SANS InfoSec Reading Room - Mac/Apple Issues

Most of the computer security white papers in the Reading Room have been written by students seeking GIAC certification to fulfill part of their certification requirements and are provided by SANS as a resource to benefit the security community at large. SANS attempts to ensure the accuracy of information, but papers are published "as is". Errors or inconsistencies may exist or may be introduced over time as material becomes dated. If you suspect a serious error, please contact webmaster@sans.org.

Featuring 10 papers as of Feb 10, 2010

Covering the Tracks on Mac OS X Leopard

By: Charlie Scott (posted on January 9, 2009)

In this paper, I apply the “Covering the Tracks” techniques described in the SANS SEC 504 course to Mac OS X

Auditing Mac OS X Compliance with the Center for Internet Security Benchmark Using Nessus

By: Ricky Smith (posted on November 10, 2008)

This paper describes the auditing of a Mac OS X v10.5 system using the compliance checks in Nessus 3.2.x from Tenable Network Security.

Secure Configuration of Apache in the Mac OS X Environment

By: Neil Fryer (posted on December 7, 2006)

Within this paper I will attempt to show how to secure both OS X and Apache, so that it can be used as an Internet facing web server.

Single-signon with Open Directory from GNU/Linux

By: Chad Walstrom (posted on May 5, 2005)

This paper examines methods for sharing account and configuration information between networked computers, focusing on the emerging secure standards of Kerberos, LDAP, SSL/TLS, and SASL.

MacOS X: User Friendlier Security for Unix

By: Raleigh Romine (posted on December 13, 2003)

In this paper, we explore the additions and modifications Apple has made to the FreeBSD core to enhance the security of the users of MacOS.

Macintosh Forensic Analysis Using OS X

By: Peter Hawkins (posted on October 31, 2003)

The purpose of this paper is to describe sound forensic techniques as they pertain to the Macintosh operating system.

Mac OS X 10.0 Security Essentials

By: Roland E. Miller (posted on October 31, 2003)

This report constitutes an evaluation of the out-of-the-box security of the shipping version of Mac OS X (version 10.0.4 Build 4Q12).

Securing FreeBSD under Macintosh OSX

By: Bertram McGrath (posted on October 31, 2003)

This instructional paper introduces a broad range of applicable security measures that can be taken to provide a basic level of resistance to intruders, malicious code and damage or compromise to ones PC and/or its electronic contents when using Macintosh OSX.

Improving the Security of a Default Install of Mac OS X (v10.1)

By: Preston Norvell (posted on October 31, 2003)

This paper will take administrators through the processes, both common and unique, of providing a more secure installation of Mac OS X.

Mac OS X 10.1.4: Security Analysis and Recommendations

By: Daniel Deal (posted on October 31, 2003)

This paper is an introduction to the security implications of Apple's latest offering (Mac OS X 10.1.4 at the time of this writing), providing particular focus on NetInfo, Mac OS X's directory system, and is intended to be a starting point for your own research