Filed under: TUAW Business, Security
Secure Your Mac: a new TUAW series
Many in the Mac community feel as though OS X, and Macs in general, benefit from some special aura of security. It is true that there are no known viruses for OS X in the wild, but that doesn't mean that we Mac users can let down our guard. We live in an age where more and more of our personal information stored on our computers, one nice, tidy present for any would be identify thieves. Once some ne'er do well gets their hands on your Mac, you could very well be in deep, deep trouble. I know you don't think it could happen to you, but neither did the folks who left their machines at this Apple Store for servicing.We at TUAW feel it is our duty to help you help yourself, and protect your Macs. Today we are introducing a new series called 'Secure your Mac' in which we will offer up tips, tricks, and howtos all designed to help your Mac stay safe in our troubling times. Some of these tips will be rather straightforward, and others might be entirely new to you. We hope that you not only learn a few things, but that you implement some, if not all, of these tricks so that you can sleep a little more soundly at night.
![TUAW [Cafepress]](http://www.blogsmithmedia.com/www.tuaw.com/media/tuaw-cafepress-promo.png)
Reader Comments (Page 1 of 1)
Justin said 12:21PM on 9-05-2007
Sounds like a good idea for a series. My personal favorites are to turn on the firewall (and make sure it is filtering UDP as well), use nmap to make sure no extra ports are open, and run Nessus on my subnet every now and then to catch any stray security issues.
Of course, having all security patches installed. Being behind a hardware firewall (home router) doesn't hurt either. If someone has an airport express it might be worth it to mention that it automatically creates an ipv6 tunnel for you which can have security implications if you're not filtering ipv6.
http://arstechnica.com/journals/apple.ars/2007/2/14/7063
Reply
E said 12:43PM on 9-05-2007
Apple store is down...
Reply
derekhardwick said 1:36PM on 9-05-2007
I strongly suggest that the author of this new series take a look at the NSA configuration guides. The NSA publishes basic instructions on how to harden security on many OSes, including Mac OS X.
Granted, some of it is a bit extreme. They don't trust the microphone, and disable it. They don't trust automatic apple software updates, or even network time servers (lol). But other bits are very appropriate and informative, such as disabling bluetooth if you don't need it, password-protected screen savers, FileVault, ssh instead of telnet, etc.
It's a must read for anyone interested in mac security, and probably contains enough content for 100 blog posts :)
http://www.nsa.gov/snac/downloads_macX.cfm
Unfortunately the guide for Tiger either hasn't been written or isn't declassified, but the Panther one is almost entirely applicable to Tiger.
Reply
Paul Adms said 3:05PM on 9-05-2007
Quote:
Unfortunately the guide for Tiger either hasn't been written or isn't declassified, but the Panther one is almost entirely applicable to Tiger.
/Quote
Sorry, but you are incorrect that guide is available at the following links:
http://tinyurl.com/2vcsut
or
http://www.nsa.gov/snac/downloads_macOSX10_4Server.cfm?MenuID=scg10.3.1.1
Reply