- Table of Contents
- Copyright
- About the Author
- Acknowledgments
- Tell Us What You Think!
- Introduction
- Part I: Introduction to Mac OS X
- Chapter 1. Mac OS X Component Architecture
- Chapter 2. Installing Mac OS X
- Chapter 3. Mac OS X Basics
- Chapter 4. The Finder: Working with Files and Applications
- Chapter 5. Running Classic Mac OS Applications
- Part II: Inside Mac OS X
- Chapter 6. Native Utilities and Applications
- Chapter 7. Internet Communications
- Chapter 8. Installing Third-Party Applications
- Part III: User-Level OS X Configuration
- Chapter 9. Network Setup
- Chapter 10. Printer and Font Management
- Chapter 11. Additional System Components
- Part IV: Introduction to BSD Applications
- Chapter 12. Introducing the BSD Subsystem
- Chapter 13. Common Unix Shell Commands: File Operations
- Part V: Advanced Command-Line Concepts
- Chapter 14. Advanced Shell Concepts and Commands
- Chapter 15. Command-Line Applications and Application Suites
- Chapter 16. Command-Line Software Installation
- Chapter 17. Troubleshooting Software Installs, and Compiling and Debugging Manually
- Chapter 18. Advanced Unix Shell Use: Configuration and Programming (Shell Scripting)
- Part VI: Server/Network Administration
- Chapter 19. X Window System Applications
- Chapter 20. Command-Line Configuration and Administration
- Chapter 21. AppleScript
- Chapter 22. Perl Scripting and SQL Connectivity
- Chapter 23. File and Resource Sharing with NetInfo
- Chapter 24. User Management and Machine Clustering
- Chapter 25. FTP Serving
- Chapter 26. Remote Access and Administration
- Chapter 27. Web Serving
- Part VII: Server Health
- Chapter 28. Web Programming
- Chapter 29. Creating a Mail Server
- Chapter 30. Accessing and Serving a Windows Network
- Chapter 31. Server Security and Advanced Network Configuration
- Chapter 32. System Maintenance
- Appendix A. Command-Line Reference
- Appendix B. Administration Reference
Security-Minded Thinking
Although Chapter 31, "Server Security and Advanced Network Configuration," goes into security details in considerably more depth, it's a good idea to start thinking about security issues now. In this chapter, you're going to configure your machine so that you can connect to it from other machines. If you can connect to it, so can anyone else, and it's time to start thinking about security. Here are some common sense guidelines that you can use when thinking about your machine's security:
- Regularly apply updates to the operating system. It is common for the Unix vendors to fix security problems and make the fixes available as downloadable updates, usually called patches.
- Do not turn on any unnecessary services. If you don't know what the service is, you probably don't need it.
- Do not turn on the telnet service. telnet transmits passwords in clear text. That is exactly what some of the crackers are looking for.
- Restrict as many of the TCP-based services as possible with tcpwrappers. OS X already comes with tcpwrappers installed, and is configured to assume that you will use tcpwrappers. Using tcpwrappers allows you to control access to some services. You can, for example, restrict access to the ftp service by using tcpwrappers.
- Use secure shell (SSH) for remote logins to your machine.
It is the last item, secure shell, that we will discuss in depth in this chapter. You were first introduced to the secure shell software, via slogin, in Chapter 13, "Common Unix Shell Commands: File Operators." In that chapter, you learned how to use slogin on your Mac OS X box to connect to outside machines. Now that you're more familiar with the Unix side of your operating system, we'll discuss it in a bit more depth, and also explain how to start it as a service so that you can connect from remote back to your OS X machine. Then we will discuss how to use clients in Mac OS 9.1 and earlier to remotely access your OS X machine.
What Is Secure Shell? | Next Section
Account Sign In
View your cart