Advertising
Advertising

10 Ways To Prevent Your Mac From Being Hacked

10 Ways To Prevent Your Mac From Being Hacked

Information protection is now scrutinized in all commercial and government industries. Theft of information has crippled many organizations and businesses. One of the main reasons information is lost, corrupt, or stolen is because many industries have not fully adopted it as a risk, and have yet to implement strong quality assurance policies and programs.

Some of the most common risks are because of unattended computers, weak passwords, and poor information management practices. Hackers look for the weakest target and tunnel into a business from easy sources, like tablets or cell phones.Using smart encryption software can remediate this threat and vulnerability, making it difficult for competitors or rookie hackers to penetrate your device. However, software alone is not enough to prevent Macs from being hacked. It is the Mac user who has the authority and resources to save it from potential penetration. The top 10 ways to prevent your Mac from being hacked is discussed below. Following all these tips will surely make your Mac hack-resistant. As a word of caution, before starting on the below processes, be sure to back-up your system first.

1. Don’t Surf or Read Mail Using the Administrator Account

Create a non-administrator user in the Accounts pane of System Preferences and use this account for everyday tasks. Only log in with an administrator account when you need to perform system administration tasks.

2. Use Software Update

Regularly applying system updates is extremely important.

For Internet-connected systems: Open the Software Update pane in System Preferences. Ensure that “Check for Updates” is enabled, and set it to “Daily” (or the most frequent setting). There is a command line version available as well, called Software Update. Read its main-page for more details.

Apple-Download-Page

    For systems not connected to the Internet: Retrieve updates regularly from www.apple.com/support/downloads. Be sure to verify that the SHA-1 digest of any download matches the digest published there, using the following command: /usr/bin/openssl sha1 download.dmg

    Advertising

    3. Account Settings

    You want to disable Automatic Login. To do this, open the Accounts pane in System Preferences. Click on “Login Options.” Set “Automatic login” to “Off.” Set “Display login window as” to “Name and password.”

    To disable Guest Account and Sharing, select the Guest Account and then disable it by unchecking “Allow Guest to log in to this computer.” Also, uncheck “Allow guests to connect to shared folders.”

    4. Secure Users’ Home Folder Permissions

    To prevent users and guests from perusing other users’ home folders, run the following command for each home folder: sudo chmod go-rx /Users/username

    5. Firmware Password

    Set a firmware password that will prevent unauthorized users from changing the boot device or making other changes. Apple provides detailed instructions for Leopard (which apply to Snow Leopard) here:
    http://support.apple.com/kb/ht1352

    6. Disable IPv6 and AirPort when Not Needed

    Open the Network pane in System Preferences. For every network interface listed:

    • If it is an AirPort interface but AirPort is not required, click “Turn AirPort off.”
    • Click “Advanced.” Click on the TCP/IP tab and set “Configure IPv6:” to “Off” if not needed. If it is an AirPort interface, click on the AirPort tab and enable “Disconnect when logging out.”

    7. Disable Unnecessary Services

    The following services can be found in /System/Library/LaunchDaemons. Unless needed for the purpose shown in the second column, disable each service using the command below, which needs the full path specified: sudo launchctl unload -w System/Library/LaunchDaemons/com.apple.blued.plist

    • com.apple.blued.plist – Bluetooth
    • com.apple.IIDCAssistant.plist – iSight
    • com.apple.nis.ypbind.plist – NIS
    • com.apple.racoon.plist – VPN
    • com.apple.RemoteDesktop.PrivilegeProxy.plist – ARD
    • com.apple.RFBEventHelper.plist – ARD
    • com.apple.UserNotificationCenter.plist – User notifications –
    • com.apple.webdavfs_load_kext.plist – WebDAV –
    • org.postfix.master – email server

    Other Services Can be found here: /System/Library/LaunchAgents and can be disabled the same exact way as the items listed above.

    Advertising

    8. Disable Setuid and Setgid Binaries

    Setuid programs run with the privileges of the file’s owner (which is often root), no matter which user executes them. Bugs in these programs can allow privilege escalation attacks.

    To find setuid and setgid programs, use the commands:

    • find / -perm -04000 -ls
    • find / -perm -02000 -ls

    After identifying setuid and setgid binaries, disable setuid and setgid bits (using chmod ug-s programname) on those that are not needed for system or mission operations. The following files should have their setuid or setgid bits disabled unless required. The programs can always have their setuid or setgid bits re-enabled later, if necessary.

    • /System/Library/CoreServices/RemoteManagement/ARDAgent.app/Contents/MacOS/ARDAgent – Apple Remote Desktop
    • /System/Library/Printers/IOMs/LPRIOM.plugin/Contents/MacOS/LPRIOMHelper – Printing
    • /sbin/mount_nfs – NFS
    • /usr/bin/at – Job Scheduler
    • /usr/bin/atq- Job Scheduler
    • /usr/bin/atrm – Job Scheduler
    • /usr/bin/chpass – Change user info
    • /usr/bin/crontab – Job Scheduler
    • /usr/bin/ipcs – IPC statistics
    • /usr/bin/newgrp – Change Group
    • /usr/bin/postdrop – Postfix Mail
    • /usr/bin/postqueue – Postfix Mail
    • /usr/bin/procmail – Mail Processor
    • /usr/bin/wall – User Messaging
    • /usr/bin/write – User Messaging
    • /bin/rcp – Remote Access (Insecure)
    • /usr/bin/rlogin – /usr/bin/rsh
    • /usr/lib/sa/sadc – System Activity Reporting
    • /usr/sbin/scselect – User-selectable Network Location
    • /usr/sbin/traceroute – Trace Network
    • /usr/sbin/traceroute6 – Trace Network

    9. Configure and Use Both Firewalls

    The Mac system includes two firewalls: the IPFW Packet-Filtering Firewall, and the new Application Firewall. The Application Firewall limits which programs are allowed to receive incoming connections. It is quite easy to configure the Application Firewall. Below, I mention how to configure Mac’s Application firewall. Configuring the IPFW Firewall requires more technical expertise and cannot be fully described here. It involves creating a file with manually written rules (traditionally, /etc/ipfw.conf), and also adding a plist file to /Library/LaunchDaemons to make the system read those rules at boot. These rules depend heavily on the network environment and the system’s role in it.

    How to Configure Application Firewall in Mac

    In only Four steps you can easily configure the Application Firewall in Mac.

    1. Select System Preferences from the Apple Menu

    Advertising

    how to prevent mac from being hacked

      2. From the System Preferences Pane select Security. Then click on the Firewall Tab. Ignore the other Tabs (General and Firevault ).
      3. On the Firewall tab, you may need to unlock the pane, if it is locked. To unlock, click on the small pad lock on lower left corner and enter your Administrator Username and Password.

      how to prevent mac from being hacked

        4. Click Start to enable Mac’s Application Firewall. The green light beside Firewall Status and the ON notification will ensure that the Firewall is running smoothly.

        You can further customize the Firewall configuration by clicking on the Advance button on the right side.

        There are three Advance option in the Firewall Tab

        1. Block All Incoming Connections: Blocking all incoming connections will disable most of the sharing services like File Sharing, Screen Sharing and others. It will only allow basic internet service. Keeping it checked or unchecked depends with on the user.

        how to prevent mac from being hacked

          2. Automatically allow signed software to receive incoming connections:I prefer to keep this option unchecked. This will automatically add software signed by “any” valid authority to the allowed list of Software rather than prompting the users to authorize them.

          3. Enable stealth mode: I always keep this option checked. This prevent your Mac from responding to ping requests and port scans

          Advertising

          10. Safari Preferences

          Safari will automatically open some files by default. This behavior could be leveraged to perform attacks. To disable, uncheck “Open safe files after downloading” in the General tab. Unless specifically required, Safari’s Java should be disabled to reduce the browser’s attack surface. On the Security tab, uncheck “Enable Java.”Also, private browsing in Safari is a great way to stop hackers from picking up bread crumbs and using them against you later.

          Bonus Tip: Disable Bluetooth and Airport

          The best way to disable Bluetooth hardware is to have an Apple-certified technician remove it.If this is not possible, disable it at the software level by removing the following files from /System/Library/Extensions:

          IOBluetoothFamily.kext

          IOBluetoothHIDDriver.kext

          The best way to disable AirPort is to have the AirPort card physically removed from the system.If this is not possible, disable it at the software level by removing the following file from /System/Library/Extensions:

          IO80211Family.kext

          If followed carefully, the above mentioned tips can outdo a hacker’s technology to compromise your Mac. However, as technology advances, hacker use ever-more innovative ways to penetrate your Mac. If you know other ways to hack into a Mac, please share with us in the comments below!

          More by this author

          how to prevent mac from being hacked 10 Ways To Prevent Your Mac From Being Hacked

          Trending in Mac

          1 20 Best Mac Apps for Productivity You Need in 2019 2 15 Mac Hacks You’ve Probably Never Heard Of 3 10 Ways To Prevent Your Mac From Being Hacked 4 3 Things to Consider When Uploading Videos to YouTube 5 6 Tips To Stay Secure While Shopping Online

          Read Next

          Advertising
          Advertising
          Advertising

          Last Updated on October 16, 2019

          11 Meeting Scheduler Apps to Boost Your Productivity

          11 Meeting Scheduler Apps to Boost Your Productivity

          Automations are key to improving efficiency. Set the system up right from the beginning and you’ll reduce the amount of no-shows and cancellations.

          Whatever your business is, with automations, meeting scheduler apps do more than just streamline appointment setting. They prime your workflow for maximum results.

          Meeting scheduler apps are awesome if you use them right. Use them wrong and you can look like an arrogant elitist.

          In this article, I will share with you 11 great meeting scheduler apps you can start using today to boost your productivity.

          1. ScheduleOnce

            ScheduleOnce is an industry leader and robust solution. Whether you work alone or have a large team, ScheduleOnce can support you.

            ScheduleOnce allows you to create multiple users and multiple calendars. I use one calendar for booking podcast guests with automations set up to prep my guests for our interview. I use another calendar for strategy sessions and coaching calls.

            ScheduleOnce also has embeddable widgets so you can keep the scheduler inside your own website.

            Starting at $7 a month and a 14 day free trial, ScheduleOnce can fit a variety of needs in business.

            Available on Web

            2. Calendly

              Calendly stands out for its clean, easy to use interface. If you like clean design, Calendly might be your choice. It too has robust automations and integrations for individuals and teams alike.

              You can try Calendly free for 14 days. Their basic plan is free while their most robust plan is only $12 a month.

              Advertising

              Available on Web | Google Chrome Extension

              3. Assistant.to

                For those who use gmail, Assistant.to is a super simple solution.

                From inside an email, you click on the Assistant.to icon and pick times your free. Assistant.to embeds the times directly into the email so the recipient can quickly pick a time that works for them.

                While it doesn’t have all the bells and whistles of apps like Calendly or ScheduleOnce, Assistant.to is completely free.

                Available on Web

                4. Acuityscheduling

                  Acuity is a robust meeting scheduler very similar to ScheduleOnce. It integrates with CRMs, Email Marketing platforms, Analytics tools and accounting software.

                  It comes with a 14 day free trial. They have a free solo account but if you want the benefit of the integrations, you’ll start as low as $15 a month and can cost up to $50 a month.

                  Available on Web | iOS | Android

                  5. Pick

                    Built for simplicity, Pick is direct and easy to use. You can create your own url extension like pick.co/yournamehere and it integrates with Google calendar and Office 365.

                    At $3 a month, this is a great tool for quick scheduling.

                    Advertising

                    Available on Web

                    6. X.ai

                      For those who are early adopters of AI, this may be the solution for you. X.ai created two AI assistants they call Amy and Andrew Ingram. After setting up your account you simply CC them on your emails with the person you’re wanting to schedule and the AI assistants will email your guests from there until your appointment is set.

                      This type of scheduler feels more personal because of the dialogue. There are stories on their site of people thinking Amy and Andrew are real people. X.ai integrates with Google, Office 365 and Outlook.

                      Starting at $29 a month for an Individual account and $39 a month per user for a Team account, Amy and Andrew are ready to schedule meetings for you. Want to try it out first? They do have a free trial.

                      Available on Web

                      7. YouCanBook.me

                        is another competitive solution for scheduling meetings online. You can manage the calendars of your entire team, configure booking forms, and integrate with your calendar.

                        They have a free account branded with their company name or you can have some control over your branding and appearance at $10 a month for all their features. Either way, this company is worth a look.

                        Available on Web

                        8. Doodle

                          Doodle is unique in the space of meeting schedulers because it helps groups of people find a time to meet that works for everyone.

                          It integrates with your calendar and allows you to send a poll to all invited. Once people vote on the poll you can see which time works best for everyone.

                          Advertising

                          You can also run polls for food preferences if you’re scheduling a lunch meeting or a section of town if people are coming from all over.

                          While there is a free account, you’ll unlock it’s potential starting at $39 per year.

                          Available on Web | iOS | Android

                          9. WhenAvailable

                            WhenAvailable is another scheduler that works for groups of people. You can use it to schedule a pickup game of basketball, decide on your next book club or book your family reunion.

                            Their free account allows up to 20 guests, unlimited events and one contact group. For $15 a year you unlock all the goodies including reminders and chat messages.

                            Available on Web

                            10. Rally

                              Like Doodle and WhenAvailable, Rallly is helpful for scheduling meetings and events with multiple people involved. You create a poll and everyone votes. It’s quick and easy.

                              Unlike Doodle, it doesn’t have as many features, but it’s entirely free.

                              Available on Web

                              11. NeedtoMeet

                                Finishing strong, NeedtoMeet is our last app that allows you to schedule meetings or events for multiple people. It has mobile apps, custom urls, easy polling, notifications and commenting.

                                Advertising

                                NeedtoMeet also allows 1:1 Meetings for things like performance reviews for your whole team. You send out the your calendar slots to your team and they can only pick 1 slot, minimizing the amount of emails and scheduling you have to coordinate.

                                While they have a free account, you can unlock all features for only $19 a year.

                                Available on Web

                                Bonus: Don’t Make These Common Mistakes When Using Meeting Schedulers

                                In the excitement of streamlining your scheduling process, it can be easy to forget the feelings of those you’re inviting to meet. I know. I’ve done this.

                                To say “Hey, schedule time on my calendar” feels colder than “Hey, here’s my calendar. To avoid all the back and forth, pick a time that works best for you.”

                                Always make sure to frame your invite with your scheduler app with the benefit to them and why we’re doing it this way rather than the old fashioned, personal way.

                                A little finesse goes a long way. Without it, you risk seeming transactional and cold.

                                Some meeting scheduler widgets you can embed in your site can take a couple seconds to load. If you go this route, make sure there’s text just above the widget that lets your guest know the calendar will appear below and to wait for it to load.

                                If you use an online meeting tool like Zoom, it’s also important to explicitly let them know the meeting will take place on Zoom and include the Zoom link in the email reminder. Many make the mistake of not clarifying where the meeting will actually take place which can create last minute chaos at the time of the meeting.

                                Should you require special settings, like ethernet, external mics or lighting, let your guests know that on your thank you page and reminder emails so they are prepared for the meeting and you end up with the best meeting possible.

                                With clear communication in your automation, your meeting scheduler tools can almost perform like a virtual assistant for a fraction of the cost, or free, depending on the app you choose.

                                The Bottom Line

                                Meeting scheduler apps are diverse in features and unique in design. Before committing to one and realizing it’s not a fit, I recommend exploring which 3 might best fit you and then doing a trial with each of them at the same time so that you can see how they feel as you use them side by side.

                                Scheduling meetings the old fashioned way can be tedious. Conversely, finding a scheduling app that works seamlessly in the background is heavenly.

                                Like cell phones, meeting scheduler apps are moving from a nice-to-have luxury to must-have necessity in the lives of productive people. As you explore your options, stay true to your brand and the tools that have worked well for you to this point and simply find a meeting scheduler app that plays well with what you have created.

                                Featured photo credit: rawpixel via unsplash.com

                                Read Next