Re: Moving to Mac -- MIDRANGE-L

Being a Linux guy, I dont think they move to unix from windows will be such a big deal. Of course like any system I will need to read up on the security features/draw backs. I do have a couple of friends who work here at LSU who use and know how to secure macs. Actually the other day one of them showing me how with some programs on a mac (or linux) he could get any telnet, web, etc password and data if the connection wasnt secure. I always use ssh/sftp or ssl when sending any sensative data but for those who dont, thier passwords were captured (this is on a wireless network).

----- Original Message ----- From: "Chuck Lewis" <clewis@xxxxxxxxxx> To: "'Midrange Systems Technical Discussion'" <midrange-l@xxxxxxxxxxxx> Sent: Wednesday, September 01, 2004 12:57 PM Subject: RE: Moving to Mac

Well I am MORE than aware of all the problems with PC's but didn't want you to think that the Mac was immune from that. I sort of thought it was to a degree until this post this morning on the Dshield list (with some VERY heavy hitters in the security field):
RE: [Dshield] Spyware and Unlikely Targets
Does your MAC verify using CERTs that it is
communicating with Apple and do an MD5 sum to verify
that the patch isn't 'r00ted'?
Forgive me as I don't know the MAC platform that well.
Just got done reading "Stealing the Network: How To
Own a Continent" - pretty detailed attack on a MAC -
Chapter 4 authored by Jay Beale. References
SecurityFocus advisory 6004. http://www.securityfocus.com/advisories/6004
Mac OS X Systemic Insecure File Permissions
It is fixed in a subsequent patch, but how many are
"secure" in their OS choice that they patch regularly?
This one is particularly nasty and
I was speaking with a large client that received a RIAA subpoena. They traced the IP to a large "printer" that had been rooted and had a popular file sharing utility installed. "Nobody" looks at printers, but the larger ones come with hard drives - BIG hard drives (Not pumping Syngress but the first book in the series discusses how to 0wn a HP printer.
People that don't want to be found are not going to
target "popular" systems. They leverage the noise
created by those attacks - like a magician with a
diversion - to keep you focused where they want you
focused.
Mark
PS: The vulnerability mentioned above shows Apple's
learning curve with *nix.
From SecurityFocus
Many applications are installed onto Mac OS X systems
with insecure file permissions.  This is due to two
distinct classes of problems:
    1) a security issue regarding DMG files managed
by Mac OS X
    2) insecure file permissions packaged by
different vendors
The result is that many of the files and directories
that compose various applications are globally
writable.  This allows attackers with filesystem
access to an OS X machine can replace binaries and
obtain additional privileges from unsuspecting users,
who may run the replaced version of the binary.
How many files on your system are "777"? :)
-- This is the Midrange Systems Technical Discussion (MIDRANGE-L) mailing list To post a message email: MIDRANGE-L@xxxxxxxxxxxx To subscribe, unsubscribe, or change list options, visit: http://lists.midrange.com/mailman/listinfo/midrange-l or email: MIDRANGE-L-request@xxxxxxxxxxxx Before posting, please take a moment to review the archives at http://archive.midrange.com/midrange-l.