12 Mar An even more secure OS X before Leopard.
Category: Apple

Because people had significant trouble with the unwieldy double article, I split this article in two parts;

The Followup; An even more secure OS X before Leopard

Scanning my Audience; a port scan following the first how-to.

Unrelated posts:

    Bricky Shirt

    By no means a replacement of the Cocoia Exploded Settings tee, but I wanted to wear this and I was told others enjoyed it as well. Represent the...

    the Cocoia WWDC shirt

    It's often said that there is great value in having a distinct shirt at WWDC, and while I'm not very preoccupied with that notion myself, I do...

    Redesigning Steam for Mac

    Steam for Mac will be available for download in a week's time. Steam, for the uninitiated, is the world's largest gaming platform, serving in...

    The first Photoshop icon.

    While I was doing some research for one of my upcoming projects today, I found the very first Photoshop icon. It's actually a tiny little photo...

You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.

9 Responses

  1. 1

    Ok, I missed a ‘u’ in Minutes in my first graph. Tough deal.

  2. 2

    Well, port scanning is legal (at least I believe that), but some ISPs have it in their terms of use that you are not allowed to them on networks other than your own (i.e. they mean that you are allowed to scan your own IP address, but not arbitrary ones).

    You should be careful about scanning large groups of addresses if your ISP has such terms of use because you could easily get your account terminated!

  3. 3

    You have your commands reversed in the disabling isight section. The chmod a-rwx should be the disabling command, and a+r should be the enabling command.

    Ed. ; I screwed up. Put you in the article mate, thanks a lot.

  4. Hey … thanks for the link to GlowWorm FW … got quite a few visitors because of it. Good article, too.

  5. 5

    Great article but you dont explain how to set a open firmware password on an intel mac. My MBP keeps bypassing the Command-Option-O-F and boots like normal.

  6. 6

    Hi, rebooting the Mac will restore the original firewall. I have a script to remove unneded lines, but how to integrate it in the OS X 10.4 boot process?

    /sbin/ipfw show > /tmp/origrules

    awk ‘/dst-port 137 in/ {print “/sbin/ipfw del”, substr($1,0,5)}’ /tmp/origrules > /tmp/newrules
    awk ‘/dst-port 427 in/ {print “/sbin/ipfw del”, substr($1,0,5)}’ /tmp/origrules >> /tmp/newrules
    awk ‘/dst-port 631 in/ {print “/sbin/ipfw del”, substr($1,0,5)}’ /tmp/origrules >> /tmp/newrules
    awk ‘/dst-port 5353 in/ {print “/sbin/ipfw del”, substr($1,0,5)}’ /tmp/origrules >> /tmp/newrules
    awk ‘/67 to me in/ {print “/sbin/ipfw del”, substr($1,0,5)}’ /tmp/origrules >> /tmp/newrules
    awk ‘/5353 to me in/ {print “/sbin/ipfw del”, substr($1,0,5)}’ /tmp/origrules >> /tmp/newrules

    chmod +x /tmp/newrules
    sh /tmp/newrules

    rm /tmp/origrules
    rm /tmp/newrules

  1. [...] edit: 12th of March; Follow-up availible; Click Here [...]

  2. [...] [update: Part 2 of this article entitled ‘An even more secure OS X before Leopard’ was just posted. This second part is probably too deep for most, but if you’re really into security, you might want to look it over. For the average user, it’s probably overkill] [...]

  3. 9
    tinzi's Blog (via Trackback)

    Es soll ja immer noch Leute geben,…

    die mit einem Mac unter OS Zehnpunktirgendwas mit dem Admin-Account die t├Ąglichen Dinge wie surfen, mailen und arbeiten erledigen. Das ist nicht so schlau, was man hier und hier oder auch hier nachlesen kann.

    Also, was tun?

    Ganz einfach:

    1. S…


  1. Cocoia Blog » Howto: A more secure OS X before Leopard.
  2. toddvachon.com » Blog Archive » Make Your Mac More Secure
  3. tinzi's Blog
Leave a Reply