Mac OS X now operates on a UNIX engine. As such it is much more powerful than previous operating systems. It is now a multitasking, multithreaded, multi-user, and multiprocessor system with enhanced interoperability with other systems. Along with that increased power comes increased security vulnerability. Part I introduces readers to the basics of OS X security. Part II addresses system security beginning at the client workstation level. This section addresses UNIX-specific information such as permissions, executables, and network protocols and the related security concerns. Part III covers network security. The chapters in this section will cover security for internet services, file sharing, and network protection systems. Part IV addresses enterprise security using a variety of tools (Kerberos, NetInfo, and Rendezvous) as well as workstation configurations to illustrate how OS X Server and OS X inter-operate. The final section addresses auditing and forensics and what to do when an OS X network is compromised. This section teaches readers to audit systems painlessly and effectively and how to investigate and handle incidents.
This book is about security. Specifically, it is about understanding security issues with Mac OS X. From the basic framework of the operating system, to host-based security, to integration into an enterprise network, this book covers it all.
Mac OS X is a powerful operating system. It contains new security features that go above and beyond previous versions of Mac OS. There are keychains to store passwords. Disk volumes can be encrypted so other users cannot read your data. Permissions on files and directories can be controlled on a user and group basis. It is interoperable with more industry standards and operating systems than previous versions of Mac OS ever aspired to. With NetInfo, large-scale users and resource management is reality. Mac OS X systems can be integrated into enterprise directory services, such as Active Directory and Apple's own Open Directory for management of users and resources.
Mac OS X is also more dangerous to use than previous Apple operating systems if not installed and configured correctly. Without understanding how various configuration files and commands alter the state of the machine, a user can quickly break down any security barriers that existed in the default install and leave themselves open to attack.
We will not only cover the tools and security issues, but also provide practical application and configurations where needed. By the end of this book, you will understand how to defend and audit a Mac OS X installation and how to avoid common mistakes that can expose you to security risks.