Home Page Icon
Home Page
Table of Contents for
Cover
Close
Cover
by Daniel O’Donnell, Charles Edge
Enterprise Mac Security: El Capitan, Third Edition
Cover
Title
Copyright
Dedication
Contents at a Glance
Contents
About the Authors
About the Technical Reviewer
Acknowledgments
Introduction
Part I: The Big Picture
Chapter 1: Security Quick-Start
Securing the Mac OS X Defaults
Customizing System Preferences
Users & Groups
Login Options
Passwords
Administrators
Security & Privacy Preferences
General
FileVault
Firewall
Software Update
Bluetooth Security
Printer Security
Sharing Services
Erasing Disks
Using Secure Empty Trash
Using Encrypted Disk Images
Securing Your Keychains
Best Practices
Chapter 2: Services, Daemons, and Processes
Introduction to Services, Daemons, and Processes
Viewing What’s Currently Running
The Activity Monitor
The ps Command
The top Output
Viewing Which Daemons Are Running
Viewing Which Services Are Available
Stopping Services, Daemons, and Processes
Stopping Processes
Stopping Daemons
Types of launchd Services
GUI Tools for Managing launchd
Changing What Runs at Login
Validating the Authenticity of Applications and Services
Summary
Chapter 3: Securing User Accounts
Introducing Identification, Authentication, and Authorization
Managing User Accounts
Introducing the OS X Account Types
Adding Users to Groups
Enabling the Superuser Account
Setting Up Parental Controls
Managing the Rules Put in Place
Advanced Settings in System Preferences
Working with Local Directory Services
Creating a Second Local Directory Node
External Accounts
Restricting Access with the Command Line: sudoers
Securing Mount Points
SUID Applications: Getting into the Nitty-Gritty
Creating Files with Permissions
Summary
Chapter 4: File System Permissions
Mac File Permissions: A Brief History of Time
POSIX Permissions
Modes in Detail
Inheritance
The Sticky Bit
The suid/sguid Bits
POSIX in Practice
Access Control Lists
Access Control Entries
Effective Permissions
ACLs in Practice
Administering Permissions
Using the Finder to Manage Permissions
Using chown and chmod to Manage Permissions
The Hard Link Dilemma
Using mtree to Audit File System Permissions
Summary
Chapter 5: Reviewing Logs and Monitoring
What Exactly Gets Logged?
Using Console
Viewing Logs
Marking Logs
Searching Logs
Finding Logs
What Happened to the Secure.log??
Reviewing User-Specific Logs
Reviewing Command-Line Logs
Reviewing Library Logs
Breaking Down Maintenance Logs
daily.out
Yasu
Weekly.out
Monthly.out
What to Worry About
Activity Monitor
Virtual Machine and Bootcamp Logs
Event Viewer
Task Manager
Performance Alerts
Review Regularly, Review Often
Accountability
Incident Response
BSM – Auditing with the Basic Security Module
The Audit Daemon and Audit Commands
Configuring the Audit System
Default Audit Settings
Naming of the Audit Trail Files
Setting the Hostname in Audit Trails
Audit Trail Configurations for High Security Environments
More On Audit Trails
Viewing Audit Trails
Output and Interpretation of Audit Trails
Summary
Part II: Securing the Ecosystem
Chapter 6: Application Signing and Sandbox
Application Signing
Application Authentication
Application Integrity
Gatekeeper: Signature Enforcement in OS X
Signing and Verifying Applications
Sandboxing
Sandbox Profiles
The Anatomy of a Profile
Sandbox Profiles in Action
The Seatbelt Framework
Summary
Chapter 7: Securing Web Browsers and E-mail
Securing Web Browsers and E-mail
A Quick Note About Passwords
Securing Your Web Browser
Securing Safari
Securing Firefox
Securely Configuring Mail
Using SSL
Securing Outlook
Fighting Spam
The Anatomy of Spam
Desktop Solutions for Securing E-mail
Using PGP to Encrypt Mail Messages
GPG Tools
Summary
Chapter 8: Malware Security: Combating Viruses, Worms, and Root Kits
Classifying Threats
The Real Threat of Malware on the Mac
Script Malware Attacks
Socially Engineered Malware
Using Antivirus Software
Built Into Mac OS X
Antivirus Software Woes
McAfee VirusScan
Norton AntiVirus
ClamXav
Sophos Anti-Virus
Best Practices for Combating Malware
Other Forms of Malware
Adware
Spyware
Root Kits
Summary
Chapter 9: Encrypting Files and Volumes
Using the Keychain to Secure Sensitive Data
Keychains
Creating Secure Notes and Passwords
Managing Multiple Keychains
Using Disk Images as Encrypted Data Stores
Creating Encrypted Disk Images
Interfacing with Disk Images from the Command Line
Encrypting User Data Using FileVault
Once FileVault Is Enabled
The FileVault Master Password
FileVault command Line
Check Point
Symantec Endpoint Encryption
WinMagic SecureDoc
Summary
Part III: Securing the Network
Chapter 10: Securing Network Traffic
Understanding TCP/IP
Types of Networks
Peer-to-Peer
Considerations When Configuring Peer-to-Peer Networks
Client-Server Networks
Understanding Routing
Packets
Port Management
DMZs and Subnets
Spoofing
Stateful Packet Inspection
Data Packet Encryption
Understanding Switches and Hubs
Managed Switches
Restricting Network Services
Security Through 802.1x
Proxy Servers
Squid
Summary
Chapter 11: Managing the Firewall
Introducing Network Services
Controlling Services
Configuring the Firewall
Working with the Firewall in OS X
Setting Advanced Features
Blocking Incoming Connections
Allowing Signed Software to Receive Incoming Connections
Going Stealthy
Testing the Firewall
Configuring the Application Layer Firewall from the Command Line
Using Mac OS X to Protect Other Computers
Enabling Internet Sharing
Working from the Command Line
Getting More Granular Firewall Control
Using pf with IceFloor
Summary
Chapter 12: Securing a Wireless Network
Wireless Network Essentials
Introducing the Apple AirPort
AirPort Utility
Configuring the Current AirPorts
Limiting the DHCP Scope
Securing Computer-to-Computer Networks
Wireless Topologies
Wireless Hacking Tools
KisMAC
Detecting Rogue Access Points
iStumbler and Mac Stumbler
Ettercap
Network Utility
NetSpot Pro
Cracking WEP Keys
802.1x
General Safeguards Against Cracking Wireless Networks
Summary
Part IV: Securely Sharing Resources
Chapter 13: File Services
The Risks in File Sharing
Peer-to-Peer vs. Client-Server Environments
File Security Fundamentals
LKDC
Using POSIX Permissions
Getting More out of Permissions with Access Control Lists
Sharing Protocols: Which One Is for You?
Apple Filing Protocol
Setting Sharing Options
Samba
Using Apple AirPort to Share Files
Third-Party Problem Solver: DAVE
Permission Models
Summary
Chapter 14: iCloud Security
The Apple ID
What an Apple ID Provides Access To
Securing the Apple ID
Suppress the iCloud Options at Startup
Disable Access to iCloud
Secure iCloud On Macs
iCloud Drive
Caching Server and iCloud
Find My Mac
Back to My Mac
The Mac App Store
Summary
Chapter 15: Remote Connectivity
Remote Management Applications
Apple Remote Desktop
Screen Sharing
Implementing Back to My Mac
Configuring Remote Management
Using Secure Shell
Enabling SSH
Further Securing SSH
Using a VPN
Connecting to Your Office VPN
Setting Up L2TP
Setting Up PPTP
Connecting to a Cisco VPN
Summary
Chapter 16: Server Security
Limiting Access to Services
The Root User
Foundations of a Directory Service
Defining LDAP
Kerberos
Configuring and Managing Open Directory
Securing Open Directory Accounts by Enabling Password Policies
Securing LDAP by Preventing Anonymous Binding
Securely Binding Clients to Open Directory
Further Securing LDAP: Implementing Custom LDAP ACLs
Creating Open Directory Users and Groups
Securing Kerberos from the Command Line
Managed Preferences and Profiles
Active Directory Integration
Web Server Security in OS X Server
Using Realms
SSL Certs on Web Servers
File Sharing Security in OS X Server
A Word About File Size
AFP
Limiting Access to a Service
DNS Best Practices
SSL
Reimporting Certificates
SSH
The serveradmin Command Line Interface
Messages Server
Securing the Mail Server
Limiting the Protocols on Your Server
Summary
Part V: Securing the Workplace
Chapter 17: Network Scanning, Intrusion Detection, and Intrusion Prevention Tools
Scanning Techniques
Fingerprinting
Enumeration
Vulnerability and Port Scanning
Intrusion Detection and Prevention
Host-based Intrusion Detection System
Network Intrusion Detection
Security Auditing on the Mac
Nessus
Metasploit
Summary
Chapter 18: Backup and Fault Tolerance
Time Machine
Restoring Files from Time Machine
Using a Network Volume for Time Machine
SuperDuper
Use CrashPlan To Back Up To The Cloud
Checking Your Backups
Using Tape Libraries
Backup vs. Fault Tolerance
Fault-Tolerant Scenarios
Round-Robin DNS
Load-Balancing Devices
Cold Sites
Hot Sites
Backing up Services
Summary
Appendix A: InfoSec Acceptable Use Policy
1.0 Overview
2.0 Purpose
3.0 Scope
4.0 Policy
4.1 General Use and Ownership
4.2 Security and Proprietary Information
4.3 Unacceptable Use
4.4 Blogging
5.0 Enforcement
6.0 Definitions
Term Definition
7.0 Revision History
Appendix B: CDSA
Appendix C: Introduction to Cryptography
Index
Search in book...
Toggle Font Controls
Playlists
Add To
Create new playlist
Name your new playlist
Playlist description (optional)
Cancel
Create playlist
Sign In
Email address
Password
Forgot Password?
Create account
Login
or
Continue with Facebook
Continue with Google
Sign Up
Full Name
Email address
Confirm Email Address
Password
Login
Create account
or
Continue with Facebook
Continue with Google
Next
Next Chapter
Title
Add Highlight
No Comment
..................Content has been hidden....................
You can't read the all page of ebook, please click
here
login for view all page.
Day Mode
Cloud Mode
Night Mode
Reset