Tài liệu hạn chế xem trước, để xem đầy đủ mời bạn chọn Tải xuống
1
/ 487 trang
THÔNG TIN TÀI LIỆU
Thông tin cơ bản
Định dạng
Số trang
487
Dung lượng
25,1 MB
Nội dung
this print for content only—size & color not accurate spine = 0.9237" 488 page count
Books for professionals By professionals
®
Foundations ofMacOSXLeopard Security
Dear Reader,
As instructors, course authors, systems administrators, and consultants for Mac
networks big and small, we have run into hundreds ofsecurity problems at our
clients and discussed them with our students for years. We have watched the
perception ofOSXsecurity progress from being considered hogwash that only
snake-oil salesmen would sell to something that is a legitimate concern that we
all must consider. We have watched exploits and new vulnerabilities come out
and even discovered some of our own. And now we want to share what we have
learned over the years with you.
By default, the Mac is a pretty darn secure computer. But many of the things
you do to the computer after you turn it on for the first time can increase or
decrease how secure it is. This book is about security from the perspective of
a systems administrator, or a Mac user, once you turn on that computer. For
some, this means securing your personal machine, your home network, or
your small-business network from attacks. For others, it means securing your
enterprise from corporate miscreants. Whatever environment you are pro-
tecting, the principals are the same: provide the least amount of access that
is required while maintaining a satisfactory measure of usability. Through
detailed descriptions, step-by-step instructions, and command-line examples,
we present best practices for the home user and the enterprise security architect.
Some of the examples and walk-throughs in this book come from our work in
the field, perfecting hundreds of such procedures over the years. Some of the
examples, though, are new, written just for this book, based on our feedback
from the community.
Once you are finished reading this book, you will have a clearer understanding
about the challenges that you will face as the person responsible for maintaining
the network.
We hope you will find that this book helps you solve those everyday security
challenges and helps give you a new level of understanding about security and
the Mac.
Charles Edge, William Barker, and Zack Smith
Charles S. Edge, Jr.,
author of
Mac Tiger Server
Little Black Book
US $39.99
Shelve in
Mac
User level:
Beginner–Intermediate
Edge, Jr.,
Barker,
Smith
Mac OSXLeopard Security
The eXperT’s Voice
®
in Macos X
Foundations of
Mac OS X
Leopard Security
cyan
MaGenTa
yelloW
Black
panTone 123 c
Charles S. Edge, Jr.,
William Barker, and Zack Smith
Companion
eBook Available
www.apress.com
Companion eBook
See last page for details
on $10 eBook version
ISBN-13: 978-1-59059-989-1
ISBN-10: 1-59059-989-6
9 781590 599891
5 3 9 9 9
Mac OSX client and server security,
from the home to the enterprise
RELATED TITLES
Foundations of
[...]... deeper into the specifics of most settings To get a more thorough understanding of MacOSX security and the tools you can use to secure your Mac, we urge you to keep reading beyond the basics Securing the MacOSX Defaults MacOS X, because it is built on a Unix architecture, is a fairly secure and stable operating system right out of the box There is a commonly held belief that the Mac can be further secured... some of the annoying issues that pop up on networks because of unauthorized (and often accidental) user behavior Chapter 8, “Setting Up the MacOSX Firewall”: The firewall option in MacOSX is just a collection of check boxes Or is it? We discuss using and securing the MacOSX software firewall, and we go into further detail on configuring this option from the command line We also discuss some of. .. that are available as well as those that are crucial to securing Mac OSX Server We also cover many of the security options from MacOSX that should specifically not be used in Mac OSX Server Included with server security is directory services, which are critical to expanding technology infrastructures By interconnecting all the hosts of a network, you are able to better control the settings and accounts... safeguarding customer information and imposes penalties of up to $100,000 per violation xxiii Edge_Barker_9896FRONT.fm Page xxiv Tuesday, April 1, 2008 9:47 AM xxiv ■I N T R O D U C T I O N Everyone in an organization should be concerned about security policies because everyone is affected to some extent Users are often affected the most, because policies often consist of a set of rules that regulate their behavior,... with other resources to look to if you require further security for your web server xxvii Edge_Barker_9896FRONT.fm Page xxviii Tuesday, April 1, 2008 9:47 AM xxviii ■I N T R O D U C T I O N Chapter 12, “Remote Connectivity”: One of the most dangerous aspects of administration is the exposure of the very tools you use to access systems remotely Many of these programs do not always need to be running and... true in most side-by-side analyses ofsecurity features right out of the box, what this isn’t taking into account is that security tends to get overlooked once the machine starts to be configured for its true purposes For example, when sharing is enabled or remote control applications are installed, then a variety ofsecurity threats are often established—no matter what the platform is In the security. .. complex world of information security Chapter 3, “Securing User Accounts”: MacOSX is a multiuser operating system One of the most important security measures is to understand the accounts on your system and when you are escalating privileges for accounts This chapter explains how to properly secure these users and groups Part 2: Security Essentials Part 2 gets down to some of the essential elements of. .. taught Apple’s Security Best Practices class, as well as many other system administrator–level classes (such as Mac OSX Deployment and MacOSX Directory Services) Zack has been a speaker at Macworld San Francisco as well as many other smaller venues such as IT user groups Zack is also the author of a set of open source IT administration software and scripts and has long-term plans of being a full-time... much like MacOSX Client, without many of the bells and whistles and with a more optimized system for sharing resources This is true with many server-based operating systems Because a Mac OSX server fills a different role in a networked environment, it should be treated differently from MacOSX Client For this reason, we cover many of the security options that are available as well as those that are... mike@unitedlemur.org xix Edge_Barker_9896FRONT.fm Page xx Tuesday, April 1, 2008 9:47 AM Edge_Barker_9896FRONT.fm Page xxi Tuesday, April 1, 2008 9:47 AM Acknowledgments I ’d like to thank all the folks at Apple for the hard work they have put into the various flavors ofOSX and into educating the Mac community on their fantastic product, in particular, Joel Rennich, Schoun Regan, Josh Wisenbaker, Greg . $39.99 Shelve in Mac User level: Beginner–Intermediate Edge, Jr., Barker, Smith Mac OS X Leopard Security The eXperT’s Voice ® in Mac os X Foundations of Mac OS X Leopard Security cyan MaGenTa . 599891 5 3 9 9 9 Mac OS X client and server security, from the home to the enterprise RELATED TITLES Foundations of