Packet Filter (PF) by openBSD has a passive OS fingerprinting function. It looks at TCP SYN packets, and based on various parameters contained inside it, looks up in a list (default: /etc/pf.os) what's the most likely OS that the TCP SYN packet came from.
Taking a look at my system's /etc/pf.os file, I noticed that there are entries for MacOS. That means that, in theory, a server can block all inbound traffic coming from MacOS machines. This would effectively shut out Apple users from using my web services. I advise all the other admins reading this thread to add these kinds of rules.
It's as simple as adding block in from proto tcp any os "MacOS" to your PF rules (PF is included in most BSD flavors).
Linux users have to go through a little more work by installing an iptables module called OSF. ioremap.net/2012/08/13/osf/ I don't know how this is configured, but it uses the same format as the one used in *BSD ps.of
Robert Perez
sorry, my mind slipped. Use this instead.
block in proto tcp from any os "MacOS"
David Torres
>not redirecting to gay porn bitch lasagne
Justin Bailey
>This would effectively shut out Apple users from using my web services It's too bad you don't have any web services that anyone gives a shit about, and neither does anyone else who would be salty enough to do this
Hunter Rivera
Some questions that I'd like to address before they're raised:
>Won't I run the risk of blocking non-MacOS users given how OSFP's only basis is the TCP SYN packets?
MacOS is quite unique in how it crafts TCP SYN packets. I've checked the default ps.of file and none of the MacOS records collide with other operating systems.
>People who know what they're doing can easily get around this, why bother?
It takes some knowledge to figure out what's happening here. Even if you knew what OSFP is, you would think the website is down or something. And the point is to block your average Apple user, I don't care one way or another what technically proficient people do, although the inconvenience it gives them is a bonus.
>What's the point?
Short term, just to get the word out there for admins who find stuff like this fun. Long term, I want people to feel that buying Apple products runs them the risk of not being able to access certain websites.
This is totally possible but I prefer making Apple users think that something went wrong with their machine instead of thinking that something malicious is going on.
Redirecting Apple users to randomized gay porn sites will both make them think something is wrong with their fruit toy AND make them think it's been hacked.
Alexander Ramirez
>And the point is to block your average Apple user, I don't care one way or another what technically proficient people do Then just block their user agent and move on. How is this useful or novel in the scenario you describe?
Hunter Stewart
Enumerate the protocols that have a "User agent" field. This is more thorough, but there's no harm in adding additional layers of security.
Logan Diaz
>Enumerate the protocols that have a "User agent" field. HTTP(S). The only one that mac users are going to be accessing any of your "web services" from
Henry Stewart
I'm not a big shot running a site with a hundred million hits a month. I just want this trend of blocking Apple users from the internet to be more prevalent.
Evan Thomas
Won't this drag people away from Unix and benefit Windows instead?
Christopher Carter
That's just a reward for them.
Joshua Williams
based
Evan Morris
I'll do the same with Linux users. Thanks for the info, OP.
Angel Lewis
If you still haven't got it, most of these people are winfags, most of nu Jow Forums is winfags
Caleb Gonzalez
If your company found out you were doing this, you would be fired.
Jeremiah Thomas
No problem.
Jason Lopez
Glhf
Jeremiah Lewis
Seems like a good plan.
Nathaniel Taylor
So you could effectively block all mobile users with ease?
Jeremiah Hill
No one is interested in visiting your blog anyway.
Christian Barnes
>How to make things harder for non Apple users >Exist, and live in their heads rent-free
Henry Barnes
Maybe, but I'd like to encourage this sort of behavior.
Grayson Thompson
You know he's saying the truth
Ryder Nelson
You should try to remove spite from your life.
Dylan Edwards
Imagine being this salty over a fucking fruit logo
- Posted from my iMac
Dylan Howard
>This would effectively shut out Apple users from using my web services. I advise all the other admins reading this thread to add these kinds of rules. But you don't have any web services, and noone on this thread is an admin.
Jonathan Perez
A tangentially related topic: years ago I remember reading a post where an user had somehow worked out how to determine which of the peers in a torrent swarm were macs, and he was able to create a rule to not connect to them. I'm using qbittorrent, and it doesn't seem to show enough information to determine which OS someone is on. The closest thing it shows is which client an IP is using, and I suppose if there is a Mac only client it would be obvious.
Does anyone know how to accomplish this? I'd love to stop seeding to macfags but help out anyone else.
Henry Lee
I imagine he would use passive OS fingerprinting techniques too, much like the one described here.
Blake Powell
>just to get the word out there for admins who find stuff like this fun >gets fired Nothing personnel kid
Cooper Butler
t. Seething weeB Pajeet “admins” running a server in their moms basement LMAO
Gavin Butler
You are very likely to have your services shut down or DDOS'd as soon as you pop up on the Apple radar.
Samuel Powell
You used pajeet, weeb and LMAO in you sentence. You are just yet another reddit faggot who wasted money on a mac
