Categories
firewall

Mac OS X PF Firewall: Protecting SSH from Brute Force Attacks

Apple-like gate (CC BY-SA 2.0 Licensed image by Dennis Jarvis, Flickr user archer10)
Apple-like gate (CC BY-SA 2.0 Licensed image by Dennis Jarvis, archer10)

The OpenBSD‘s PF provides a great many features for packet filtering and network address translation. Mac OS X includes a version of PF that can be used to protect network services. In an article called “Mac OS X pf: Avoiding known bad guys“, I talk about using the Mac OS X PF firewall to protect against known bad sites. In this article, we explore a technique to protect SSH from attackers trying to gain remote access to your Mac by guessing passwords by brute force.

Most of what I learned about PF was used at the office to protect our network. We built redundant firewalls using FreeBSD and PF rules. I started to experiment with the Mac OS X PF implementation once I learned that it was shipped in Lion (Mac OS X 10.7). I am specifically concerned about my Mac laptop systems. The information in this article can also be applied to Mac server and desktop systems too.