You are previewing Enterprise Mac Security: Mac OS X Snow Leopard.
O'Reilly logo
Enterprise Mac Security: Mac OS X Snow Leopard

Book Description

A common misconception in the Mac community is that Mac's operating system is more secure than others. While this might be true in certain cases, security on the Mac is still a crucial issue. When sharing is enabled or remote control applications are installed, Mac OS X faces a variety of security threats.

Enterprise Mac Security: Mac OS X Snow Leopard is a definitive, expert-driven update of the popular, slash-dotted first edition and was written in part as a companion to the SANS Institute course for Mac OS X. It contains detailed Mac OS X security information, and walkthroughs on securing systems, including the new Snow Leopard operating system.

Using the SANS Institute course as a sister, this book caters to both the beginning home user and the seasoned security professional not accustomed to the Mac, establishing best practices for Mac OS X for a wide audience.

The authors of this book are seasoned Mac and security professionals, having built many of the largest network infrastructures for Apple and spoken at both DEFCON and Black Hat on OS X security.

Table of Contents

  1. Copyright
  2. Dedication
  3. About the Authors
  4. About the Technical Reviewer
  5. Acknowledgments
  6. Introduction
  7. The Big Picture
    1. Security Quick-Start
      1. Securing the Mac OS X Defaults
      2. Customizing System Preferences
      3. Accounts
      4. Login Options
      5. Security Preferences
      6. General
      7. FileVault
      8. Firewall
      9. Software Update
      10. Bluetooth Security
      11. Printer Security
      12. Sharing Services
      13. Securely Erasing Disks
      14. Using Secure Empty Trash
      15. Using Encrypted Disk Images
      16. Securing Your Keychains
      17. Best Practices
    2. Services, Daemons, and Processes
      1. Introduction to Services, Daemons, and Processes
      2. Viewing What's Currently Running
      3. Stopping Services, Daemons, and Processes
      4. Stopping Daemons
      5. Types of launchd Services
      6. GUI Tools for Managing launchd
      7. Changing What Runs At Login
      8. Validating the Authenticity of Applications and Services
      9. Summary
    3. Securing User Accounts
      1. Introducing Identification, Authentication, and Authorization
      2. Managing User Accounts
      3. Advanced Settings in System Preferences
      4. Working with Local Directory Services
      5. Restricting Access with the Command Line: sudoers
      6. Securing Mount Points
      7. SUID Applications: Getting into the Nitty-Gritty
      8. Creating Files with Permissions
      9. Summary
    4. File System Permissions
      1. Mac OS File Permissions: A Brief History of Time
      2. POSIX Permissions
      3. Access Control Lists
      4. Administering Permissions
      5. Using the Finder to Manage Permissions
      6. Using chown and chmod to Manage Permissions
      7. The Hard Link Dilemma
      8. Using mtree to Audit File system Permissions
      9. Summary
    5. Reviewing Logs and Monitoring
      1. What Exactly Gets Logged?
      2. Using Console
      3. Finding Logs
      4. Reviewing User-Specific Logs
      5. Reviewing Command-Line Logs
      6. Reviewing Library Logs
      7. Breaking Down Maintenance Logs
      8. What to Worry About
      9. Virtual Machine and Bootcamp Logs
      10. Review Regularly, Review Often
      11. Summary
  8. Securing the Ecosystem
    1. Application Signing and Sandbox
      1. Application Signing
      2. Sandbox
      3. Summary
    2. Securing Web Browsers and E-mail
      1. A Quick Note About Passwords
      2. Securing Your Web Browser
      3. Securely Configuring Mail
      4. Fighting Spam
      5. Desktop Solutions for Securing E-mail
      6. Using Mail Server-Based Solutions for Spam and Viruses
      7. Outsourcing Your Spam and Virus Filtering
      8. Summary
    3. Malware Security: Combating Viruses, Worms, and Root Kits
      1. Classifying Threats
      2. Using Antivirus Software
      3. Other Forms of Malware
      4. Summary
    4. Encrypting Files and Volumes
      1. Using the Keychain to Secure Sensitive Data
      2. Using Disk Images as Encrypted Data Stores
      3. Encrypting User Data Using FileVault
      4. Full Disk Encryption
      5. Summary
  9. Network Traffic
    1. Securing Network Traffic
      1. Understanding TCP/IP
      2. Types of Networks
      3. Understanding Routing
      4. Port Management
      5. DMZ and Subnets
      6. Spoofing
      7. Stateful Packet Inspection
      8. Data Packet Encryption
      9. Understanding Switches and Hubs
      10. Restricting Network Services
      11. Security Through 802.1x
      12. Proxy Servers
      13. Summary
    2. Setting Up the Mac OS X Firewall
      1. Introducing Network Services
      2. Controlling Services
      3. Configuring the Firewall
      4. Setting Advanced Features
      5. Testing the Firewall
      6. Configuring the Application Layer Firewall from the Command Line
      7. Using Mac OS X to Protect Other Computers
      8. Working from the Command Line
      9. Summary
    3. Securing a Wireless Network
      1. Wireless Network Essentials
      2. Introducing the Apple AirPort
      3. Configuring Older AirPorts
      4. Securing Computer-to-Computer Networks
      5. Wireless Topologies
      6. Wireless Hacking Tools
      7. Cracking WEP Keys
      8. Cracking WPA-PSK
      9. General Safeguards Against Cracking Wireless Networks
      10. Summary
  10. Sharing
    1. File Services
      1. The Risks in File Sharing
      2. Peer-to-Peer vs. Client-Server Environments
      3. File Security Fundamentals
      4. Sharing Protocols: Which One Is for You?
      5. Permission Models
      6. Summary
    2. Web Site Security
      1. Securing Your Web Server
      2. PHP and Security
      3. Taming Scripts
      4. Securing robots.txt
      5. Protecting Directories
      6. Tightening Security with TLS
      7. Implementing Digital Certificates
      8. Protecting the Privacy of Your Information
      9. Securing Files on Your Web Server
      10. Code Injection Attacks
      11. Summary
    3. Remote Connectivity
      1. Remote Management Applications
      2. Using Timbuktu Pro
      3. Using Secure Shell
      4. Using a VPN
      5. Summary
    4. Server Security
      1. Limiting Access to Services
      2. The Root User
      3. Foundations of a Directory Service
      4. Configuring and Managing Open Directory
      5. Web Server Security in Mac OS X Server
      6. File Sharing Security in OS X Server
      7. Wireless Security on OS X Server Using RADIUS
      8. DNS Best Practices
      9. SSL
      10. SSH
      11. Server Admin from the Command Line
      12. iChat Server
      13. Securing the Mail Server
      14. Proxying Services
      15. Summary
  11. Securing the Workplace
    1. Network Scanning, Intrusion Detection, and Intrusion Prevention Tools
      1. Scanning Techniques
      2. Intrusion Detection and Prevention
      3. Security Auditing on the Mac
      4. Summary
    2. Backup and Fault Tolerance
      1. Time Machine
      2. SuperDuper
      3. Backing Up to MobileMe
      4. Retrospect
      5. Using Tape Libraries
      6. Backup vs. Fault Tolerance
      7. Backing up Services
      8. Summary
    3. Forensics
      1. Incident Response
      2. MacForensicsLab
      3. Other GUI Tools for Forensic Analysis
      4. Forensically Acquiring Disk Images
      5. Tools for Safari
      6. Command-Line Tools for Forensic Analysis
      7. Summary
  12. Xsan Security
    1. Metadata
    2. Fibre Channel
    3. Affinities
    4. Permissions
    5. Quotas
    6. Other SAN Solutions
  13. InfoSec Acceptable Use Policy
    1. 1.0 Overview
    2. 2.0 Purpose
    3. 3.0 Scope
    4. 4.0 Policy
    5. 5.0 Enforcement
    6. 6.0 Definitions
    7. 7.0 Revision History
  14. CDSA
  15. Introduction to Cryptography
  16. Index