| | Copyright |
| | About the Authors |
| | Contributing Author |
| | Acknowledgments |
| | We Want to Hear from You! |
| | Reader Services |
| | Introduction |
| | Part I. Mac OS X Security Basics: Learning to Think Secure |
| | | Chapter 1. An Introduction to Mac OS X Security |
| | | What Is Security? |
| | | Traditional Mac OS Versus Mac OS X |
| | | Understanding the Threat |
| | | Summary |
|
| | | Chapter 2. Thinking Secure: Security Philosophy and Physical Concerns |
| | | Physical System Vulnerabilities |
| | | Server Location and Physical Access |
| | | Server and Facility Location |
| | | Physical Access to the Facility |
| | | Computer Use Policies |
| | | Physical Security Devices |
| | | Network Considerations |
| | | Summary |
|
| | | Chapter 3. People Problems: Users, Intruders, and the World Around Them |
| | | Your Users: People with Whom You Share Your Computer |
| | | The Bad Guys: People Who Would Do Your System Harm |
| | | Everybody Else |
| | | Summary |
|
|
| | Part II. Vulnerabilities and Exposures: How Things Don't Work, and Why |
| | | Chapter 4. Theft and Destruction of Property: Data Attacks |
| | | Keeping Data Secret: Cryptography, Codes, and Ciphers |
| | | Data-Divulging Applications |
| | | Steganography and Steganalysis: Hiding Data in Plain Sight, and How to Find and Eliminate It |
| | | Summary |
|
| | | Chapter 5. Picking Locks: Password Attacks |
| | | Typical Password Mechanisms |
| | | Testing Password Security |
| | | Improving Password Security, and Alternatives to the Standard Password Mechanisms in Mac OS X |
| | | Summary |
|
| | | Chapter 6. Evil Automatons: Malware, Trojans, Viruses, and Worms |
| | | Defining Software Behavioral Space |
| | | Malware |
| | | Malware Threats |
| | | Solving the Problem |
| | | Summary |
|
| | | Chapter 7. Eavesdropping and Snooping for Information: Sniffers and Scanners |
| | | Eavesdropping and Information Gathering |
| | | Monitoring Traffic with tcpdump |
| | | Sniffing Around with Ettercap |
| | | Network Surveys with NMAP |
| | | Other Information-Gathering Tools |
| | | Ethics of Information Gathering |
| | | Additional Resources |
| | | Summary |
|
| | | Chapter 8. Impersonation and Infiltration: Spoofing |
| | | Spoofing Attacks |
| | | Spoofing Defenses |
| | | Summary |
|
| | | Chapter 9. Everything Else |
| | | DoS |
| | | Buffer Overflows |
| | | Session Hijacking |
| | | Everything Else |
| | | Additional Resources |
| | | Summary |
|
|
| | Part III. Specific Mac OS X Resources and How to Secure Them: Security Tips, Tricks, and Recipes |
| | | Chapter 10. User, Environment, and Application Security |
| | | Adding a New User |
| | | Using the NetInfo Database to Customize a User |
| | | Sane User Account Management |
| | | Skeleton User Accounts |
| | | Command-Line Administration Tools |
| | | Restricting User Capabilities |
| | | Summary |
|
| | | Chapter 11. Introduction to Mac OS X Network Services |
| | | What Is a Network Service? |
| | | Network Service Vulnerabilities |
| | | Controlling Mac OS X Network Service Processes |
| | | Protecting inetd with TCP Wrappers |
| | | Increasing Security with xinetd |
| | | Summary |
|
| | | Chapter 12. FTP Security |
| | | FTP Vulnerabilities |
| | | Activating the FTP Server |
| | | Configuring the Default lukemftpd FTP Server |
| | | Setting Up Anonymous FTP |
| | | Replacing the Mac OS X FTP Server |
| | | Alternatives to FTP |
| | | Summary |
|
| | | Chapter 13. Mail Server Security |
| | | Basic Vulnerabilities |
| | | Sendmail |
| | | Activating Sendmail on Mac OS X |
| | | Protecting Sendmail |
| | | Updating Your Sendmail Installation |
| | | Postfix as an Alternative |
| | | Installing Postfix |
| | | Protecting Postfix |
| | | Delivering Mail ”UW IMAP |
| | | Summary |
|
| | | Chapter 14. Remote Access: Secure Shell, VNC, Timbuktu, Apple Remote Desktop |
| | | What Is SSH? |
| | | SSH Vulnerabilities |
| | | Vulnerabilities in telnet and rlogin |
| | | Activating SSH |
| | | Advanced SSH Features |
| | | GUI Access Methods |
| | | Summary |
|
| | | Chapter 15. Web Server Security |
| | | Introducing Apache |
| | | SSL-Protected Apache |
| | | Additional Resources |
| | | Summary |
|
| | | Chapter 16. File Sharing Security |
| | | Apple Filing Protocol |
| | | WebDAV |
| | | Sharing Files with Samba |
| | | Common Unix Printing System |
| | | Other Resources |
| | | Summary |
|
|
| | Part IV. Prevention, Detection, and Reaction to Attacks: Health Care and Checkups for Your Machine |
| | | Chapter 17. Blocking Network Access: Firewalls |
| | | Firewalling |
| | | Built-In GUI Mac OS X Firewall Tools |
| | | Built-In Command-Line Mac OS X Firewall Tools |
| | | Firewall Hardware |
| | | Firewall Resources |
| | | Summary |
|
| | | Chapter 18. Alarm Systems: Intrusion Detection |
| | | What Is Intrusion Detection? |
| | | Psionic PortSentry |
| | | Snort |
| | | IDS Resources |
| | | Summary |
|
| | | Chapter 19. Logs and User Activity Accounting |
| | | The Role of Logs |
| | | User Logins and Accounting |
| | | Automated Log Monitoring: LogSentry |
| | | Common System Log Changes |
| | | Summary |
|
| | | Chapter 20. Disaster Planning and Recovery |
| | | What Is Disaster Recovery and Why Do You Need It? |
| | | Creating a Disaster Recovery Plan |
| | | Mac OS X Backup Software |
| | | Synchronizing Files: rsync |
| | | Summary |
|
|
| | Part V. Appendixes |
| | | Appendix A. Glossary |
| | | Appendix B. Security Resources |
| | | Appendix C. Secure Web Development |
| | | Web Development Risks |
| | | Protecting Your Web Applications |
| | | Adding and Using suEXEC |
| | | Testing for Known CGI Vulnerabilities: Whisker |
| | | Additional Resources |
|
|
| | Index |