About the Book
While Mac OS X is becoming more and more stable
with each release, its UNIX/BSD underpinnings have security implications
that ordinary Mac users have never before been faced with. Mac OS X can
be used as both a powerful Internet server, or, in the wrong hands, a very
powerful attack launch point.
Yet most Mac OS X books are generally quite
simplistic -- with the exception of the author's Mac OS X Unleashed, the
first book to address OS X's underlying BSD subsystem.
Maximum Mac OS X Security takes a similar
UNIX-oriented approach, going into significantly greater depth on OS X
security topics:
-
Setup basics, including Airport and network
topology security.
-
User administration and resource management
with NetInfo.
-
Types of attacks, how attacks work, and how
to stop them.
-
Network service security, such as e-mail,
Web, and file sharing.
-
Intrusion prevention and detection, and hands-on
detection tools.
Related
Books
Maximum Security Book Series (Maximum
Security Books)
Table of Contents
Introduction.
I. MAC OS X SECURITY BASICS: LEARNING
TO THINK SECURE.
1. An Introduction to Mac OS X Security.
What Is Security?
Traditional Mac OS Versus Mac OS X.
Understanding the Threat.
Summary.
2. Thinking Secure: Security Philosophy
and Physical Concerns.
Physical System Vulnerabilities.
Server Location and Physical Access.
Server and Facility Location.
Physical Access to the Facility.
Computer Use Policies.
Physical Security Devices.
Network Considerations.
Summary.
3. People Problems: Users, Intruders,
and the World Around Them.
Your Users: People with Whom You Share
Your Computer.
The Bad Guys: People Who Would Do
Your System Harm.
Everybody Else.
Summary.
II. VULNERABILITIES AND EXPOSURES:
HOW THINGS DON¿T WORK, AND WHY.
4. Theft and Destruction of Property:
Data Attacks.
Keeping Data Secret: Cryptography,
Codes, and Ciphers.
Data-Divulging Applications.
Steganography and Steganalysis: Hiding
Data in Plain Sight, and How to Find and Eliminate It.
Summary.
5. Picking Locks: Password Attacks.
Typical Password Mechanisms.
Testing Password Security.
Improving Password Security, and Alternatives
to the Standard Password Mechanisms in Mac OS X.
Summary.
6. Evil Automatons: Malware, Trojans,
Viruses, and Worms.
Defining Software Behavioral Space.
Malware.
Malware Threats.
Solving the Problem.
Summary.
7. Eavesdropping and Snooping for
Information: Sniffers and Scanners.
Eavesdropping and Information Gathering.
Monitoring Traffic with tcpdump.
Sniffing Around with Ettercap.
Network Surveys with NMAP.
Other Information-Gathering Tools.
Ethics of Information Gathering.
Additional Resources.
Summary.
8. Impersonation and Infiltration:
Spoofing.
Spoofing Attacks.
Spoofing Defenses.
Summary.
9. Everything Else.
DoS. Buffer Overflows.
Session Hijacking.
Everything Else.
Additional Resources.
Summary.
III. SPECIFIC MAC OS X RESOURCES
AND HOW TO SECURE THEM: SECURITY TIPS, TRICKS, AND RECIPES.
10. User, Environment, and Application
Security.
Adding a New User.
Using the NetInfo Database to Customize
a User.
Sane User Account Management.
Skeleton User Accounts.
Command-Line Administration Tools.
Restricting User Capabilities.
Summary.
11. Introduction to Mac OS X Network
Services.
What Is a Network Service?
Network Service Vulnerabilities.
Controlling Mac OS X Network Service
Processes.
Protecting inetd with TCP Wrappers.
Increasing Security with xinetd.
Summary.
12. FTP Security.
FTP Vulnerabilities.
Activating the FTP Server.
Configuring the Default lukemftpd
FTP Server.
Setting Up Anonymous FTP.
Replacing the Mac OS X FTP Server.
Alternatives to FTP.
Summary.
13. Mail Server Security.
Basic Vulnerabilities.
Sendmail.
Activating Sendmail on Mac OS X.
Protecting Sendmail.
Updating Your Sendmail Installation.
Postfix as an Alternative.
Installing Postfix.
Protecting Postfix.
Delivering Mail—UW IMAP.
Summary.
14. Remote Access: Secure Shell,
VNC, Timbuktu, Apple Remote Desktop.
What Is SSH?
SSH Vulnerabilities.
Vulnerabilities in telnet and rlogin.
Activating SSH.
Advanced SSH Features.
GUI Access Methods.
Summary.
15. Web Server Security.
Introducing Apache.
SSL-Protected Apache.
Additional Resources.
Summary.
16. File Sharing Security.
Apple Filing Protocol.
WebDAV.
Sharing Files with Samba.
Common Unix Printing System.
Other Resources.
Summary.
IV. PREVENTION, DETECTION, AND REACTION
TO ATTACKS: HEALTH CARE AND CHECKUPS FOR YOUR MACHINE.
17. Blocking Network Access: Firewalls.
Firewalling.
Built-In GUI Mac OS X Firewall Tools.
Built-In Command-Line Mac OS X Firewall
Tools.
Firewall Hardware.
Firewall Resources.
Summary.
18. Alarm Systems: Intrusion Detection.
What Is Intrusion Detection?
Psionic PortSentry.
Snort. IDS Resources.
Summary.
19. Logs and User Activity Accounting.
The Role of Logs.
User Logins and Accounting.
Automated Log Monitoring: LogSentry.
Common System Log Changes.
Summary.
20. Disaster Planning and Recovery.
What Is Disaster Recovery and Why
Do You Need It?
Creating a Disaster Recovery Plan.
Mac OS X Backup Software.
Synchronizing Files: rsync.
Summary.
V. APPENDIXES.
Appendix A. Glossary.
Appendix B. Security Resources.
Appendix C. Secure Web Development.
Web Development Risks.
Protecting Your Web Applications.
Adding and Using suEXEC.
Testing for Known CGI Vulnerabilities:
Whisker.
Additional Resources.
Index. |
