Skip to main content

Securely configure your Mac from the terminal.

Project description

stronghold

license build

stronghold is the easiest way to securely configure your Mac.

Designed for MacOS Sierra and High Sierra.

Previously fortify.

asciicast demo

Warnings

  • Ensure you have up-to-date backups. This script modifies system settings and there is always a possibility that it will damage your system.

Installation Options

  1. Install with pip

    • $ pip install stronghold
    • $ stronghold
  2. Download stronghold as a zip

    • Unzip
    • cd into directory
    • $ python3 stronghold.py

Configuration Options

  1. Connectivity

    • Enable Firewall? This helps protect your Mac from being attacked over the internet by viruses and worms.

      • Enable Logging? If there is an infection, logs are helpful for determining the source.
      • Enable Stealth Mode? If enabled, your Mac will not respond to network discovery attempts with ICMP ping requests, and will not answer connection attempts made from closed TCP and UDP networks.
      • Prevent both built-in and downloaded software from being whitelisted automatically?
    • Disable Captive Portal Assistant and force login through browser? With default Mac settings on an untrusted network, an attacker could trigger Captive Portal and direct you to a site with malware WITHOUT user interaction.

  2. User Metadata Storage

    • Clear language modeling data? This includes user spelling and suggestion data.
    • Clear QuickLook metadata?
    • Clear SiriAnalytics database?
      • WARNING: This may kill Siri.
    • Clear Quarantine Data.
  3. General Safety

    • Lock Mac as soon as screen saver starts?
    • Display all file extensions? This prevents malware from disguising itself as another file type.
    • Disable saving documents to the cloud by default?
    • Show hidden files in Finder? This lets you see all files on the system without having to use the terminal.

Sources

How to Contribute

  1. Clone repo and create a new branch: $ git checkout https://github.com/alichtman/stronghold -b [name_for_new_branch].
  2. Make changes and test
  3. Submit Pull Request with comprehensive description of changes

Project details


Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distributions

No source distribution files available for this release.See tutorial on generating distribution archives.

Built Distribution

stronghold-1.0.4-py2.py3-none-any.whl (6.9 kB view hashes)

Uploaded Python 2 Python 3

Supported by

AWS AWS Cloud computing and Security Sponsor Datadog Datadog Monitoring Fastly Fastly CDN Google Google Download Analytics Microsoft Microsoft PSF Sponsor Pingdom Pingdom Monitoring Sentry Sentry Error logging StatusPage StatusPage Status page