Mac OS X Unleashed

By John Ray and William C. Ray

• Table of Contents
  • Copyright
  • About the Author
  • Acknowledgments
  • Tell Us What You Think!
  • Introduction
  • Part I: Introduction to Mac OS X
  • Chapter 1. Mac OS X Component Architecture
  • Chapter 2. Installing Mac OS X
  • Chapter 3. Mac OS X Basics
  • Chapter 4. The Finder: Working with Files and Applications
  • Chapter 5. Running Classic Mac OS Applications
  • Part II: Inside Mac OS X
  • Chapter 6. Native Utilities and Applications
  • Chapter 7. Internet Communications
  • Chapter 8. Installing Third-Party Applications
  • Part III: User-Level OS X Configuration
  • Chapter 9. Network Setup
  • Chapter 10. Printer and Font Management
  • Chapter 11. Additional System Components
  • Part IV: Introduction to BSD Applications
  • Chapter 12. Introducing the BSD Subsystem
  • Chapter 13. Common Unix Shell Commands: File Operations
  • Part V: Advanced Command-Line Concepts
  • Chapter 14. Advanced Shell Concepts and Commands
  • Chapter 15. Command-Line Applications and Application Suites
  • Chapter 16. Command-Line Software Installation
  • Chapter 17. Troubleshooting Software Installs, and Compiling and Debugging Manually
  • Chapter 18. Advanced Unix Shell Use: Configuration and Programming (Shell Scripting)
  • Part VI: Server/Network Administration
  • Chapter 19. X Window System Applications
  • Chapter 20. Command-Line Configuration and Administration
  • Chapter 21. AppleScript
  • Chapter 22. Perl Scripting and SQL Connectivity
  • Chapter 23. File and Resource Sharing with NetInfo
  • Chapter 24. User Management and Machine Clustering
  • Chapter 25. FTP Serving
  • Chapter 26. Remote Access and Administration
  • Chapter 27. Web Serving
  • Part VII: Server Health
  • Chapter 28. Web Programming
  • Chapter 29. Creating a Mail Server
  • Chapter 30. Accessing and Serving a Windows Network
  • Chapter 31. Server Security and Advanced Network Configuration
    • Why Bother with Network Security
    • Disabling Access
    • Intrusion Detection
    • Where to Go from Here
    • Summary
  • Chapter 32. System Maintenance
  • Appendix A. Command-Line Reference
  • Appendix B. Administration Reference

Where to Go from Here

The Ohio State University's security group says they have not experienced any security incidents involving OS X on campus, yet. They do point out, however, that as OS X becomes more widespread, crackers will start to target OS X machines. Of course, they recommend that you take a proactive security stance with your machine.

In this chapter, we have attempted to help you do just that. You have seen some basic security measures that you can follow in securing your machine. In addition, you have learned about ipfw, the built-in firewall package that comes with OS X. You have learned about some intrusion detection tools. After reading this chapter, you should at least follow those basic security measures. Hopefully, you will also decide to use some combination of the firewall package and intrusion detection tools.

Is there anything else you can do to protect your machine? If your company has a security group, contact the group to find out if they hold any security meetings or have a mailing list that they issue any security advisories that could be important for you. If you live near a university, find out whether the university has a security group. The university's security group probably holds meetings that are also open to the public. Attending meetings where you can meet some of the experts in security gives you the opportunity to ask any security question you might have face-to-face.

Earlier in this chapter, we mentioned that you should update OS X regularly. You can extend that to third-party-services software that you have installed, such as wu-ftpd and sendmail. In addition, we mentioned replacing basic services with secure services where possible. You might consider replacing inetd with xinetd, which is a secure replacement for inetd available from http://www.xinetd.org/.

You might also be interested in installing additional tools to enhance your security. Many of the sites listed here contain links to the various types of available tools.

Finally, it is important to keep informed on security issues. The following sections describe some resources that can be of assistance.

CERT Coordination Center—http://www.cert.org/

The CERT Coordination Center grew out of the Computer Emergency Response Team, which was formed in 1988 by the Defense Advanced Research Project Agency (DARPA), in response to the Internet worm of the day. The CERT Coordination Center issues security advisories that you can receive as they come out if you're on the mailing list. The site provides advice on many security matters, including those for the home user.

SecurityFocus.com—http://www.securityfocus.com/

This site provides a wealth of information on tools, vulnerabilities, and so on. In addition, this site hosts the BugTraq mailing list, a mailing list that discusses vulnerabilities, how to exploit them, and how to fix them. You can sign up to be on the mailing list or view the archives.

Apple Computer Product Security Incident Response—http://www.apple.com/support/security/security.html

This page is Apple's general security page, where Apple provides some formal information on Apple security as well as a link to a page where you can sign up to be on Apple's security announcement mailing list.

MacSecurity.org—http://www.macsecurity.org/

This is a nice site dedicated to Macintosh security issues.

SecureMac—http://www.securemac.com/

This site is dedicated to Macintosh security issues. At this time, it does not appear to be as current on security issues for OS X as MacSecurity.org.

OSX Security—http://www.osxsecurity.com/

This site is dedicated to OS X security. At this time, however, it does not appear to be as thorough as MacSecurity.org.

National Infrastructure Protection Center—http://www.nipc.gov/

The center provides some interesting security reports that break down into three sections: Bugs, Holes & Patches; Recent Exploit Scripts; and Viruses.

SANS Institute—http://www.sans.org/

The SANS (System Administration, Networking, and Security) Institute is a cooperative research and education organization. It sponsors a variety of conferences and training sessions. The site provides a wealth of security information, including an interesting article on the OS X Public Beta release.

CERIAS—http://www.cerias.purdue.edu/

Purdue University's Center for Education and Research in Information Assurance and Security is an education and research area for security issues. Probably the item of most interest here is the link to the FTP archive from which you can download a number of security tools. The archive includes many security tools, even ones that CERIAS didn't necessarily develop. Although you might prefer to download a specific tool from the home developing site, browsing this FTP archive is a convenient way to read the basic READMEs for many tools.

Share This