)
 firefox-b   935  apl   50u  IPv4 0x0288ef58      0t0  TCP localhost:51780->localhost:51779 (TIME_WAIT)
 firefox-b   935  apl   52u  IPv4 0x02d00098      0t0  TCP> (ESTABLISHED)
 firefox-b   935  apl   54u  IPv4 0x02cb4c48      0t0  TCP> (ESTABLISHED)
 firefox-b   935  apl   57u  IPv4 0x02d0150c      0t0  TCP> (ESTABLISHED)
 pipedaemo  1026  apl    4u  IPv4 0x019f77f8      0t0  TCP *:9502 (LISTEN)
 ssh        4490  apl    3u  IPv4 0x02cb9ac0      0t0  TCP> (ESTABLISHED)
 ssh       11900  apl    3u  IPv4 0x02cb4f34      0t0  TCP>unixish.com:ssh (ESTABLISHED)

Firefox has a few pages open and I have an ssh to another machine. Nothing to be concerned about here. But I'm not watching "lsof" all day long, so that's where a really good firewall good help. The built in Mac firewall could do this (though not from the GUI interface), as could a number of commercial external firewalls, but neither of those are convenient. Little Snitch from Objective Development ($ 24.95) is a GUI port blocker that can prevent undesired chats with other servers.

