Enterprise Mac Security



Similar documents
Mac" Security Bible. Joe Kissell. Wiley Publishing, Inc. WILEY

Cisco ASA. Administrators

Setup and Configuration Setup Assistant Migration Assistant System Preferences Configuration Profiles System Information

Apple Pro Training Series. OS X Server. Essentials. Arek Dreyer. and Ben Greisler

NETWORK SECURITY HACKS

EUCIP - IT Administrator. Module 5 IT Security. Version 2.0

Networking. Sixth Edition. A Beginner's Guide BRUCE HALLBERG

Network Access Security. Lesson 10

"Charting the Course to Your Success!" MOC D Windows 7 Enterprise Desktop Support Technician Course Summary

NETWORK SECURITY HACKS *

ICANWK602A Plan, configure and test advanced server based security

Review Quiz 1. What is the stateful firewall that is built into Mac OS X and Mac OS X Server?

Joseph Migga Kizza. A Guide to Computer Network Security. 4) Springer

Mac OS X Lion Server

Network Security: A Practical Approach. Jan L. Harrington

CSSIA CompTIA Security+ Domain. Network Security. Network Security. Network Security. Network Security. Network Security

Understanding the Pros and Cons of Combination Networks 7. Acknowledgments Introduction. Establishing the Numbers of Clients and Servers 4

OVERVIEW OF TYPICAL WINDOWS SERVER ROLES

Network Security. Protective and Dependable. 52 Network Security. UTM Content Security Gateway CS-2000

File Services. File Services at a Glance

FBLA Cyber Security aligned with Common Core FBLA: Cyber Security RST RST RST RST WHST WHST

IT Best Practices Audit TCS offers a wide range of IT Best Practices Audit content covering 15 subjects and over 2200 topics, including:

Information Technology Career Cluster Advanced Cybersecurity Course Number:

On-Site Computer Solutions values these technologies as part of an overall security plan:

Medical Networks and Operating Systems

SonicWALL PCI 1.1 Implementation Guide

Active Directory - User, group, and computer account management in active directory on a domain controller. - User and group access and permissions.

Ethical Hacking Course Layout

Certified Secure Computer User

Achieving PCI-Compliance through Cyberoam

Mac OS X. Playing nice in a heterogeneous world PRESENTED BY:Charles Edge 318.COM

Security for Mac Computers in the Enterprise

Security Considerations White Paper for Cisco Smart Storage 1

BlackBerry Enterprise Service 10. Secure Work Space for ios and Android Version: Security Note

Introduction. Assessment Test

QUICK START GUIDE. Cisco C170 Security Appliance

A host-based firewall can be used in addition to a network-based firewall to provide multiple layers of protection.

Introduction to Cyber Security / Information Security

COURSE NAME: INFORMATION SECURITY INTERNSHIP PROGRAM

This chapter describes how to set up and manage VPN service in Mac OS X Server.

Guidelines for Website Security and Security Counter Measures for e-e Governance Project

CRYPTUS DIPLOMA IN IT SECURITY

Build Your Own Security Lab

The Mac OS X Server Essentials v10.5 Exam Skills Assessment Guide

Quick Setup Guide. 2 System requirements and licensing Kerio Technologies s.r.o. All rights reserved.

MOC 6435A Designing a Windows Server 2008 Network Infrastructure

CompTIA Security+ Certification Study Guide. (Exam SYO-301) Glen E. Clarke. Gravu Hill

Security. AAA Identity Management. Premdeep Banga, CCIE # Cisco Press. Vivek Santuka, CCIE # Brandon J. Carroll, CCIE #23837

CYBERTRON NETWORK SOLUTIONS

Implementing and Administering Security in a Microsoft Windows Server 2003 Network

Ethical Hacking and Information Security. Foundation of Information Security. Detailed Module. Duration. Lecture with Hands On Session: 90 Hours

CompTIA Security+ (Exam SY0-410)

Tim Bovles WILEY. Wiley Publishing, Inc.

Getting Started in Red Hat Linux An Overview of Red Hat Linux p. 3 Introducing Red Hat Linux p. 4 What Is Linux? p. 5 Linux's Roots in UNIX p.

Comprehensive Malware Detection with SecurityCenter Continuous View and Nessus. February 3, 2015 (Revision 4)

Network Security and Firewall 1

Sophos for Microsoft SharePoint startup guide

Information Security Measures and Monitoring System at BARC. - R.S.Mundada Computer Division B.A.R.C., Mumbai-85

owncloud Architecture Overview

Security + Certification (ITSY 1076) Syllabus

CS 665: Computer System Security. Network Security. Usage environment. Sources of vulnerabilities. Information Assurance Module

SECURITY BEST PRACTICES FOR CISCO PERSONAL ASSISTANT (1.4X)

Certified Secure Computer User

Mac OS X Server Getting Started For Version 10.5 Leopard

information security and its Describe what drives the need for information security.

Certified Ethical Hacker Exam Version Comparison. Version Comparison

Network Security: 30 Questions Every Manager Should Ask. Author: Dr. Eric Cole Chief Security Strategist Secure Anchor Consulting

More Practical Projects

FRONT RUNNER DIPLOMA PROGRAM INFORMATION SECURITY Detailed Course Curriculum Course Duration: 6 months

Networking. Systems Design and. Development. CRC Press. Taylor & Francis Croup. Boca Raton London New York. CRC Press is an imprint of the

Contents Introduction xxvi Chapter 1: Understanding the Threats: Viruses, Trojans, Mail Bombers, Worms, and Illicit Servers

Eleventh Hour Security+

Codes of Connection for Devices Connected to Newcastle University ICT Network

SSL VPN A look at UCD through the tunnel

Network Security Foundations

Contents. Part 1 SSH Basics 1. Acknowledgments About the Author Introduction

Description: Objective: Attending students will learn:

Directory and File Transfer Services. Chapter 7

1 Introduction to the Axxess Server

Linux Operating System Security

Network Security. Mike Trice, Network Engineer Richard Trice, Systems Specialist Alabama Supercomputer Authority

Information Technology Career Cluster Introduction to Cybersecurity Course Number:

INCIDENT RESPONSE CHECKLIST

EC-Council Network Security Administrator (ENSA) Duration: 5 Days Method: Instructor-Led

Dell KACE K1000 Management Appliance. Administrator Guide. Release 5.3. Revision Date: May 16, 2011

Windows 7, Enterprise Desktop Support Technician

SCP - Strategic Infrastructure Security

User's Manual. Intego Remote Management Console User's Manual Page 1

Firewalls & Intrusion Detection

TEXAS AGRILIFE SERVER MANAGEMENT PROGRAM

Section 12 MUST BE COMPLETED BY: 4/22

CEH Version8 Course Outline

DeployStudio Server Quick Install

MCSA Objectives. Exam : TS:Exchange Server 2007, Configuring

Windows 7, Enterprise Desktop Support Technician Course 50331: 5 days; Instructor-led

CONTENTS. PCI DSS Compliance Guide

The. Mac OS X Snow Leopard. PocketGuide. JeffCarlson. Ginormous knowledge, pocket skeed. Peachpit Press

INFORMATION SECURITY TRAINING CATALOG (2015)

GL-550: Red Hat Linux Security Administration. Course Outline. Course Length: 5 days

Security. TestOut Modules

Transcription:

Enterprise Mac Security Mac OS X Snow Leopard William Barker Beau Hunter Gene Sullivan Apress* TIB/UB Hannover 133 296 016

Contents Contents at a Glance... iv Contents - v About the Authors xv About the Technical Reviewer xvi Acknowledgments xvii Introduction xviii Part I: The Big Picture 1 Chapter 1: Security Quick-Start.- 3 Securing the Mac OS X Defaults 3 Customizing System Preferences 4 Accounts 4 Login Options Passwords 7 Administrators 8 Security Preferences 9 General 9 FileVault 11 Firewall 13 Software Update 14 Bluetooth Security 16 Printer Security 18 Sharing Services 20 Securely Erasing Disks 21 Using Secure Empty Trash 23 Using Encrypted Disk Images 24 Securing Your Keychains 25 Best Practices 27 Chapter 2: Services, Daemons, and Processes 29 Introduction to Services, Daemons, and Processes 29 6 V

mcontents Viewing What's Currently Running 31 The Activity Monitor 31 The ps Command 35 The top Output 36 Viewing Which Daemons Are Running 38 Viewing Which Services Are Available 39 Stopping Services, Daemons, and Processes 40 Stopping Processes 41 Stopping Daemons 43 Types of launchd Services 44 GUI Tools for Managing launchd 44 Changing What Runs At Login 45 Validating the Authenticity of Applications and Services 46 Summary 47 V Chapter 3: Securing User Accounts 49 Introducing Identification, Authentication, and Authorization 49 Managing User Accounts 50 Introducing the Account Types 51 Adding Users to Groups 53 Enabling the Superuser Account 54 Setting Up Parental Controls 56 Managing the Rules Put in Place 62 Advanced Settings in System Preferences 64 Working with Local Directory Services 65 Creating a Second Local Directory Node 68 External Accounts 68 Restricting Access with the Command Line: sudoers 69 Securing Mount Points 74 SUID Applications: Getting into the Nitty-Gritty 75 Creating Files with Permissions 77 Summary 78 Chapter 4: File System Permissions 79 Mac OS File Permissions: A Brief History of Time 80 POSIX Permissions 81 Modes in Detail 82 Inheritance 84 The Sticky Bit 87 The suid/sguid Bits 87 POSIX in Practice 88 Access Control Lists 91 Access Control Entries 91 Effective Permissions 94 ACLs in Practice 95 Administering Permissions 97 Using the Finder to Manage Permissions 103 Using chown and chmod to Manage Permissions 104 The Hard Link Dilemma 107 vi

ft CONTENTS Using mtree to Audit File system Permissions 109 Summary 111 Chapter 5: Reviewing Logs and Monitoring 113 What Exactly Gets Logged? 113 Using Console 115 Viewing Logs 115 Marking Logs 116 Searching Logs 117 Finding Logs 118 Secure.log: Security Information 101 119 appfirewall.log 120 Reviewing User-Specific Logs 121 Reviewing Command-Line Logs 123 Reviewing Library Logs 124 Breaking Down Maintenance Logs 124 daily.out 126 Yasu 127 Weekly.out 128 Monthly.out 129 What to Worry About 129 Virtual Machine and Bootcamp Logs 130 Event Viewer 130 Task Manager 131 Performance Alerts 132 Review Regularly, Review Often 133 Accountability Incident Response 134 Summary 135 Part II: Securing the Ecosystem 137 Chapter 6: Application Signing and Sandbox 139 Application Signing 139 Application Authentication 141 Application Integrity Signature Enforcement in OS X 144 Signing and Verifying Applications 153 Sandbox 156 Sandbox Profiles 158 The Anatomy of a Profile 161 Sandbox Profiles in Action 166 The Seatbelt Framework 178 Summary 180 Chapter 7: Securing Web Browsers and E-mail 183 A Quick Note About Passwords 184 Securing YourWeb Browser 185 Securing Safari 185 Securing Firefox 189 Securely Configuring Mail 196 133 143 Vll

* CONTENTS Using SSL 196 Securing Entourage 199 Fighting Spam 202 Anatomy of Spam 202 Desktop Solutions for Securing E-mail 207 Using PGP to Encrypt Mail Messages -207 GPG Tools 207 Using Mail Server-Based Solutions for Spam and Viruses 207 Kerio 208 Mac OS X Server's Antispam Tools 210 CommuniGate Pro 211 Outsourcing Your Spam and Virus Filtering 212 Summary 213 Chapter 8: Malware Security: Combating Viruses, Worms, and Root Kits 213 Classifying Threats 213 The Real Threat of Malware on the Mac 216 Script Malware Attacks 217 Socially Engineered Malware 218 Using Antivirus Software 218 Built Into Mac OSX 219 Antivirus Software Woes 220 McAfee VirusScan 220 Norton Antivirus 220 ClamXav 221 Sophos Anti-Virus 226 Best Practices for Combating Malware 227 Other Forms of Malware 228 Adware 228 Spyware 228 Root Kits 230 Summary 232 Chapter 9: Encrypting Files and Volumes 233 Using the Keychain to Secure Sensitive Data 234 The Login Keychain 234 Creating Secure Notes and Passwords 237 Managing Multiple Keychains 240 Using Disk Images as Encrypted Data Stores 243 Creating Encrypted Disk Images 245 Interfacing with Disk Images from the Command Line 251 Encrypting User Data Using FileVault 257 Enabling FileVault for a User 260 The FileVault Master Password 263 Limitations of Sparse Images and Reclaiming Space 264 Full Disk Encryption 266 Check Point 267 PGP Encryption 269 uiii

mcontents TrueCrypt 270 WinMagic SecureDoc 271 Summary 272 Part Hi: Network Traffic 275 SChapter 10: Securing Network Traffic 277 Understanding TCP/IP 277 Types of Networks 280 Peer-to-Peer 280 Considerations when Configuring Peer-to-Peer Networks 281 Client-Server Networks 282 Understanding Routing 283 Packets 283 Port Management 285 DMZ and Subnets 286 Spoofing 287 Stateful Packet Inspection 287 Data Packet Encryption 288 Understanding Switches and Hubs 288 Managed Switches 289 Restricting Network Services 291 Security Through 802.1x 292 Proxy Servers 293 Squid 295 Summary 297 Chapter 11: Setting Up the Mac OS X Firewall 299 Introducing Network Services 300 Controlling Services 301 Configuring the Firewall 304 Working with the Firewall in Leopard and Snow Leopard 304 Setting Advanced Features 307 Blocking Incoming Connections 307 Allowing Signed Software to Receive Incoming Connections 308 Going Stealthy 309 Testing the Firewall 310 Configuring the Application Layer Firewall from the Command Line 312 Using Mac OS X to Protect Other Computers 313 Enabling Internet Sharing 313 Working from the Command Line 315 Getting More Granular Firewall Control 315 Using ipfw 317 Using Dummynet 321 Summary 324 Chapter 12: Securing a Wireless Network 325 Wireless Network Essentials 325 Introducing the Apple AirPort 327 Configuring Older AirPorts 328 AirPort Utility 330 IX

CONTENTS Configuring the Current AirPorts 330 Limiting the DHCP Scope 333 Hardware Filtering 334 AirPort Logging 336 Hiding a Wireless Network 337 Base Station Features in the AirPort Utility 338 The AirPort Express 339 Wireless Security on Client Computers 339 Securing Computer-to-Computer Networks 340 Wireless Topologies 341 Wireless Hacking Tools 342 KisMAC 342 Detecting Rogue Access Points 343 istumbler and Mac Stumbler 344 MacStumbler 346 Ettercap 347 EtherPeek 347 Cracking WEP Keys 347 Cracking WPA-PSK 348 General Safeguards Against Cracking Wireless Networks 349 Summary 350 Part IV: Sharing 351 Chapter 13: File Services 353 The Risks in File Sharing 353 Peer-to-Peer vs. Client-Server Environments 354 File Security Fundamentals 354 LKDC 355 Using POSIX Permissions 355 Getting More out of Permissions with Access Control Lists 356 Sharing Protocols: Which One Is for You? 357 Apple Filing Protocol 357 Setting Sharing Options.. 359 Samba 359 Using Apple AirPort to Share Files 362 Third-Party Problem Solver: DAVE 366 FTP 372 Permission Models 374 Summary 375 Chapter 14: Web Site Security 377 Securing Your Web Server 377 Introducing the httpd Daemon 378 Removing the Default Files 379 Changing the Location of Logs 379 Restricting Apache Access 380 Run on a Nonstandard Port 380 Use a Proxy Server 381 Disable CGI 381 X

CONTENTS Disable Unnecessary Services in Apache 382 PHP and Security 382 Securing PHP 383 Tightening PHP with Input Validation 383 Taming Scripts 384 Securing Your Perl Scripts 384 Securing robots.txt 386 Blocking Hosts Based on robots.txt 387 Protecting Directories 388 Customizing Error Codes 389 Using.htaccess to Control Access to a Directory 389 Tightening Security with TLS 391 Implementing Digital Certificates 392 Protecting the Privacy of Your Information 392 Protecting from Google? 394 Enumerating a Web Server 395 Securing Files on Your Web Server 396 Disabling Directory Listings 396 Uploading Files Securely 397 Code Injection Attacks 398 SQL Injection 398 Cross Site Scripting 398 Protecting from Code Injection Attacks 399 Summary 399 Chapter 15: Remote Connectivity 401 Remote Management Applications 402 Apple Remote Desktop 402 Screen Sharing 402 Implementing Back to My Mac 404 Configuring Remote Management 405 Using Timbuktu Pro 408 Installing Timbuktu Pro 408 Adding New Users 409 Testing the New Account 410 Using Secure Shell 412 Enabling SSH 412 Further Securing SSH 413 Using a VPN 414 Connecting to Your Office VPN 414 Setting UpL2TP 415 Setting Up PPTP 416 Connecting to a Cisco VPN 417 PPP + SSH = VPN 419 Summary Chapter 16: Server Security 423 Limiting Access to Services 423 The Root User 425 Xi 422

CONTENTS Foundations of a Directory Service 425 Defining LDAP 425 Kerberos 426 Configuring and Managing Open Directory 428 Securing LDAP: Enabling SSL 431 Securing Open Directory Accounts by Enabling Password Policies 432 Securing Open Directory Using Binding Policies 435 Securing Authentication with PasswordServer 437 Securing LDAP by Preventing Anonymous Binding 439 Securely Binding Clients to Open Directory 441 Further Securing LDAP: Implementing Custom LDAP ACLs 444 Creating Open Directory Users and Groups 444 Securing Kerberos from the Command Line 448 Managed Preferences 449 Securing Managed Preferences 451 Providing Directory Services for Windows Clients 453 Active Directory Integration 454 Web Server Security in Mac OS X Server 459 Using Realms 459 SSL Certs on Web Servers 461 File Sharing Security in OS X Server 463 A Word About File Size 465 Securing NFS 465 AFP 466 SMB 470 FTP 471 Wireless Security on OS X Server Using RADIUS 471 DNS Best Practices 473 SSL 474 Reimporting Certificates 475 SSH 475 Server Admin from the Command Line 477 ichat Server 477 Securing the Mail Server 478 Limiting the Protocols on Your Server 479 Proxying Services 480 Summary 481 Part V: Securing the Workplace 483 Chapter 17: Network Scanning, Intrusion Detection, and Intrusion Prevention Tools 485 Scanning Techniques 485 Fingerprinting 486 Enumeration 488 Vulnerability and Port Scanning 489 Intrusion Detection and Prevention 492 Host Intrusion Detection System 493 Network Intrusion Detection 494 xii

CONTENTS Security Auditing on the Mac 497 Nessus 497 Metasploit 501 SAINT 503 Summary 504 3Chapter 18: Backup and Fault Tolerance 505 Time Machine 506 Restoring Files from Time Machine 510 Using a Network Volume for Time Machine 511 SuperDuper 512 Backing Up to MobileMe 513 Retrospect 517 Checking Your Retrospect Backups 528 Using Tape Libraries 530 Backup vs. Fault Tolerance 531 Fault-Tolerant Scenarios 531 Round-Robin DNS 532 Load-Balancing Devices 533 Cold Sites 533 Hot Sites 534 Backing up Services 534 Summary 535 Chapter 19: Forensics 537 Incident Response 538 MacForensicsLab 539 Installing MacForensicsLab 539 Using MacForensicsLab 544 Image Acquisition 546 Analysis 548 Salvage 551 Performing an Audit 554 Reviewing the Case 554 Reporting 555 Other GUI Tools for Forensic Analysis 556 Forensically Acquiring Disk Images 557 Tools for Safari 557 Command-Line Tools for Forensic Analysis 558 Summary 558 Appendix A: Xsan Security 559 Metadata 560 Fibre Channel 561 Affinities 561 Permissions 561 Quotas 562 Other SAN Solutions 562 Appendix B: InfoSec Acceptable Use Policy 563 1.0 Overview 563 Xlii

CONTENTS 2.0 Purpose 563 3.0 Scope 564 4.0 Policy 564 4.1 General Use and Ownership 564 4.2 Security and Proprietary Information 565 4.3 Unacceptable Use 566 4.4 Blogging 568 5.0 Enforcement 569 6.0 Definitions 569 Term Definition 569 7.0 Revision History 569 I Appendix C: CDSA 571 lappendix D: Introduction to Cryptography 573!Index 577 xiv

2024 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information