How to secure and lock down Apple OS X 10.11 (El Capitan) with osxlockdown

Is there is an easy way to audit and lock down (secure) Apple OS X 10.11 (El Capitan) unix operating system?

 

Yes you can use the osxlockdown tool. It was built to audit, and remediate, security configuration settings on OS X 10.11 (El Capitan).

However, this tool may disable functionality in the name of security. Make sure you backup your Macbook/pro/min in advance.

Download osxlockdown

Open the Terminal application and type the following commands:

$ cd

$ mkdir osxlockdown

$ cd osxlockdown

wget need to be installed using brew ##

$ wget https://github.com/SummitRoute/osxlockdown/raw/master/osxlockdown

-$ wget https://github.com/SummitRoute/osxlockdown/raw/master/commands.json

 

Sample outputs:

–2015-12-31 00:12:33–  https://github.com/SummitRoute/osxlockdown/raw/master/commands.json

Resolving github.com… 192.30.252.129

Connecting to github.com|192.30.252.129|:443… connected.

HTTP request sent, awaiting response… 302 Found

Location: https://raw.githubusercontent.com/SummitRoute/osxlockdown/master/commands.json [following]

–2015-12-31 00:12:35–  https://raw.githubusercontent.com/SummitRoute/osxlockdown/master/commands.json

Resolving raw.githubusercontent.com… 103.245.222.133

Connecting to raw.githubusercontent.com|103.245.222.133|:443… connected.

HTTP request sent, awaiting response… 200 OK

Length: 12463 (12K) [text/plain]

Saving to:  commands.json

 

commands.json                               100%[==========================================================================================>]  12.17K  –.-KB/s   in 0s

 

2015-12-31 00:12:36 (64.2 MB/s) –  commands.json  saved [12463/12463]

 

If wget command not installed on Mac, try curl command to grab files:

$ curl -LO https://github.com/SummitRoute/osxlockdown/raw/master/osxlockdown

$ curl -LO https://github.com/SummitRoute/osxlockdown/raw/master/commands.json

Set permissions

Type the following command:

$ chmod +x osxlockdown

How do I check my OS X security settings?

Type the following command:

$ sudo ./osxlockdown

 

Sample outputs:

Fig.01: osxlockdown command output

How do I secure and fix failed security settings?

You need to run the following command (again, this will secure the system, but will disable many things like AirDrop, Bluetooth, and so on):

$ sudo ./osxlockdown –remediate

 

Verify it again:

$ sudo ./osxlockdown

Other options

Type the following command:

$ ./osxlockdown –help

Usage of ./osxlockdown:

-commands_file string

JSON file containing the commands and configuration (default  commands.json )

-hide_passes

Disables printing the rules that passed

-hide_summary

Disables printing the summary

-remediate

Implements fixes for failed checks. WARNING: Beware this may break things.

References:

osxlockdown project home page.

 

 

Leave a Reply

Your email address will not be published. Required fields are marked *