SCUDO PUBLIC BETA 2 RELEASED

[hany]

We are happy to announce the availability of Scudo public beta 2. This new release introduces very important features and changes.

How to update:
to update from Scudo public beta please run the Scudo public beta 2 installer. A reboot is required.
Once Scudo public beta 2 is started we suggest you to empty your Scudo managed apps list and start populating it from scratch.
In case you install Scudo on a Mac where Vallum has been installed in the past please delete file /etc/afw.conf if present.



What's new:

- Scudo now reads and verifies app signatures. More importantly, Scudo and afw (it's core) are able to match processes by signature, not only by path. This means that when a signed app is managed, Scudo rules will be applied to this app only. If this app is replaced by an app with the same name and same path Scudo will not recognize it. So for example if you grant permission to a signed app to connect to the network and this legit app is replaced by a malicious app, and this malicious app tries to connect to the network, Scudo will pop a notification and it will warn you about a signature mismatch between the app you originally allowed, and the app that's connecting right now. Scudo automatically chooses whether to manage an app by path or by signature and this mechanism is totally transparent to the user.

- Network monitor has been moved from Scudo toolbar to Scudo menulet. Scudo Net Monitor is now an independent process and offers two different points of view over your Mac network activities: Connections and PF States.
"Connections" displays a per-app list of connections. "PF States" displays the list of currently active pf states. Both lists are updated in realtime.



Scudo User Manual (PDF) is available here:
https://www.murusfirewall.com/downloads ... al.pdf.zip

[Steenchen]

Hi there. Can only say this: Beautiful program - works very fine.

[Pisa]

Everything worked , but after first beta expired.. i uninstalled , but uninstaller didn’t remove blocklisted ips, and now i can’t access some sites, how to remove blocklist after uninstalling? how to completly remove scudo files?

[jlbrown]

I’m on Mojave, and as far as I know, the pf firewall is no longer included. Is this correct?

Do I just need to install it via Homebrew and then use Scudo to configure it?

[Pisa]

Anyone know how to remove blacklisted ips after uninstall?

[rwright1989]

Hi guys-

First of a new - I am a new user of your product and now your biggest fan. Thank you!

Recently I switched (yesterday) to Scudo and I enjoy the interface and easy functional style of it. I am not by all means anywhere close to being proficient in in anything above microsoft word, so apologize if my questions are very basic. One, I am running OS 10.14.4 Beta - is that ok and while it is a beta should I anticipate degraded service?

Two, I have express vpn and was wondering how I get the firewall that ensure all traffic is filtered through that specific vpn??

Three, I cant seem to find the logs with Scudo - is there a particular place I should be looking?

four, I have six untouchable user groups:

192.168-net
172.16-net
10-net
169.254-net
ivp6-local-nets
all-local-nets

What exactly are these and why do I need them?

Thank you all in advance!

Cheers,

Rob

[hany]

@Pisa:

Scudo remote black list is not saved on the system, just like pf configuration. It is read in runtime by Scudo when Scudo is running. Scudo makes the http connection to read the remote list and adds ips to the pf runtime table. If Scudo is not running then Scudo cannot be responsible for anything on your Mac, that's by design. Scudo uninstaller uninstalls everything.

[hany]

I’m on Mojave, and as far as I know, the pf firewall is no longer included. Is this correct?

No, not correct.
pf is the macOS built-in packet filter. Nothing has changed. Where did you get this information from?

Do I just need to install it via Homebrew and then use Scudo to configure it?

No, you don't need to do anything, pf is part of you system and cannot be removed/updated/modified. You just need to install and run Scudo.

[hany]

Hi guys-

First of a new - I am a new user of your product and now your biggest fan. Thank you!

Recently I switched (yesterday) to Scudo and I enjoy the interface and easy functional style of it. I am not by all means anywhere close to being proficient in in anything above microsoft word, so apologize if my questions are very basic. One, I am running OS 10.14.4 Beta - is that ok and while it is a beta should I anticipate degraded service?

it is not advisable to run Scudo on a beta OS

Two, I have express vpn and was wondering how I get the firewall that ensure all traffic is filtered through that specific vpn??

Proprietary VPN clients cannot be supported. Scudo needs you to connect to the VPN using the macOS system preferences or the shell terminal.

Three, I cant seem to find the logs with Scudo - is there a particular place I should be looking?

There are no logs in Scudo. If you need logs you should try Murus and Vallum.
In the future we may add support for pf logs, but for sure not afw logs. However this feature is not planned.

four, I have six untouchable user groups:

192.168-net
172.16-net
10-net
169.254-net
ivp6-local-nets
all-local-nets

What exactly are these and why do I need them?

Thank you all in advance!

Cheers,

Rob

These groups represent 6 well-known address spaces. When you set a service as "Pass only..." you need to choose which group you want to allow. Add as many custom groups as you want to the list in order to be able to assign them to the managed services.