January 2010
Beginner to intermediate
936 pages
27h 45m
English
Content preview from Mac® Security Bible
Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
O’Reilly covers everything we've got, with content to help us build a world-class technology community, upgrade the capabilities and competencies of our teams, and improve overall team performance as well as their engagement.I wanted to learn C and C++, but it didn't click for me until I picked up an O'Reilly book. When I went on the O’Reilly platform, I was astonished to find all the books there, plus live events and sandboxes so you could play around with the technology.I’ve been on the O’Reilly platform for more than eight years. I use a couple of learning platforms, but I'm on O'Reilly more than anybody else. When you're there, you start learning. I'm never disappointed.I'm always learning. So when I got on to O'Reilly, I was like a kid in a candy store. There are playlists. There are answers. There's on-demand training. It's worth its weight in gold, in terms of what it allows me to do.
20.4. Protecting Your Macs from Network Scanning
All right, you've mapped your network and found a list of IP addresses —and then you've scanned the ports on each of those IP addresses and found a bunch of open ports. What does it all mean, and should you worry that other people can get that same information? If so, what can you do about it?
The first thing to remember is that more information is available about a network when scanned from the inside than from the outside. So, if you performed your scans while on your local network, it pays to try them again from outside your network. Depending on what sort of router, gateway, and/or firewall you have between your network and the outside world, you may have little or nothing to worry about. For example, if you use a NAT router, such that none of your Macs have a publicly routable IP address, network mapping is extremely difficult (although not necessarily impossible) to perform from outside your network. Even if an attacker were able to determine a Mac's private IP address, port scanning would almost certainly fail —unless the Mac were configured in your gateway as a DMZ host or you've configured port forwarding to provide access to particular ports on that Mac from the outside.
Second, even the fact that someone has found an open port on a valid IP address with a known operating system, version, and application doesn't necessarily mean you're in danger. It only means there's a potential path by which an exploit could be delivered ...
Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
and much more.
Read now
Unlock full access
More than 5,000 organizations count on O’Reilly
O’Reilly covers everything we've got, with content to help us build a world-class technology community, upgrade the capabilities and competencies of our teams, and improve overall team performance as well as their engagement.Julian F.
I wanted to learn C and C++, but it didn't click for me until I picked up an O'Reilly book. When I went on the O’Reilly platform, I was astonished to find all the books there, plus live events and sandboxes so you could play around with the technology.Addison B.
I’ve been on the O’Reilly platform for more than eight years. I use a couple of learning platforms, but I'm on O'Reilly more than anybody else. When you're there, you start learning. I'm never disappointed.Amir M.
I'm always learning. So when I got on to O'Reilly, I was like a kid in a candy store. There are playlists. There are answers. There's on-demand training. It's worth its weight in gold, in terms of what it allows me to do.