I agree with the OP. Some general context-based guidance would be greatly appreciated. I've had Little Snitch since 2007 and, frankly, still don't know if it's working correctly or not. I'm not a network guy. You can RTFM me all you want. I believe this software has great value and I know I'm generally using it correctly. But most people I've recommended it to give up after the first day or so.
For example, what should we be very wary of? Show me. I have had to go through mountains of forums to get a sense of what some of the Mac's internal processes do. But I still have trouble figuring out what "normal" operation should look like.
Some sort of guide giving Best Practices would be greatly appreciated. Considering all the data that passes through LS it seems it would be easy for ObDev to set up a forum where users could specifically share what they're seeing. Perhaps some consensus could be created on 'what is normal'.
I went through a period where a PC-user got on my local network and one Mac in particular began to receive hundreds of netbiosd connection requests from numerous non-local IPs. The process of figuring out what was going on was incredibly frustrating. In the end, I just blocked them all. But I believe it would be much more constructive to see a discussion about "what is happening". ObDev's experts would seem to be the ideal folks to lead this discussion.
If this sort of thing exists, it needs to be better flagged.
For example, what should we be very wary of? Show me. I have had to go through mountains of forums to get a sense of what some of the Mac's internal processes do. But I still have trouble figuring out what "normal" operation should look like.
Some sort of guide giving Best Practices would be greatly appreciated. Considering all the data that passes through LS it seems it would be easy for ObDev to set up a forum where users could specifically share what they're seeing. Perhaps some consensus could be created on 'what is normal'.
I went through a period where a PC-user got on my local network and one Mac in particular began to receive hundreds of netbiosd connection requests from numerous non-local IPs. The process of figuring out what was going on was incredibly frustrating. In the end, I just blocked them all. But I believe it would be much more constructive to see a discussion about "what is happening". ObDev's experts would seem to be the ideal folks to lead this discussion.
If this sort of thing exists, it needs to be better flagged.