Hardening OS X with Bastille

I know a lot about security, but rarely ever practice it (I leave my WiFi open, I just turn off the SSID :P). With Shmoocon coming up I decided I should at least try to lockdown a little. I’m just hoping my EVDO Rev A card shows up so I don’t have to use any of the local networks. Bastille is a long standing *nix project that guides you through turning off services, setting security policies, and securing your firewall. Last fall Jay Beale released a beta version for OS X users after this Defcon talk pointing out that the OS X firewall doesn’t really do what it says. The install is pretty easy: Download and install instructions can be found here. You’ll need to install Tk following these directions. The only possible slip is that you need to run ‘bastille -b’ to apply the changes as noted here.

I found this talk on FileVault cracking while I was searching. I love all of the little accelerated cracking projects David Hulton has been doing with FPGAs lately.


Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.