Serious question: Can I use only profiles (e.g. no connection until VPN is connected) and the rest of the time Little Snitch should behave like it's not installed? I'm not a big fan of watching every connection... have done this in the distant past with Zone Alarm and Windows and it was more bothering than anything else. I also doubt it increases my personal security a lot.... especially when I think about my normal Android phone which is sitting beside my PC.
Yes, I used to use it and had it set up like this. You create one profile which basically allows only the VPN negotiation daemon to access the network, and then another profile where there is no alerting or blocking.
Your Mac will be very unhappy when on the first profile though - seemingly everything will constantly attempt to call out because it can see an active connection.
I ended up removing Little Snitch because I felt that it was causing instability. I could never pinpoint the issue, but things seemed much more flaky when it was running. YMMV, and I was using it a major release ago so things might be better now.
