Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Risk

6/4/2008
11:17 PM
George V. Hulme
George V. Hulme
Commentary
50%
50%

OS X Lockdown

I just finished reviewing Apple's Mac OS X Security Configuration for Version 10.5 Leopard guide. Anyone who is interested in keeping the 10.5 installation secure should take a look.

I just finished reviewing Apple's Mac OS X Security Configuration for Version 10.5 Leopard guide. Anyone who is interested in keeping the 10.5 installation secure should take a look.The 240-page PDF is more of a book than a guide. And while it's aimed at the more technically inclined, there is some good advice for the average user. The guide is available here. If you haven't made the move up from Tiger or Panther, those guides also are available.

The guide starts off with an overview of the Mac OS X security architecture: open source kernel, secure default settings, access permissions, and so forth. Some useful tips for those new to the Mac include chapter 2, which covers in detail a secure OS X installation. There's also a number of useful security checklists on page 207, Appendix A. While some of the advice makes use of the OS command line, average users don't need to, and shouldn't, go that deep. There's plenty you can do to harden the average user's system from the standard GUI.

For instance, the guide advises using a removable storage device when it comes to managing passwords in the keychain. I use a USB for my keychain, and I keep a backup handy as well.

Since so many attacks today are aimed at the application level, the following instructions from the guide are good advice for anyone:

  • Accept only applications from known and trusted sources.

  • Run an antivirus program if you find suspicious files or applications, or if you notice unusual behavior on your computer.

  • To reduce the amount of exposure to harmful applications or files, limit the number of administrator accounts you create. Consider creating a user account for your daily work and then use an administrator account only when you need to install software or administer accounts.

  • If you enabled the root user and you don't need it, disable it.

  • Mac OS X comes equipped with a number of great security tools, such as the Application Firewall, FileVault for encryption, and easily establishing administrator and nonadministrator accounts. This guide explains it all.
     

    Recommended Reading:

    Comment  | 
    Print  | 
    More Insights
    Comments
    Oldest First  |  Newest First  |  Threaded View
    COVID-19: Latest Security News & Commentary
    Dark Reading Staff 8/3/2020
    Pen Testers Who Got Arrested Doing Their Jobs Tell All
    Kelly Jackson Higgins, Executive Editor at Dark Reading,  8/5/2020
    Browsers to Enforce Shorter Certificate Life Spans: What Businesses Should Know
    Kelly Sheridan, Staff Editor, Dark Reading,  7/30/2020
    Register for Dark Reading Newsletters
    White Papers
    Video
    Cartoon Contest
    Current Issue
    Special Report: Computing's New Normal, a Dark Reading Perspective
    This special report examines how IT security organizations have adapted to the "new normal" of computing and what the long-term effects will be. Read it and get a unique set of perspectives on issues ranging from new threats & vulnerabilities as a result of remote working to how enterprise security strategy will be affected long term.
    Flash Poll
    The Changing Face of Threat Intelligence
    The Changing Face of Threat Intelligence
    This special report takes a look at how enterprises are using threat intelligence, as well as emerging best practices for integrating threat intel into security operations and incident response. Download it today!
    Twitter Feed
    Dark Reading - Bug Report
    Bug Report
    Enterprise Vulnerabilities
    From DHS/US-CERT's National Vulnerability Database
    CVE-2020-15106
    PUBLISHED: 2020-08-05
    In etcd before versions 3.3.23 and 3.4.10, a large slice causes panic in decodeRecord method. The size of a record is stored in the length field of a WAL file and no additional validation is done on this data. Therefore, it is possible to forge an extremely large frame size that can unintentionally ...
    CVE-2020-16192
    PUBLISHED: 2020-08-05
    LimeSurvey 4.3.2 allows reflected XSS because application/controllers/LSBaseController.php lacks code to validate parameters.
    CVE-2020-17364
    PUBLISHED: 2020-08-05
    USVN (aka User-friendly SVN) before 1.0.9 allows XSS via SVN logs.
    CVE-2020-4481
    PUBLISHED: 2020-08-05
    IBM UrbanCode Deploy (UCD) 6.2.7.3, 6.2.7.4, 7.0.3.0, and 7.0.4.0 is vulnerable to an XML External Entity Injection (XXE) attack when processing XML data. A remote attacker could exploit this vulnerability to expose sensitive information or consume memory resources. IBM X-Force ID: 181848.
    CVE-2020-5608
    PUBLISHED: 2020-08-05
    CAMS for HIS CENTUM CS 3000 (includes CENTUM CS 3000 Small) R3.08.10 to R3.09.50, CENTUM VP (includes CENTUM VP Small, Basic) R4.01.00 to R6.07.00, B/M9000CS R5.04.01 to R5.05.01, and B/M9000 VP R6.01.01 to R8.03.01 allows a remote unauthenticated attacker to bypass authentication and send altered c...