Submit Hint Search The Forums LinksStatsPollsHeadlinesRSS
14,000 hints and counting!

Manage LittleSnitch over SSH via a PHP script UNIX
I previously posted a hint about using AppleScript UI Scripting to allow LittleSnitch while logged in via SSH; this is a follow up on the story.

I decided it was not enough and came up with a php shell script to manage the LittleSnitch daemon via the terminal. This is how SnitchCTL was born. It allows to start, stop and restart the daemon as well as use the UI Script to allow or deny a connection. The script is available here. I have also set up a page for the script, updates will be posted there and some more information on LittleSnitch is available. The source is also available from the site.

Disclaimer :
This script has been tested with Mac OS 10.4.2 and LittleSnitch builds 212 (1.2b3), 218 (1.2b5), and 226 (1.2). Tests have shown that running this script under 10.3.9 is bad idea! Running this script poses a potential security risk! This script is provided "as is;" I am not responsible of any damages that could occur from using it. If you use it, you assume what you do it with and what ever happens to you!

To install the script move it to /usr/bin or /usr/local/bin. You might also have to chmod +x the file. Although you might not want to run this script if you didn't know that! This script turns LittleSnitchDaemon.app (located in /Library -> PreferencePanes -> Little Snitch.prefPane -> Contents -> Resources) on and off. That's the LittleSnitch daemon. If the LittleSnitch kernel extension isn't loaded it will attempt to load it when you start the daemon.

[robg adds: I haven't tested this one...]
    •    
  • Currently 2.43 / 5
  You rated: 3 / 5 (7 votes cast)
 
[9,845 views]  

Manage LittleSnitch over SSH via a PHP script | 2 comments | Create New Account
Click here to return to the 'Manage LittleSnitch over SSH via a PHP script' hint
The following comments are owned by whoever posted them. This site is not responsible for what they say.
Manage LittleSnitch over SSH via a PHP script
Authored by: xSmurf on Oct 06, '05 09:34:35AM
Sorry the download link got broken before the hint go posted.
Please use http://s94011755.onlinehome.us/snitchctl/download/ for the latest version.

There is also a thread going on in the forums about the security risk in LS that this scripts exploits. Yes, LittleSnitch is currently not as secured as it seams; see it here.

---
SnitchCTL : http://snitchctl.smurfturf.net/

PM G4 DP 800 / 1.25gb / 120Gb+80Gb / CD/DVD±RW/RAM/DL
- The only APP Smurf

[ Reply to This | # ]

Get protected, use VeriSnitch!
Authored by: xSmurf on Oct 09, '05 06:20:04PM

After building the proof of concept that SnitchCTL is I thought I should help the users who are scared because of the issues it brings up. This is why I came up with VeriSnitch: http://snitchctl.smurfturf.net/index/verisnitch/

VeriSnitch is a daemon that will monitor LittleSnitch and warns the user, via the GUI, if it is not running as well as log to the console. It is a combination of a command tool and a launchd plist to make it run at 30 seconds interval. Yes it is possible that and app could bring down the daemon and phone home in less than 30 seconds. But I think this adds a fairly good level of security. It comes in a user-friendly installer package so you don't have to be "terminally literate" to use it. It is somewhat untested so if you come across bugs be sure to let me know, but I believe it should work just fine for most users.

Feedback is always appreciated, so be sure to let me know what you think.

---
SnitchCTL : http://snitchctl.smurfturf.net/

PM G4 DP 800 / 1.25gb / 120Gb+80Gb / CD/DVD±RW/RAM/DL
- The only APP Smurf

[ Reply to This | # ]