Featuring 13 Papers as of February 7, 2012
iPhone Backup Files. A Penetration Tester's Treasure by Darren Manners - February 7, 2012
One of the noticeable changes in recent technology history is the emergence of the smart phone. Technological advances in these fields have created devices that have almost the equivalent power and functionality of desktop computers.
iPad Security Settings And Risk Review For iOS 4.X Masters
by Jim Horwath - November 11, 2011
The introduction of mobile computing introduces new risks and concerns to the firm. There are many questions concerning the operation, compliance, cost and risk with mobile computing devices.
Securely Integrating iOS Devices into the Business Environment Masters
by Joshua Brower - June 15, 2011
iOS is the name of Apple’s mobile operating system. Previous to June 2010, it was known as the iPhone OS. Released in the summer of 2007, the first generation iPhone OS was a spectacular hit in the blackberry-dominated smartphone market.
Auditing Mac OS X Compliance with the Center for Internet Security Benchmark Using Nessus Masters
by Ricky Smith - November 10, 2008
This paper describes the auditing of a Mac OS X v10.5 system using the compliance checks in Nessus 3.2.x from Tenable Network Security.
Secure Configuration of Apache in the Mac OS X Environment by Neil Fryer - December 7, 2006
Within this paper I will attempt to show how to secure both OS X and Apache, so that it can be used as an Internet facing web server.
Single-signon with Open Directory from GNU/Linux by Chad Walstrom - May 5, 2005
This paper examines methods for sharing account and configuration information between networked computers, focusing on the emerging secure standards of Kerberos, LDAP, SSL/TLS, and SASL.
MacOS X: User Friendlier Security for Unix by Raleigh Romine - December 13, 2003
In this paper, we explore the additions and modifications Apple has made to the FreeBSD core to enhance the security of the users of MacOS.
Macintosh Forensic Analysis Using OS X by Peter Hawkins - October 8, 2002
The purpose of this paper is to describe sound forensic techniques as they pertain to the Macintosh operating system.
Mac OS X 10.1.4: Security Analysis and Recommendations by Daniel Deal - June 4, 2002
This paper is an introduction to the security implications of Apple's latest offering (Mac OS X 10.1.4 at the time of this writing), providing particular focus on NetInfo, Mac OS X's directory system, and is intended to be a starting point for your own research
Improving the Security of a Default Install of Mac OS X (v10.1) by Preston Norvell - March 5, 2002
This paper will take administrators through the processes, both common and unique, of providing a more secure installation of Mac OS X.
Securing FreeBSD under Macintosh OSX by Bertram McGrath - September 30, 2001
This instructional paper introduces a broad range of applicable security measures that can be taken to provide a basic level of resistance to intruders, malicious code and damage or compromise to ones PC and/or its electronic contents when using Macintosh OSX.
Mac OS X 10.0 Security Essentials by Roland Miller - August 21, 2001
This report constitutes an evaluation of the out-of-the-box security of the shipping version of Mac OS X (version 10.0.4 Build 4Q12).
Most of the computer security white papers in the Reading Room have been written by students seeking GIAC certification to fulfill part of their certification requirements and are provided by SANS as a resource to benefit the security community at large. SANS attempts to ensure the accuracy of information, but papers are published "as is". Errors or inconsistencies may exist or may be introduced over time as material becomes dated. If you suspect a serious error, please contact firstname.lastname@example.org.
All papers are copyrighted. No re-posting or distribution of papers is permitted.