• Mac OS X Server,  Mac Security

    Adaptive Firewall Statistics for OS X Server

    I wrote up afctl (the command line tool to manage the OS X Server Adaptive Firewall) awhile back here https://krypted.com//mac-security/a-little-more-about-afctl-in-os-x-server. One thing I didn’t touch on is statistics. There’s a nice little command called hb_summary located in /Applications/Server.app/Contents/ServerRoot/System/Library/CoreServices/AdaptiveFirewall.bundle/Contents/MacOS that provides statistics for blocked hosts. To see statistics about how much the Adaptive Firewall is being used, just run the command with no options: /Applications/Server.app/Contents/ServerRoot/System/Library/CoreServices/AdaptiveFirewall.bundle/Contents/MacOS/hb_summary The output provides the following information (helpful if plugging this information into a tool like Splunk): Date Date statistics start Number of hosts blocked Addresses blocked Number of times each address was blocked Last time a host was blocked Total number of times a block was…