Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Risk

6/4/2008
11:17 PM
George V. Hulme
George V. Hulme
Commentary
50%
50%

OS X Lockdown

I just finished reviewing Apple's Mac OS X Security Configuration for Version 10.5 Leopard guide. Anyone who is interested in keeping the 10.5 installation secure should take a look.

I just finished reviewing Apple's Mac OS X Security Configuration for Version 10.5 Leopard guide. Anyone who is interested in keeping the 10.5 installation secure should take a look.The 240-page PDF is more of a book than a guide. And while it's aimed at the more technically inclined, there is some good advice for the average user. The guide is available here. If you haven't made the move up from Tiger or Panther, those guides also are available.

The guide starts off with an overview of the Mac OS X security architecture: open source kernel, secure default settings, access permissions, and so forth. Some useful tips for those new to the Mac include chapter 2, which covers in detail a secure OS X installation. There's also a number of useful security checklists on page 207, Appendix A. While some of the advice makes use of the OS command line, average users don't need to, and shouldn't, go that deep. There's plenty you can do to harden the average user's system from the standard GUI.

For instance, the guide advises using a removable storage device when it comes to managing passwords in the keychain. I use a USB for my keychain, and I keep a backup handy as well.

Since so many attacks today are aimed at the application level, the following instructions from the guide are good advice for anyone:

  • Accept only applications from known and trusted sources.

  • Run an antivirus program if you find suspicious files or applications, or if you notice unusual behavior on your computer.

  • To reduce the amount of exposure to harmful applications or files, limit the number of administrator accounts you create. Consider creating a user account for your daily work and then use an administrator account only when you need to install software or administer accounts.

  • If you enabled the root user and you don't need it, disable it.

  • Mac OS X comes equipped with a number of great security tools, such as the Application Firewall, FileVault for encryption, and easily establishing administrator and nonadministrator accounts. This guide explains it all.
     

    Recommended Reading:

    Comment  | 
    Print  | 
    More Insights
    Comments
    Newest First  |  Oldest First  |  Threaded View
    COVID-19: Latest Security News & Commentary
    Dark Reading Staff 7/13/2020
    Omdia Research Launches Page on Dark Reading
    Tim Wilson, Editor in Chief, Dark Reading 7/9/2020
    Russian Cyber Gang 'Cosmic Lynx' Focuses on Email Fraud
    Kelly Sheridan, Staff Editor, Dark Reading,  7/7/2020
    Register for Dark Reading Newsletters
    White Papers
    Video
    Cartoon
    Current Issue
    Special Report: Computing's New Normal, a Dark Reading Perspective
    This special report examines how IT security organizations have adapted to the "new normal" of computing and what the long-term effects will be. Read it and get a unique set of perspectives on issues ranging from new threats & vulnerabilities as a result of remote working to how enterprise security strategy will be affected long term.
    Flash Poll
    The Threat from the Internetand What Your Organization Can Do About It
    The Threat from the Internetand What Your Organization Can Do About It
    This report describes some of the latest attacks and threats emanating from the Internet, as well as advice and tips on how your organization can mitigate those threats before they affect your business. Download it today!
    Twitter Feed
    Dark Reading - Bug Report
    Bug Report
    Enterprise Vulnerabilities
    From DHS/US-CERT's National Vulnerability Database
    CVE-2020-14298
    PUBLISHED: 2020-07-13
    The version of docker as released for Red Hat Enterprise Linux 7 Extras via RHBA-2020:0053 advisory included an incorrect version of runc missing the fix for CVE-2019-5736, which was previously fixed via RHSA-2019:0304. This issue could allow a malicious or compromised container to compromise the co...
    CVE-2020-15050
    PUBLISHED: 2020-07-13
    An issue was discovered in the Video Extension in Suprema BioStar 2 before 2.8.2. Remote attackers can read arbitrary files from the server via Directory Traversal.
    CVE-2020-10987
    PUBLISHED: 2020-07-13
    The goform/setUsbUnload endpoint of Tenda AC15 AC1900 version 15.03.05.19 allows remote attackers to execute arbitrary system commands via the deviceName POST parameter.
    CVE-2020-10988
    PUBLISHED: 2020-07-13
    A hard-coded telnet credential in the tenda_login binary of Tenda AC15 AC1900 version 15.03.05.19 allows unauthenticated remote attackers to start a telnetd service on the device.
    CVE-2020-10989
    PUBLISHED: 2020-07-13
    An XSS issue in the /goform/WifiBasicSet endpoint of Tenda AC15 AC1900 version 15.03.05.19 allows remote attackers to execute malicious payloads via the WifiName POST parameter.