Home

How to use Little Snitch


What is Little Snitch?

Little Snitch is an application for Mac OS X that monitors all outgoing network requests and gives the user access to allow or deny any of them. When an outgoing network attempt is made, Little Snitch pops up a little dialogue box with a few simple yet powerful options. The program itself is very easy to use, but deciding which connections to allow and which ones to deny can often be difficult.

Know your application

Think about why it might want to be using the internet. Does a word processor need to use the internet? Not to function. Does a web browser need to connect to the internet? You better believe it. My basic rule for that is if the program has no business using the internet, I deny it any connection forever. Now, most programs are simply trying to connect home to check for a new version, or so it would seem. I subscribe to macupdate so I'm on top of that anyway. Who knows what other information they might be sending back, especially if I've already given the program admin privileges by entering my password.

Experiment

Sometimes you get a connection request you don't understand at all. You might not know what the application is, what it's trying to call or why. When that happens to me, I deny that connection until quit. If everything works fine, I usually quit the program, reopen it and this time deny that connection forever. On the other hand, if things don't work, close the program and try allowing the connection. If things start working, you found out why. If not, you've got some other problem.

Allow as little as possible

I deny as much as possible forever because A)I'm paranoid and B)I'm too busy to be dealing with Little Snitch all the time. If I can deny any connection forever, I will. That doesn't work for all applications however. Download managers are a key example. Lets say you use Speed Download. Certainly you need to allow it to connect to the internet, but what if you don't want it calling home? Well, you need to look at the details then. For instance, the first connection Speed Download tries to make is to a site called www.yazsoft.com. If you didn't know that yazsoft was the company that made Speed Download, a quick trip to that site would convince you. Once you know what sites/IPs are "home", it's as simple as denying any connections on any port to those sites, but allowing all others. If you're unable to figure out which sites are home, margin on the side of error and block everything, then slowly allow things until everything works.

The dialogue box:

I'd quickly like to break down all the information and options presented in the Little Snitch popup box. When a new connection is attempted, Little Snitch pops up a box with the following information:
Application name
External website/ip
Type of connection
Outgoing port


It then gives you four options along three different ranges with two different choices. The options are:
Any connection
Specific port
Specific website/ip
Specific website/ip and port

The Ranges are:
Once
Until Quit
Forever

The two choices are:
Allow
Deny


Share/Bookmark