Array

Array

Mac OS X Security

A Brief Look At The Dark Side

Ian Kaufman March 2005

We’ve Been Hacked! Or have we?

* Recently, 3 machines were compromised
* How did we find out? IRC traffic caught going to the machines
* No evidence of root compromise detected
* Same account/password across all 3 machines via Netinfo Database – check out the CPP document about securing Netinfo! http://www.lbl.gov/ITSD//systems/mac_guidelines.html
* This was not an OS X specific problem!
* The password was guessed, was not a “good” password

Passwords – How Strong Are They?

* Fortunately, OS X has a built in password checker – the Keychain!
* Create a new Keychain, and in the password dialog box, click the “i” button

Password Checking part II

* A dialog box will come up showing how weak/strong your password is, and make suggestions on how to strengthen it

HFS+ Security Problems

* HFS+ stores info in multiple forks
* Non-Carbonized OS 9 apps use a data fork (which contains the executable or binary data) and a resource fork (icons, dialogs, sound)
* OS X is based on UNIX which only uses single forked files – data only
* Modern OS X apps dump the resource fork and use either a .rsrc file (Carbon) or store the resources as separate files (Cocoa)

HFS+ vs. UNIX

* On a UFS volume, OS X stores any resource fork as a separate file prefixed by a “._Fork” or “..namedfork”
* When viewed at in the command line, it appears as a subdirectory called /rsrc, but are invisible to “ls” unless specifically targeted
* As a result of all of this, server daemons that open file streams can be fooled into opening the respective file resource and/or file forks, opening up the underlying of the server side documents to remote users

HFS+ Security Fixes

* Apple released a security patch for Apache 1.3.29 to fix this
* Implemented a mod_rewrite rule to httpd.conf:

Order allow,deny

Deny from all

Satisfy All

Order allow,deny

Deny from all

Satisfy All

More HFS+ fixes

* 4D (WebSTAR Web Server V) is also vulnerable, you can get instructions on how to secure the server at http://www.4d.com/products/hfs_sec.html
* Any service of this type might be vulnerable, so if you run a dedicated webserver – use UFS

download form Source

Popularity: 12% [?]

Incoming search terms:

free healthy food ppt templates for mac|free powerpoint templates on network security||
Share

Tags: , , , ,

Related News - Computer

Entertainment and Media: Markets and Economics

Language Processing

Mac OS X Security

Phishing ~ An Evolution

Introduction to Computer Organization Computer Hardware & Software

One Response to “Introduction to Computer Organization Computer Hardware & Software”

  1. marc jacob sunglasses says:
    May 26, 2010 at 7:35 am

    Good job. I’m definitely going to bookmark you!

Leave a Reply

CAPTCHA Image
*