Enterprise Mac Security: Mac OS X Snow Leopard (Books for Professionals by Professionals)

Enterprise Mac Security: Mac OS X Snow Leopard (Books for Professionals by Professionals)

Beau Hunter, Gene Sullivan

Language: English

Pages: 648

ISBN: 1430227303

Format: PDF / Kindle (mobi) / ePub


A common misconception in the Mac community is that Mac’s operating system is more secure than others. While this might be true in certain cases, security on the Mac is still a crucial issue. When sharing is enabled or remote control applications are installed, Mac OS X faces a variety of security threats.

Enterprise Mac Security: Mac OS X Snow Leopard is a definitive, expert-driven update of the popular, slash-dotted first edition and was written in part as a companion to the SANS Institute course for Mac OS X. It contains detailed Mac OS X security information, and walkthroughs on securing systems, including the new Snow Leopard operating system.

Using the SANS Institute course as a sister, this book caters to both the beginning home user and the seasoned security professional not accustomed to the Mac, establishing best practices for Mac OS X for a wide audience.

The authors of this book are seasoned Mac and security professionals, having built many of the largest network infrastructures for Apple and spoken at both DEFCON and Black Hat on OS X security.

What you’ll learn

  • The newest security techniques on Mac OS X and Snow Leopard operating system from the best and brightest
  • The details of the entire Mac OS X Snow Leopard operating system for the desktop and server, and how to secure these systems
  • Considerations for third-party applications on systems
  • The details of Mac forensics and Mac hacking
  • How to tackle Apple wireless security

Who this book is for

This book is for new users, power users, and administrators who wish to make sure that their Mac platform is secure.

Table of Contents

  1. Security Quick-Start
  2. Services, Daemons, and Processes  
  3. Securing User Accounts  
  4. File System Permissions  
  5. Reviewing Logs and Monitoring 
  6. Application Signing and Sandbox  
  7. Securing Web Browsers and E-mail 
  8. Malware Security: Combating Viruses, Worms, and Root Kits  
  9. Encrypting Files and Volumes 
  10. Securing Network Traffic  
  11. Setting Up the Mac OS X Firewall 
  12. Securing a Wireless Network 
  13. Part IV: File Services  
  14. Web Site Security  
  15. Remote Connectivity  
  16. Server Security  
  17. Network Scanning, Intrusion Detection, and Intrusion Prevention Tools  
  18. Backup and Fault Tolerance 
  19. Forensics

The Inspection House: An Impertinent Field Guide to Modern Surveillance

Red Team: How to Succeed By Thinking Like the Enemy

Hacking: Secrets To Becoming A Genius Hacker: How To Hack Smartphones, Computers & Websites For Beginners

Hacking: The Art of Exploitation (2nd Edition)

Hacker Disassembling Uncovered: Powerful Techniques To Safeguard Your Programming

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

still wise to test them in a lab environment before installing them on mission-critical machines. NOTE: To manually run the Software Update feature, open the Software Update preference pane and then click the Check Now button on the Update Software tab. For many of you, using the Mac OS X Software Update preference pane will be adequate enough to keep your computer updated. However, if you have multiple systems on your network that need updating, you can quickly bottleneck your Internet pipe if

First and foremost, granular ACLs won't translate completely. Second, although you might have effective write privileges via ACLs, if you don’t have write privileges via POSIX, it will seem as if you don't have privileges when you do an `ls` on the mounted NFS volume; however, if you try to read or write a file, it will work without issue. Poorly written third-party software might inspect CHAPTER 4: File System Permissions the POSIX permissions and determine that you don’t have access to an

read,write,execute,delete,append,readattr,writeattr, readextattr,writeextattr,readsecurity,writesecurity,chown" /MyAwesomeFolder chmod –R +ai "hunterbj allow read,write,execute,delete,append,readattr,writeattr, readextattr,writeextattr,readsecurity,writesecurity,chown" /MyAwesomeFolder/* TIP: Due to the way that the chmod utility parses the ACE, using the traditional syntax for chmod ACLs does not work correctly when used with user or group names that contain spaces in the shortname. This is

Although this is helpful, Console doesn’t show you every log on your computer. Each application logs information a little bit differently, and it would be impossible to cover every aspect of every log file ever created. Happily, many of the apps made for Mac OS X follow a fairly standard method that Apple established with its own logs. We’ll point out the ones to check for most security purposes. You can then apply this knowledge to other network-aware applications in order to check their logs

the contents of the e-mail are presented exactly as they were at the date of signing (the time the e-mail was sent). If at any time the e-mail’s contents are manipulated by a third party, the e-mail’s signature won’t reflect the change and the recipient will be able to see that the content is malformed. Conversely, the third party is also unable to generate a signature that is valid for the original senders identity. This precludes an attacker from either modifying existing content or generating

Download sample

Download