Tags 4964

Little Snitch 3.0 – Alerts you to outgoing network connections

AppKed/ Social Networking/on 2012-10-07 11:29

Little Snitch see what happens under the hood.

A firewall protects your computer against unwanted guests from the Internet. But who protects your private data from being sent out? Little Snitch does!

As soon as you’re connected to the Internet, applications can potentially send whatever information they want to wherever they want.

Sometimes they do this for good reason, on your explicit request. But often they don’t. Little Snitch allows you to intercept these unwanted connection attempts, and lets you decide how to proceed.

Little Snitch informs you whenever a program attempts to establish an Internet connection. You can then choose to allow or deny this connection, or define a rule how to handle similar, future connection attempts. This reliably prevents private data from being sent out without your knowledge. Little Snitch runs inconspicuously in the background and it can also detect network related activity of viruses, trojans and other malware.


Version 3.0:Overview

  • Brand new Network Monitor.
  • Firewall for incoming connections.
  • Profiles
  • Silent Mode.
  • Simplified Connection Alert.
  • Research Assistant for connection attempts.
  • Redesigned Configuration Interface.
  • Ruleset Analyzer and sorting by precedence.
  • Rule Suggestions.
  • Domain based rules via Connection Alert.
  • More powerful rules (ask-option, time limits, multiple destinations).
  • Improved menu bar item.
  • Optimized for MacBook Pro with Retina display.
  • New app icon designed by The Iconfactory.

Network Monitor

  • Get an overview of network traffic.
  • Traffic Diagram.
  • Visual representation of traffic amounts over time.
  • Highlighting of system events (application launched, application terminated, computer sleep, …)
  • Display data rates on logarithmic or linear scale.
  • Zoom into time ranges of choice.
  • Supports multi-touch gestures for scrolling and zooming.
  • Selecting in the traffic view causes connection list to only show applications that where active (caused traffic) during that time.
  • Powerful sorting options (last activity, total traffic amount, process name, server name, …)
  • Save snapshots to investigate connection details at any later point of time.
  • Capture traffic of certain applications as .pcap file to open it with packet analyzer tools (such as Wireshark or Cocoa Packet Analyzer).
  • Easily create rules from context menu.
  • Show denied connection attempts.
  • List other hostnames resolving to same IP address.
  • Highlight corresponding rule in Configuration to find out which rule was responsible for allowing / denying this connection.
  • Search Field Tokens — Use keywords (process, server, host, ip, protocol, port or status) to filter your connection list.
  • Network Monitor Inspector.
  • Further details of selected connection entries.
  • Displays information about the process, server identification (hostnames, IP address), connection statistics (ports, traffic amounts, time of first / last activity, …).
  • Connection inspector now shows all information suitable for a search in the connection list as roll-over button so that a search can be started simply by clicking.

Connection Alerts

  • Simplified Connection Alert — choose your preferred level of detail.
  • More versatile temporary rules: Until Quit, Until Logout, Until Restart, For [n] Minutes, etc.
  • Creation of domain rules.
  • Select other hostnames resolving to same IP address to create a rule for.

Research Assistant

  • New Research Assistant for Connections. Little Snitch’s Connection Alert now has a help button. Clicking the button triggers a query to the Research Assistant Database (maintained by Objective Development) and displays information about the current connection attempt.
  • Users can improve the information returned by submitting feedback directly from the Connection Alert. This data is sent anonymously and will be reviewed by Objective Development.


  • Powerful new interface.
  • Manage profiles
  • Create or delete profiles.
  • Easily add rules to profiles via Drag&Drop.
  • Enable profiles by double-clicking on a profile in the sidebar.
  • Sidebar including
  • Rule Filters (Last 24 Hours, Temporary Rules, Unapproved Rules, …)
  • Rule Suggestions.
  • Profiles.
  • Ruleset Analyzation.
  • Detection of redundant rules.
  • Highlighting of redundant / covered rules, to easily see which rules are obsolete.
  • Sort list of rules by process name, rule precedence or creation date.
  • Improved search
  • Narrow search scope to process, rule, enclosing folders, bundle identifier, notes.
  • Search results now include related rules as well.
  • Backups of rule archives (e.g. Time Machine) can be restored via Little Snitch Configuration.
  • Fullscreen support.


  • Little Snitch offers rule suggestions based on Silent Mode connections, former, already expired temporary rules, login connections and more.
  • Rule suggestions can easily be converted into permanent rules.
  • Rule suggestions can be grouped by their common properties (process, port, host, domain) — Easily create rules that cover most typical connections for certain processes.
  • Menu Bar Item
    • Revised Design.
    • Monochrome or colored Icon.
    • Optionally displays current data rates as numerical values.
    • Access to important settings.
    • Switch between Profiles quickly.
    • Enable or disable Silent Mode quickly.

    Further Improvements

    • In order to support multiple simultaneous logins, processes are distinguished by the user account that started the process. Rules can be created so that they apply to processes running on behalf of the current user, on behalf of a system account such as root, or on behalf of any account.
    • When no user is logged in, all connections which are not covered by an existing rule are automatically denied. Rule suggestions are created for these connections and can be reviewed in Little Snitch Configuration.
    • If you can’t login without network access (e.g. network accounts), the system can be restarted in Permissive Mode where all connections are allowed before the first user logs in. Allow-rules are automatically created so that future logins succeed. Permissive mode is also used during the first restart after installation, but not after upgrades.
    • All components are code-signed.

    Changes since Release Candidate (3871)

    • Help is now available for Little Snitch.
    • Fixed an issue where Ask-Rules could cause a Connection Alert to be shown even in Silent Mode.
    • Fixed a bug where the Connection Alert wrongly indicated that the process terminated.
    • Fixed an issue where rules created from the Connection Alert were for process owner “System” instead of the current user.
    • Connection Alert now honors modifier keys that were held before the alert was shown.
    • Fixed unexpected change of filter scope when creating rules from rule suggestions.
    • Fixed potential crash of Little Snitch Network Monitor when deleting connections from the list.
    • Little Snitch Network Monitor can now be activated with LaunchBar. Simply add /Library/Little Snitch/Little Snitch Network to LaunchBar’s index.