Foundations of Mac OS X Leopard Security

Book description

Foundations of Mac OS X Leopard Security is written in part as a companion to the SANS Institute course for Mac OS X. It contains detailed Mac OS X security information, but also walkthroughs on securing systems. By using the SANS Institute course as a sister to the book, the focus includes both the beginning home user and the seasoned security professional not accustomed to the Mac, and allows this title to establish the "best practices" for Mac OS X for a wide audience. Additionally, the authors of the book are seasoned Mac and security professionals, having built many of the largest network infrastructures for Apple and spoken at both DefCon and Black Hat on OS X security.

What you'll learn

  • Security overview

  • Walkthroughs to secure systems

  • Walkthroughs and suggestions for third–party applications on systems

  • Mac forensics

  • Mac hacking

  • Apple wireless security

  • Mac OS X security

Who this book is for

A wide audience of users, power users, and administrators who wish to make sure their Mac platform is secure.

Table of contents

  1. Title Page
  2. Dedication
  3. Contents at a Glance
  4. Contents
  5. About the Authors
  6. About the Technical Reviewer
  7. Acknowledgments
  8. Introduction
    1. Security Beginnings: Policies
    2. A Word About Network Images
    3. Risk Management
    4. How This Book Is Organized
  9. PART 1: The Big Picture
    1. CHAPTER 1: Security Quick-Start
      1. Securing the Mac OS X Defaults
      2. Customizing System Preferences
      3. Securely Erasing Disks
      4. Using the Secure Empty Trash Feature
      5. Using Encrypted Disk Images
      6. Securing Your Keychains
      7. Best Practices
    2. CHAPTER 2: Security Fundamentals
      1. What Can Be Targeted?
      2. The Accidental Mac Administrator
      3. Kinds of Attacks
      4. OS 9 vs. OS X
      5. Darwin vs. Aqua
      6. Unix Security
      7. In the Beginning...the Command Line
      8. Physical Security
      9. Firmware and Firmware Password Protection
      10. Multifactor Authentication
      11. Keeping Current: The Cat-and-Mouse Game
      12. The NSA and the Mac
      13. A Word About Parallels and Boot Camp
    3. CHAPTER 3: Securing User Accounts
      1. Introducing Authentication, Authorization, and Identification
      2. Managing User Accounts
      3. Restricting Access with the Command Line: sudoers
      4. Securing Mount Points
      5. SUID Applications: Getting into the Nitty-Gritty
      6. Creating Files with Permissions
  10. PART 2: Security Essentials
    1. CHAPTER 4: Malware Security: Combating Viruses, Worms, and Root Kits
      1. Classifying Threats
      2. Using Antivirus Software
      3. Other Forms of Malware
    2. CHAPTER 5: Securing Web Browsers and E-mail
      1. A Quick Note About Passwords
      2. Securing Your Web Browser
      3. Configuring Mail Securely
      4. Fighting Spam
      5. Using PGP to Encrypt Mail Messages
      6. Using Mail Server–Based Solutions for Spam and Viruses
      7. Outsourcing Your Spam and Virus Filtering
    3. CHAPTER 6: Reviewing Logs and Monitoring
      1. What Exactly Gets Logged?
      2. Using Console
      3. Finding Logs
      4. Reviewing User-Specific Logs
      5. Reviewing Library Logs
      6. Breaking Down Maintenance Logs
      7. What to Worry About
      8. Parallels and Bootcamp Logs
      9. Review Regularly, Review Often
  11. PART 3: Network Security
    1. CHAPTER 7: Securing Network Traffic
      1. Understanding TCP/IP
      2. Types of Networks
      3. Understanding Routing
      4. Understanding Switches and Hubs
      5. Restricting Network Services
      6. Security Through 802.1x
      7. Proxy Servers
      8. A Layered Approach
    2. CHAPTER 8: Setting Up the Mac OS X Firewall
      1. Introducing Network Services
      2. Controlling Services
      3. Configuring the Firewall
      4. Setting Advanced Features
      5. Testing the Firewall
      6. Using Mac OS X to Protect Other Computers
      7. Using Third-Party Firewalls
      8. Working from the Command Line
    3. CHAPTER 9: Securing a Wireless Network
      1. Wireless Network Essentials
      2. Introducing Apple AirPort
      3. Configuring Older AirPorts
      4. Configuring Current AirPorts
      5. Securing Computer-to-Computer Networks
      6. Wireless Topologies
      7. Wireless Hacking Tools
      8. Cracking WEP Keys
      9. Cracking WPA-PSK
      10. General Safeguards Against Cracking Wireless Networks
  12. PART 4: Sharing
    1. CHAPTER 10: File Services
      1. The Risks in File Sharing
      2. Peer-to-Peer vs. Client-Server Environments
      3. Using POSIX Permissions
      4. Getting More Out of Permissions with Access Control Lists
      5. Sharing Protocols: Which One Is for You?
      6. Permission Models
    2. CHAPTER 11: Web Site Security
      1. Securing Your Web Server
      2. Managing httpd
      3. PHP and Security
      4. Taming Scripts
      5. Securing robots.txt
      6. Protecting Directories
      7. Tightening Security with SSL
      8. Implementing Digital Certificates
      9. Protecting the Privacy of Your Information
      10. Securing Files on Your Web Server
      11. Cross-Site Scripting Attacks (XSS)
    3. CHAPTER 12: Remote Connectivity
      1. Built-in Remote Management Applications
      2. Timbuktu
      3. Using Secure Shell
      4. Using a VPN
    4. CHAPTER 13: Server Security
      1. Limiting Access to Services
      2. The Root User
      3. Foundations of a Directory Service
      4. Configuring and Managing Open Directory
      5. Web Server Security in OS X Server
      6. File Sharing Security in OS X Server
      7. Wireless Security on OS X Server Using RADIUS
      8. DNS Best Practices
      9. SSL
      10. SSHD
      11. Server Admin from the Command Line
      12. iChat Server
      13. Securing the Mail Server
  13. PART 5: Workplace Security
    1. CHAPTER 14: Network Scanning, Intrusion Detection, and Intrusion Prevention Tools
      1. Scanning Techniques
      2. Intrusion Detection and Prevention
      3. Security Auditing on the Mac
    2. CHAPTER 15: Backup and Fault Tolerance
      1. Time Machine
      2. SuperDuper
      3. Backing Up to .Mac
      4. Retrospect
      5. Using Tape Libraries
      6. Backup vs. Fault Tolerance
    3. CHAPTER 16: Forensics
      1. Incident Response
      2. MacForensicsLab
      3. Other GUI Tools for Forensic Analysis
      4. Command-Line Tools for Forensic Analysis
  14. APPENDIX A: Xsan Security
    1. Metadata
    2. Fibre Channel
    3. Affinities
    4. Protocol Issues
    5. Quotas
    6. Other SAN Solutions
  15. APPENDIX B: InfoSec Acceptable Use Policy
    1. 1.0 Overview
    2. 2.0 Purpose
    3. 3.0 Scope
    4. 4.0 Policy
    5. 5.0 Enforcement
    6. 6.0 Definitions
    7. 7.0 Revision History
  16. APPENDIX C: Secure Development
  17. APPENDIX D: Introduction to Cryptography
  18. Index

Product information

  • Title: Foundations of Mac OS X Leopard Security
  • Author(s): Charles S. Edge Jr.
  • Release date: April 2008
  • Publisher(s): Apress
  • ISBN: 9781590599891