Today I realized I needed to check which ports were open on my Mac. It took me half an hour to find the command line utility that performs this check (it was well hidden). Then it took me another hour to design a solution that checks once each night for port changes and send myself an SMS with a tip that a change has occurred. All nightly scans are stored in a specific folder and if three consecutive scans provide identical results then the middle of the three is deleted.
I could have sent the details of the actual change in the SMS message, but I thought that was a little unneeded complexity. The details are easily observed in the portscans directory.
Some of the wizards on this forum may find problems or suggest improvements, but I think it's a pretty good utility, which helps you maintain security, and it's a good example of some of the usefulness of Keyboard Maestro. I intend to let this run every night on any Mac I own. I wonder what other ideas I could implement like this which may help track security issues. If you have any ideas let me know below.
So I've been running this macro at 3am each night for several days. It's pretty scary. Some unexpected ports were opened up at night. One of them was a port for a file sharing service that I have never used in my life on any computer. I'm probably paranoid but could that mean someone has tapped into my Mac? Maybe, or maybe I'm just paranoid. I'll have to keep an eye on this. "They" might be watching me right now. Good thing I have the case for my glasses perched on the top of my iMac covering the camera.
I have a couple of other Macs in my house and I should run this macro on them to compare the results.
This is a very interesting workflow. Leveraging the builtin stroke, I haven't seen that used much to be honest. And I am a Security Engineer by Trait. Often times you find stuff that can be quite concerning and yet happens be very common.
I'm guessing that "Keyboard" refers to either "Keyboard Maestro" or "Keyboard Maestro Engine", since those are the only two that show up in Activity Monitor.
Is it possible to output the full name of the process?