12 Mar An even more secure OS X before Leopard.
Category: Apple

Because people had significant trouble with the unwieldy double article, I split this article in two parts;

The Followup; An even more secure OS X before Leopard

Scanning my Audience; a port scan following the first how-to.

You can follow any responses to this entry through the RSS 2.0 feed. Both comments and pings are currently closed.

9 Responses

  1. 1
    sebastiaan 

    Ok, I missed a ‘u’ in Minutes in my first graph. Tough deal.

  2. 2
    georg 

    Well, port scanning is legal (at least I believe that), but some ISPs have it in their terms of use that you are not allowed to them on networks other than your own (i.e. they mean that you are allowed to scan your own IP address, but not arbitrary ones).

    You should be careful about scanning large groups of addresses if your ISP has such terms of use because you could easily get your account terminated!

  3. 3
    Greg 

    You have your commands reversed in the disabling isight section. The chmod a-rwx should be the disabling command, and a+r should be the enabling command.

    Ed. ; I screwed up. Put you in the article mate, thanks a lot.

  4. Hey … thanks for the link to GlowWorm FW … got quite a few visitors because of it. Good article, too.

  5. 5
    Talesh 

    Great article but you dont explain how to set a open firmware password on an intel mac. My MBP keeps bypassing the Command-Option-O-F and boots like normal.

  6. 6
    alxtoth 

    Hi, rebooting the Mac will restore the original firewall. I have a script to remove unneded lines, but how to integrate it in the OS X 10.4 boot process?

    /sbin/ipfw show > /tmp/origrules

    awk ‘/dst-port 137 in/ {print “/sbin/ipfw del”, substr($1,0,5)}’ /tmp/origrules > /tmp/newrules
    awk ‘/dst-port 427 in/ {print “/sbin/ipfw del”, substr($1,0,5)}’ /tmp/origrules >> /tmp/newrules
    awk ‘/dst-port 631 in/ {print “/sbin/ipfw del”, substr($1,0,5)}’ /tmp/origrules >> /tmp/newrules
    awk ‘/dst-port 5353 in/ {print “/sbin/ipfw del”, substr($1,0,5)}’ /tmp/origrules >> /tmp/newrules
    awk ‘/67 to me in/ {print “/sbin/ipfw del”, substr($1,0,5)}’ /tmp/origrules >> /tmp/newrules
    awk ‘/5353 to me in/ {print “/sbin/ipfw del”, substr($1,0,5)}’ /tmp/origrules >> /tmp/newrules

    chmod +x /tmp/newrules
    sh /tmp/newrules

    rm /tmp/origrules
    rm /tmp/newrules

  1. […] edit: 12th of March; Follow-up availible; Click Here […]

  2. […] [update: Part 2 of this article entitled ‘An even more secure OS X before Leopard’ was just posted. This second part is probably too deep for most, but if you’re really into security, you might want to look it over. For the average user, it’s probably overkill] […]

  3. 9
    tinzi's Blog (via Trackback)

    Es soll ja immer noch Leute geben,…

    die mit einem Mac unter OS Zehnpunktirgendwas mit dem Admin-Account die t├Ąglichen Dinge wie surfen, mailen und arbeiten erledigen. Das ist nicht so schlau, was man hier und hier oder auch hier nachlesen kann.

    Also, was tun?

    Ganz einfach:

    1. S…