From Apple OS X 10.11 Security Technical Implementation Guide
Part of SRG-OS-000480-GPOS-00232
Associated with: CCI-000366
The Application Firewall is the built-in firewall that comes with the OS X and must be enabled. Firewalls protect computers from network attacks by blocking or limiting access to open network ports. Application firewalls limit which applications are allowed to communicate over the network.
If an approved HBSS solution is installed, this is not applicable. To check if the OS X firewall has been enabled, run the following command: /usr/bin/sudo /usr/libexec/ApplicationFirewall/socketfilterfw --getglobalstate If the result is "disabled", this is a finding.
To enable the firewall run the following command: /usr/bin/sudo /usr/libexec/ApplicationFirewall/socketfilterfw --setglobalstate on
Lavender hyperlinks in small type off to the right (of CSS
class id, if you view the page source) point to
globally unique URIs for each document and item. Copy the
link location and paste anywhere you need to talk
unambiguously about these things.
You can obtain data about documents and items in other
formats. Simply provide an HTTP header Accept:
text/turtle or
Accept: application/rdf+xml.
Powered by sagemincer