Lulu Mac版是MacOS平台上的开源防火墙。它的目标很简单;在用户批准之前,阻止任何未知的传出连接。虽然它被设计为通过标记未经授权的网络连接来一般性地检测恶意软件,但是Lulu也可以用来阻止OS组件或第三方应用程序将信息传输到远程服务器。
LuLu is the shared-source firewall for macOS. It’s goal is simple; block any unknown outgoing connections, until approved by the user. While it was designed to generically detect malware by flagging unauthorized networking connections, LuLu can also be used to block OS components or 3rd-party applications from transmitting information to remote servers.
What’s to like about LuLu? Lots!
shared source
The full source code for LuLu is available on GitHub. Such transparency allows anybody to audit its code, or understand exactly what is going on.
protects
LuLu aims to alert you whenever an unauthorized network connection is attempted. As such, it can generically detect malware, or be used to block legitimate applications that may be transmitting private data to remote servers.
simple
“Do one thing, do it well!” LuLu is designed as simply as possible. Sure this means complex features may not be available, but it also means it’s easier to use and has a smaller attack surface!
enterprise friendly
Want to know what network events are being detected? Or rules your users have added? LuLu provides simple mechanisms to subscribe to such events, and stores data such as rules in an open, easily digestible manner.
It’s also important to understand LuLu’s limitations! Some of these will be addressed as the software matures, while others are design decisions (mostly with the goal of keeping things simple).
Network Monitoring
By design, LuLu only monitors for outgoing network connections. Apple’s built in firewall does a great job blocking unauthorized incoming connections.
Rules
Currently, LuLu only supports rules at the ‘process level’, meaning a process (or application) is either allowed to connect to the network or not. As is the case with other firewalls, this also means that if a legitimate (allowed) process is abused by malicious code to perform network actions, this will be allowed.
Single User
For now, LuLu can only be installed for a single user. Future versions will likely allow it to be installed by multiple users on the same system.
Self-Defense
Legitimate attackers/security professionals know that any security tool can be trivially bypassed if specifically targeted – even if the tool employs advanced self-defense mechanisms. Such self-defense mechanisms are often complex to implement and in the end, almost always futile. As such, by design LuLu (currently) implements few self-defense mechanisms. For example, an attacker could enumerate all running processes to find the LuLu component responsible for displaying alerts and terminate it (via a sigkill).
Information
Compatibility OS X 10.11 or later, 64-bit processor
Languages English
HomePage
'%3e%3cg%20id='Telegram'%20transform='translate(422.000000,%20252.000000)'%3e%3ccircle%20cx='30'%20cy='30'%20fill='url(%23linearGradient-1)'%20id='Oval'%20r='30'/%3e%3cpath%20d='M24.5,43.75%20C23.5281,43.75%2023.69325,43.383025%2023.35805,42.457625%20L20.5,33.051475%20L42.5,20'%20fill='%23C8DAEA'%20id='Shape'/%3e%3cpath%20d='M24.5,43.75%20C25.25,43.75%2025.581375,43.407%2026,43%20L30,39.1105%20L25.0105,36.10175'%20fill='%23A9C9DD'%20id='Shape'/%3e%3cpath%20d='M25.01,36.1025%20L37.1,45.03475%20C38.479625,45.795975%2039.47535,45.40185%2039.819,43.753875%20L44.74025,20.563125%20C45.2441,18.543075%2043.970225,17.626875%2042.6504,18.226075%20L13.7529,29.368825%20C11.780375,30.16%2011.791875,31.260475%2013.39335,31.750825%20L20.8091,34.0654%20L37.97735,23.23415%20C38.787825,22.742675%2039.531675,23.0069025%2038.92115,23.54875'%20fill='url(%23linearGradient-2)'%20id='Shape'/%3e%3c/g%3e%3c/g%3e%3c/g%3e%3c/svg%3e)
