So, we have a client that is going to be using "Foundstone" software to scan Macs/PC's for vulnerabilities. The client needs to be setup with a hidden account which is a normal user given SSH rights in order to scan/report on software, etc.

One of the requirements is to leave the firewall on while turning off Stealth Mode - easy enough.

sudo defaults write /Library/Preferences/com.apple.alf stealthenabled -int 0

The problem is that after flipping the Stealth Mode off, we can not get the ability to ping - and therefore scan the Macs - until after a reboot. We tried all sorts of things suggested here and elsewhere to get this to work, and so far, only a reboot does the trick. We're testing on 10.10.2/.3 at the moment and will likely have to run this on all the Macs going back to 10.6. I've love to find a way to get this setting flipped and not require a reboot as the client is highly averse to such things (don't ask).

We've tried flipping this on/off to see if that might work, no luck.

defaults write /Library/Preferences/com.apple.alf globalstate -int 0

defaults write /Library/Preferences/com.apple.alf globalstate -int 1

And:

launchctl unload /System/Library/LaunchAgents/com.apple.alf.useragent.plist

launchctl unload /System/Library/LaunchDaemons/com.apple.alf.agent.plist





launchctl load /System/Library/LaunchDaemons/com.apple.alf.agent.plist

launchctl load /System/Library/LaunchAgents/com.apple.alf.useragent.plist

If anyone has any ideas, I'd love to hear them.