| |  | Copyright |
| | | About the Authors |
| | | Contributing Author |
| | | Acknowledgments |
| | | We Want to Hear from You! |
| | | Reader Services |
| | | Introduction |
| | | Part I. Mac OS X Security Basics: Learning to Think Secure |
| | | | Chapter 1. An Introduction to Mac OS X Security |
| | | | What Is Security? |
| | | | Traditional Mac OS Versus Mac OS X |
| | | | Understanding the Threat |
| | | | Summary |
| |
| | | | Chapter 2. Thinking Secure: Security Philosophy and Physical Concerns |
| | | | Physical System Vulnerabilities |
| | | | Server Location and Physical Access |
| | | | Server and Facility Location |
| | | | Physical Access to the Facility |
| | | | Computer Use Policies |
| | | | Physical Security Devices |
| | | | Network Considerations |
| | | | Summary |
| |
| | | | Chapter 3. People Problems: Users, Intruders, and the World Around Them |
| | | | Your Users: People with Whom You Share Your Computer |
| | | | The Bad Guys: People Who Would Do Your System Harm |
| | | | Everybody Else |
| | | | Summary |
| |
| |
| | | Part II. Vulnerabilities and Exposures: How Things Don't Work, and Why |
| | | | Chapter 4. Theft and Destruction of Property: Data Attacks |
| | | | Keeping Data Secret: Cryptography, Codes, and Ciphers |
| | | | Data-Divulging Applications |
| | | | Steganography and Steganalysis: Hiding Data in Plain Sight, and How to Find and Eliminate It |
| | | | Summary |
| |
| | | | Chapter 5. Picking Locks: Password Attacks |
| | | | Typical Password Mechanisms |
| | | | Testing Password Security |
| | | | Improving Password Security, and Alternatives to the Standard Password Mechanisms in Mac OS X |
| | | | Summary |
| |
| | | | Chapter 6. Evil Automatons: Malware, Trojans, Viruses, and Worms |
| | | | Defining Software Behavioral Space |
| | | | Malware |
| | | | Malware Threats |
| | | | Solving the Problem |
| | | | Summary |
| |
| | | | Chapter 7. Eavesdropping and Snooping for Information: Sniffers and Scanners |
| | | | Eavesdropping and Information Gathering |
| | | | Monitoring Traffic with tcpdump |
| | | | Sniffing Around with Ettercap |
| | | | Network Surveys with NMAP |
| | | | Other Information-Gathering Tools |
| | | | Ethics of Information Gathering |
| | | | Additional Resources |
| | | | Summary |
| |
| | | | Chapter 8. Impersonation and Infiltration: Spoofing |
| | | | Spoofing Attacks |
| | | | Spoofing Defenses |
| | | | Summary |
| |
| | | | Chapter 9. Everything Else |
| | | | DoS |
| | | | Buffer Overflows |
| | | | Session Hijacking |
| | | | Everything Else |
| | | | Additional Resources |
| | | | Summary |
| |
| |
| | | Part III. Specific Mac OS X Resources and How to Secure Them: Security Tips, Tricks, and Recipes |
| | | | Chapter 10. User, Environment, and Application Security |
| | | | Adding a New User |
| | | | Using the NetInfo Database to Customize a User |
| | | | Sane User Account Management |
| | | | Skeleton User Accounts |
| | | | Command-Line Administration Tools |
| | | | Restricting User Capabilities |
| | | | Summary |
| |
| | | | Chapter 11. Introduction to Mac OS X Network Services |
| | | | What Is a Network Service? |
| | | | Network Service Vulnerabilities |
| | | | Controlling Mac OS X Network Service Processes |
| | | | Protecting inetd with TCP Wrappers |
| | | | Increasing Security with xinetd |
| | | | Summary |
| |
| | | | Chapter 12. FTP Security |
| | | | FTP Vulnerabilities |
| | | | Activating the FTP Server |
| | | | Configuring the Default lukemftpd FTP Server |
| | | | Setting Up Anonymous FTP |
| | | | Replacing the Mac OS X FTP Server |
| | | | Alternatives to FTP |
| | | | Summary |
| |
| | | | Chapter 13. Mail Server Security |
| | | | Basic Vulnerabilities |
| | | | Sendmail |
| | | | Activating Sendmail on Mac OS X |
| | | | Protecting Sendmail |
| | | | Updating Your Sendmail Installation |
| | | | Postfix as an Alternative |
| | | | Installing Postfix |
| | | | Protecting Postfix |
| | | | Delivering Mail ”UW IMAP |
| | | | Summary |
| |
| | | | Chapter 14. Remote Access: Secure Shell, VNC, Timbuktu, Apple Remote Desktop |
| | | | What Is SSH? |
| | | | SSH Vulnerabilities |
| | | | Vulnerabilities in telnet and rlogin |
| | | | Activating SSH |
| | | | Advanced SSH Features |
| | | | GUI Access Methods |
| | | | Summary |
| |
| | | | Chapter 15. Web Server Security |
| | | | Introducing Apache |
| | | | SSL-Protected Apache |
| | | | Additional Resources |
| | | | Summary |
| |
| | | | Chapter 16. File Sharing Security |
| | | | Apple Filing Protocol |
| | | | WebDAV |
| | | | Sharing Files with Samba |
| | | | Common Unix Printing System |
| | | | Other Resources |
| | | | Summary |
| |
| |
| | | Part IV. Prevention, Detection, and Reaction to Attacks: Health Care and Checkups for Your Machine |
| | | | Chapter 17. Blocking Network Access: Firewalls |
| | | | Firewalling |
| | | | Built-In GUI Mac OS X Firewall Tools |
| | | | Built-In Command-Line Mac OS X Firewall Tools |
| | | | Firewall Hardware |
| | | | Firewall Resources |
| | | | Summary |
| |
| | | | Chapter 18. Alarm Systems: Intrusion Detection |
| | | | What Is Intrusion Detection? |
| | | | Psionic PortSentry |
| | | | Snort |
| | | | IDS Resources |
| | | | Summary |
| |
| | | | Chapter 19. Logs and User Activity Accounting |
| | | | The Role of Logs |
| | | | User Logins and Accounting |
| | | | Automated Log Monitoring: LogSentry |
| | | | Common System Log Changes |
| | | | Summary |
| |
| | | | Chapter 20. Disaster Planning and Recovery |
| | | | What Is Disaster Recovery and Why Do You Need It? |
| | | | Creating a Disaster Recovery Plan |
| | | | Mac OS X Backup Software |
| | | | Synchronizing Files: rsync |
| | | | Summary |
| |
| |
| | | Part V. Appendixes |
| | | | Appendix A. Glossary |
| | | | Appendix B. Security Resources |
| | | | Appendix C. Secure Web Development |
| | | | Web Development Risks |
| | | | Protecting Your Web Applications |
| | | | Adding and Using suEXEC |
| | | | Testing for Known CGI Vulnerabilities: Whisker |
| | | | Additional Resources |
| |
| |
| | | Index |
