It is sheer coincidence that I installed the brand new and free beta version of Little Snitch on the same day the Internet came under attack. Its new Network Monitor window kept showing messages stating the dns servers I use were not available. Not a problem I’d ever know about usually as Mac OSX automatically diverts to another set. But this was exactly the attack the Internet sustained.

For 12 hours from midnight on Tuesday at least three of the primary dns servers were flooded, including the US Department of Defences’ own. It seems the attacks, the worst since 2002, were coming from South Korea which as we all know is a friend of the US. Wiki does however tell us there at least 40,000 Muslims moved there since the end of the Korean war so draw your own conclusions. One thing is for sure, the way the Internet backbone is distributed was its saving grace and most users were not even aware that something was amiss.

Every Christmas holiday we watch astounded at the huge amount of traffic trying to break into our computers. We protect them at the router and with the OS’s firewalls but it doesn’t stop the attempts to get in. These usually come from universities in eastern Europe, no doubt routed there from whichever desert island the pirates are trying to hack us from. Nevertheless our firewall logs show an increase in access attempts of several hundred percent over Christmas. I even found one coming from a high school in the US and I emailed its network admin listed in whois who told me they found the culprits and put a stop to them.

Little Snitch is the Mac OS equivalent of ZoneAlarm for Windows, both are as essential as a firewall to stop unwanted network traffic. While a firewall prevents incoming access based on its rules about IP addresses and port numbers, outgoing traffic can use any port it wishes which makes it hard for firewalls to stop. This is where Little Snitch and ZoneAlarm come it. They compliment the firewall and filter connections based on rules for the application that tries to make an outgoing connection.

The effect of this is that any trojans, worms or other nasties who try to phone home will be spotted by Little Snitch which asks if you are aware of what the application is doing and whether it has your authority. This is also much loved by users who did not pay for the software they use and would prefer that the software’s publisher did not know they were using it. You know who you are, your eye patch gives you away.

The new beta of Little Snitch has changed a little from the previous version but especially annoying is that rules for Little Snitch v1, built up painstakingly over years, are not imported. Instead while it has various System and default rules it does mean a few days of constant requests to allow outgoing traffic, until the majority of your applications are covered. But the biggest surprise is how chatty computers really are.

Little Snitch’s new Network Monitor flags up every connection and for my Mac this was just about every few seconds. Many of these are from local traffic such as cupsd - the scheduler for the Common Unix Printing System; slpd - the BSD service local protocol; and nmblookup - the NetBIOS over TCP/IP used to lookup NetBIOS names to map to IP addresses. All of these chat with other computers and devices on our LAN. Others that flashed all the time come from open web browser windows where adverts phone home for example. With so much traffic, the constant changes to Little Snitch’s new monitor window become too intrusive and so it got closed. But at least it is there and interesting to see the huge amount computers chat to each other.

As for Little Snitch 2, it’s a no-brainer, it works, does exactly what it says it does, quietly and efficiently and is very cheap at about twelve quid. Recommended.