Featuring 13 Papers as of February 7, 2012
iPhone Backup Files. A Penetration Tester's Treasure
Darren Manners - February 7, 2012
One of the noticeable changes in recent technology history is the emergence of the smart phone. Technological advances in these fields have created devices that have almost the equivalent power and functionality of desktop computers.
iPad Security Settings And Risk Review For iOS 4.X Masters
Jim Horwath - November 11, 2011
The introduction of mobile computing introduces new risks and concerns to the firm. There are many questions concerning the operation, compliance, cost and risk with mobile computing devices.
Covering the Tracks on Mac OS X Leopard Masters
Charlie Scott - January 9, 2009
In this paper, I apply the Covering the Tracks techniques described in the SANS SEC 504 course to Mac OS X
Auditing Mac OS X Compliance with the Center for Internet Security Benchmark Using Nessus Masters
Ricky Smith - November 10, 2008
This paper describes the auditing of a Mac OS X v10.5 system using the compliance checks in Nessus 3.2.x from Tenable Network Security.
Secure Configuration of Apache in the Mac OS X Environment
Neil Fryer - December 7, 2006
Within this paper I will attempt to show how to secure both OS X and Apache, so that it can be used as an Internet facing web server.
Single-signon with Open Directory from GNU/Linux
Chad Walstrom - May 5, 2005
This paper examines methods for sharing account and configuration information between networked computers, focusing on the emerging secure standards of Kerberos, LDAP, SSL/TLS, and SASL.
MacOS X: User Friendlier Security for Unix
Raleigh Romine - December 13, 2003
In this paper, we explore the additions and modifications Apple has made to the FreeBSD core to enhance the security of the users of MacOS.
Macintosh Forensic Analysis Using OS X
Peter Hawkins - October 31, 2003
The purpose of this paper is to describe sound forensic techniques as they pertain to the Macintosh operating system.
Mac OS X 10.0 Security Essentials
Roland Miller - October 31, 2003
This report constitutes an evaluation of the out-of-the-box security of the shipping version of Mac OS X (version 10.0.4 Build 4Q12).
Securing FreeBSD under Macintosh OSX
Bertram McGrath - October 31, 2003
This instructional paper introduces a broad range of applicable security measures that can be taken to provide a basic level of resistance to intruders, malicious code and damage or compromise to ones PC and/or its electronic contents when using Macintosh OSX.
Improving the Security of a Default Install of Mac OS X (v10.1)
Preston Norvell - October 31, 2003
This paper will take administrators through the processes, both common and unique, of providing a more secure installation of Mac OS X.
Mac OS X 10.1.4: Security Analysis and Recommendations
Daniel Deal - October 31, 2003
This paper is an introduction to the security implications of Apple's latest offering (Mac OS X 10.1.4 at the time of this writing), providing particular focus on NetInfo, Mac OS X's directory system, and is intended to be a starting point for your own research
Securely Integrating iOS Devices into the Business Environment Masters
iOS is the name of Apples mobile operating system. Previous to June 2010, it was known as the iPhone OS. Released in the summer of 2007, the first generation iPhone OS was a spectacular hit in the blackberry-dominated smartphone market.
Most of the computer security white papers in the Reading Room have been written by students seeking GIAC certification to fulfill part of their certification requirements and are provided by SANS as a resource to benefit the security community at large. SANS attempts to ensure the accuracy of information, but papers are published "as is". Errors or inconsistencies may exist or may be introduced over time as material becomes dated. If you suspect a serious error, please contact firstname.lastname@example.org.
All papers are copyrighted. No re-posting or distribution of papers is permitted.