How to disable Bonjour in Apple Mac OS X Tiger
I personally don’t want Bonjour (Zeroconf, mDNSResponder, Rendezvous) running all the time, because I rarely use it and because it gives away information such as your username, what services you’re running, computer name and more, depending on what you’re running. From a security perspective, you’re making it easy for an attacker to enumerate services and usernames without even having to do active scanning a lot of the time.
In order to permanently disabled the mDNSResponder daemon, run the following command:
launchctl unload -w /System/Library/LaunchDaemons/com.apple.mDNSResponder.plist
This will unload the daemon from memory and will modify the .plist file so the service will be permanently disabled and won’t be loaded during next startup. In fact, the previous command adds the lines highlighted in bold to the “/System/Library/LaunchDaemons/com.apple.mDNSResponder.plist” file:
cat /System/Library/LaunchDaemons/com.apple.mDNSResponder.plist
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE plist PUBLIC "-//Apple Computer//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
<plist version="1.0">
<dict>
<key>Disabled</key>
<true/>
<key>Label</key>
<string>com.apple.mDNSResponder</string>
<key>OnDemand</key>
<false/>
<key>ProgramArguments</key>
<array>
<string>/usr/sbin/mDNSResponder</string>
<string>-launchdaemon</string>
</array>
<key>ServiceIPC</key>
<false/>
</dict>
</plist>
To reenable the service, simply issue:
launchctl load -w /System/Library/LaunchDaemons/com.apple.mDNSResponder.plist
which will, in turn, remove the previously highlighted lines in bold from the “.plist” file.
NOTE: Disabling Bonjour breaks iTunes support for remote speakers.
[...] even while Apple has a way to disable Bonjour, I’m not sure that I want to, nor am I 100% convinced this is the problem, but is more likely [...]
Walt-O-Matic » Blog Archive » Macbook Pro: Network connectivity just disappears said this on July 6th, 2007 at 09:16
You need to quote the XML you copied and pasted into your blog entry so that it shows up correctly. My browser is actually parsing it and rendering it as plain text without the XML tags.
Cailean said this on November 20th, 2007 at 08:55
I quoted the XML, so it should work now
Thanks, Cailean!
Felipe Alfaro Solana said this on November 20th, 2007 at 16:19
Yup, the XML is readable, but nothing is highlighted
Exactly which lines are added to the file?
Geir Aalberg said this on January 17th, 2008 at 02:23
It’s highlighted for me (and I’ve checked on Safary, Opera and Firefox). Anyways, these are the two lines that are highlighted:
Felipe Alfaro Solana said this on February 5th, 2008 at 04:46
OK, this unload it from memory and disables it from autoload, great tip. But other daemons/services, have a “required” line in the plist file, so mDNSresponder is launched at restart anyway.
Is it posible to prevent this from happen?. Will this services that have this “dependency” run without it?
It’s not a critical issue for me, but it will be great to have more control over this service.
Thank you!!.
Crantall said this on February 25th, 2008 at 14:13
[...] The only real caveat with Mac networking is Bonjour (formerly Rendezvous), a sort of plug-n-play protocol that relies on DNS trickery and broadcasts in order to advertise and locate network services, like iTunes’ Remote Speakers, Bonjour-enabled printers and network gateways, and more. You might not notice if this protocol is even running - it’s not as chatty as NetBIOS, although it serves a similar function - but you can turn it off, permanently, if you want to. Just open Terminal (it’s in the Utilities folder) and read this article. [...]
Mac Interop: Networking | Concentrated Technology said this on August 8th, 2008 at 02:23
[...] culprit: Apple’s Bonjour service. To disable it, here’s the complete how-to article, but the command you need to run [...]
Tech.It.To.Me->{By.Anton.Perez} » mDNSResponder errors on MacBook Pro said this on August 16th, 2008 at 12:46