Skip to content

Instantly share code, notes, and snippets.

@jjcody

jjcody/randomize-mac-address-os-x.md

Last active October 5, 2022 01:11
Show Gist options
  • Save jjcody/37b7aa547b5761c79eaaa2d006250788 to your computer and use it in GitHub Desktop.
Save jjcody/37b7aa547b5761c79eaaa2d006250788 to your computer and use it in GitHub Desktop.
Download ZIP
Randomize WiFi MAC address on computer startup (OS X)
Raw
randomize-mac-address-os-x.md

Randomize your WiFi MAC address on startup (OS X)

Install spoof-mac with the terminal command: $ brew install spoof-mac.

Then follow the instructions at https://github.com/feross/SpoofMAC#startup-installation-instructions to randomize your MAC address on computer startup:

# Download the startup file for launchd
curl https://raw.githubusercontent.com/feross/SpoofMAC/master/misc/local.macspoof.plist > local.macspoof.plist

# Customize location of `spoof-mac.py` to match your system
cat local.macspoof.plist | sed "s|/usr/local/bin/spoof-mac.py|`which spoof-mac.py`|" | tee local.macspoof.plist

# Copy file to the OS X launchd folder
sudo cp local.macspoof.plist /Library/LaunchDaemons

# Set file permissions
cd /Library/LaunchDaemons
sudo chown root:wheel local.macspoof.plist
sudo chmod 0644 local.macspoof.plist

Finally, restart your computer and verify that your MAC address has been modified with the following command via the terminal: $ spoof-mac list --wifi.

Other considerations

View and change your computer name and LocalHostName

$ scutil --get HostName

$ scutil --get LocalHostName

$ scutil --get ComputerName

sudo scutil --set ComputerName <new name>
sudo scutil --set HostName <new host name>
sudo scutil --set LocalHostName <new local host name>

After the scutil commands you should run dscacheutil -flushcache to help make the changes take effect.

You may also want to disable NetBios

Allegedly the following will help:

sudo launchctl disable system/netbiosd
sudo launchctl unload -w /System/Library/LaunchDaemons/com.apple.netbiosd.plist

Disable Bonjour multicast advertisements

$ sudo defaults write /Library/Preferences/com.apple.mDNSResponder.plist NoMulticastAdvertisements -bool YES

Verify that Bonjour multicast advertising has been disabled:

$ /usr/bin/sudo /usr/bin/defaults read /Library/Preferences/com.apple.mDNSResponder | /usr/bin/grep NoMulticastAdvertisements

If an error is returned, nothing is returned, or "NoMulticastAdvertisements" is not set to "1", this is a finding. source

Disable captive portal

$ sudo defaults write /Library/Preferences/SystemConfiguration/com.apple.captive.control.plist Active -bool false

Disable remote management

$ sudo /System/Library/CoreServices/RemoteManagement/ARDAgent.app/Contents/Resources/kickstart -quiet -deactivate -stop

Opt out of Apple's personalized advertizing

https://support.apple.com/en-sg/guide/mac-help/mh32356/mac

https://github.com/usnistgov/macos_security/blob/main/rules/sysprefs/sysprefs_personalized_advertising_disable.yaml

Disable Internet based spell correction

$ sudo defaults write NSGlobalDomain WebAutomaticSpellingCorrectionEnabled -bool false

Also see US NIST macOS Security Compliance

https://github.com/usnistgov/macos_security

https://github.com/usnistgov/macos_security/blob/main/rules/os/os_messages_app_disable.yaml

Final note

Should you stumble upon this gist and find it useful or have suggestions, please feel free to email me.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment