Firewall Hardening Toolkit
Local, in-browser helpers
Script-based baselines
Lock down your desktop firewalls, one platform at a time.
Choose the operating system you use, then open the matching firewall baseline assistant. Each tool generates
a local script that hardens Windows Defender Firewall, the macOS Application Firewall, or Ubuntu UFW on your
own terms, without sending data to CyberLife Coach or anyone else.
Step 1 ยท Choose your firewall platform
Desktop firewall baselines
Generate a PowerShell script that applies a STIG-style baseline for Windows Defender Firewall,
including a stricter inbound posture and rollback-aware changes you can test first.
Copy-paste PowerShell
Windows Defender Firewall
Create a bash script that hardens the native macOS Application Firewall with a default-deny posture,
stealth mode, logging, and plist-based backups for clean rollback.
Bash script
Application Firewall (alf)
Generate a UFW helper script for Ubuntu that sets deny-incoming, allow-outgoing, adds optional rules
for SSH, HTTP/HTTPS, Samba, and VNC, and supports backup and rollback of your UFW config.
Bash script
UFW front-end to iptables
Important notice
This Firewall Hardening Toolkit runs entirely in your browser. Your selections and the generated scripts
are not sent to CyberLife Coach, to operating system vendors, or to any third party. Each assistant produces a
generic starting point for host firewall security controls. It is provided for educational and informational
use only, is not a substitute for professional advice, and does not guarantee compliance with any standard or
policy.
Always test in a safe environment, verify every line, and ensure you have reliable backups before making
changes. Do not apply these settings to employer or school managed devices without explicit approval, and
do not bypass existing GPOs, MDM profiles, configuration profiles, or enterprise change-control processes.
No warranty or guarantees
Local only, no data leaves this device