How to secure and lock down Apple OS X 10.11 (El Capitan) with osxlockdown
Is there is an easy way to audit and lock down (secure) Apple OS X 10.11 (El Capitan) unix operating system?
Yes you can use the osxlockdown tool. It was built to audit, and remediate, security configuration settings on OS X 10.11 (El Capitan).
However, this tool may disable functionality in the name of security. Make sure you backup your Macbook/pro/min in advance.
Download osxlockdown
Open the Terminal application and type the following commands:
$ cd
$ mkdir osxlockdown
$ cd osxlockdown
wget need to be installed using brew ##
$ wget https://github.com/SummitRoute/osxlockdown/raw/master/osxlockdown
-$ wget https://github.com/SummitRoute/osxlockdown/raw/master/commands.json
Sample outputs:
–2015-12-31 00:12:33– https://github.com/SummitRoute/osxlockdown/raw/master/commands.json
Resolving github.com… 192.30.252.129
Connecting to github.com|192.30.252.129|:443… connected.
HTTP request sent, awaiting response… 302 Found
Location: https://raw.githubusercontent.com/SummitRoute/osxlockdown/master/commands.json [following]
–2015-12-31 00:12:35– https://raw.githubusercontent.com/SummitRoute/osxlockdown/master/commands.json
Resolving raw.githubusercontent.com… 103.245.222.133
Connecting to raw.githubusercontent.com|103.245.222.133|:443… connected.
HTTP request sent, awaiting response… 200 OK
Length: 12463 (12K) [text/plain]
Saving to: commands.json
commands.json 100%[==========================================================================================>] 12.17K –.-KB/s in 0s
2015-12-31 00:12:36 (64.2 MB/s) – commands.json saved [12463/12463]
If wget command not installed on Mac, try curl command to grab files:
$ curl -LO https://github.com/SummitRoute/osxlockdown/raw/master/osxlockdown
$ curl -LO https://github.com/SummitRoute/osxlockdown/raw/master/commands.json
Set permissions
Type the following command:
$ chmod +x osxlockdown
How do I check my OS X security settings?
Type the following command:
$ sudo ./osxlockdown
Sample outputs:
Fig.01: osxlockdown command output
How do I secure and fix failed security settings?
You need to run the following command (again, this will secure the system, but will disable many things like AirDrop, Bluetooth, and so on):
$ sudo ./osxlockdown –remediate
Verify it again:
$ sudo ./osxlockdown
Other options
Type the following command:
$ ./osxlockdown –help
Usage of ./osxlockdown:
-commands_file string
JSON file containing the commands and configuration (default commands.json )
-hide_passes
Disables printing the rules that passed
-hide_summary
Disables printing the summary
-remediate
Implements fixes for failed checks. WARNING: Beware this may break things.
References:
osxlockdown project home page.