LuLu: an open-source macOS Firewall

LuLu: an open-source macOS Firewall

LuLu is a free and open-source firewall under macOS. It is mainly used to prevent unauthorized (outgoing) network traffic, unless explicitly permitted by the user:

For details and instructions, click here.

LuLu is designed to build a simple and easy-to-use firewall, so it also has limitations in use. Some of the shortcomings will be supplemented in the subsequent development, and for some designs, we have determined that we will not add them again.

Network Monitoring

According to the design, LuLu only monitors outgoing network connections and can be used with Apple's built-in firewall (to prevent unauthorized incoming connections ).

Rules

Currently, LuLu only supports 'process-level 'rules, which means that processes (or applications) are allowed to connect to the network. This also means that LuLu, like other firewalls, will be allowed if a legitimate (permitted) process is abused by malicious code.

Single User

Currently, LuLu only supports single-user installation. Later versions may allow multiple users to install it on the same system.

Self-defense mechanism

We all know that there is no absolute security, and any security mechanism may be bypassed. Therefore, LuLu (currently) has very few self-defense mechanisms designed and implemented. For example, an attacker can enumerate all running processes and find and kill the LuLu component responsible for alarms (through sigkill ).

Limited Functions

As LuLu is still in Alpha version, some features have not yet been implemented. For example, the alarm window displayed by LuLu only contains the IP address of the remote endpoint, not the URL. Keep an eye on updates to this project!

Build

I suggest you build LuLu in Xcode (although you need to remove the code signature restriction or replace it with your own Apple developer/kernel code signature certificate ).

Install

Currently, LuLu must be installed through the command line. You can download the pre-built binary file/component on the release page, and then use the-install command as root to execute the configuration script (configure. sh:

// Install
$ Sudo configure. sh-install *

Source: kitploit

This article permanently updates link: https://www.bkjia.com/Linux/2018-03/151178.htm