How to Enable Stealth Mode Firewall in Mac OS X

Here's a quick guide on how to enable stealth mode firewall in Max OS X for additional security.

How to Enable Stealth Mode Firewall in Mac OS X

Stealth Mode is an optional feature of the Mac firewall available to virtually every somewhat modern version of OS X:

1. Go to the  Apple menu and choose System Preferences

2. Go to the “Security & Privacy” preference panel and select the “Firewall” tab


3. Click on the unlock button and authenticate with an administrator password, click on “Turn On Firewall” if it hasn’t been turned on yet, then then click on the “Firewall Options” button

4. Check the box for “Enable Stealth Mode” then click OK


5.Close out of System Preferences as usual

The Mac is now in stealth mode, meaning it will not respond to certain types of common network communication and discovery attempts.

If you want to test out of the efficacy of Stealth Mode, you can use ping at the command line or use Network Utility to attempt to discover the Mac from another Mac. If you attempt to ping the Mac with Stealth Mode enabled, there will be no response just as if you were sending ICMP requests to a nonexistent machine, like so (assuming the Stealth Mode Mac is 192.168.0.201):
MacBook-Pro% ping 192.168.0.201
PING 192.168.0.201 (192.168.0.201): 56 data bytes
Request timeout for icmp_seq 0
Request timeout for icmp_seq 1
Request timeout for icmp_seq 2
Request timeout for icmp_seq 3
Request timeout for icmp_seq 4
^C
--- 192.168.0.201 ping statistics ---
6 packets transmitted, 0 packets received, 100.0% packet loss
MacBook-Pro%
While this blocks most of the common network finding methods, a particularly savvy individual could still discover the Mac if they really wanted to, whether with a targeted packet capture, through a connected router, or a variety of other methods. This is why it’s called Stealth Mode and not Definitively Invisible Mode, because while it’s certainly going to be under the radar from common finding attempts, it can still be uncovered by a dedicated technical search particularly if that someone is on the same network.

If you are interested in using Stealth Mode for security and privacy reasons, you may want to consider blocking all incoming network connections to the Mac as well, which is in the same firewall preference panel of OS X. Combining the two is pretty effective.

Of course, if you enable stealth mode and discover you’re suddenly experiencing network issues with the given Mac, turning off the feature is just a matter of returning to the firewall settings and unchecking the box again.

Bonus Tip:

You can also enable firewall Stealth Mode from the command line:
/usr/libexec/ApplicationFirewall/socketfilterfw --setstealthmode on
Switch to ‘off’ at the end if you wish to turn it off from the command line as well.

For more mac tips and guides, come and join our facebook community @ facebook.com/webjunkiesblog.

Subscribe to receive free email updates:

0 Response to "How to Enable Stealth Mode Firewall in Mac OS X"

Post a Comment