I personally don’t want Bonjour (Zeroconf, mDNSResponder, Rendezvous) running all the time, because I rarely use it and because it gives away information such as your username, what services you’re running, computer name and more, depending on what you’re running. From a security perspective, you’re making it easy for an attacker to enumerate services and usernames without even having to do active scanning a lot of the time.
In order to permanently disabled the mDNSResponder daemon, run the following command:
launchctl unload -w /System/Library/LaunchDaemons/com.apple.mDNSResponder.plist
This will unload the daemon from memory and will modify the .plist file so the service will be permanently disabled and won’t be loaded during next startup. In fact, the previous command adds the lines highlighted in bold to the “/System/Library/LaunchDaemons/com.apple.mDNSResponder.plist” file:
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE plist PUBLIC "-//Apple Computer//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
To reenable the service, simply issue:
launchctl load -w /System/Library/LaunchDaemons/com.apple.mDNSResponder.plist
which will, in turn, remove the previously highlighted lines in bold from the “.plist” file.
NOTE: Disabling Bonjour breaks iTunes support for remote speakers.