Featuring 14 Papers as of February 22, 2017
OS X as a Forensic Platform STI Graduate Student Research
by David M. Martin - February 22, 2017
The Apple Macintosh and its OS X operating system have seen increasing adoption by technical professionals, including digital forensic analysts. Forensic software support for OS X remains less mature than that of Windows or Linux. While many Linux forensic tools will work on OS X, instructions for how to configure the tool in OS X are often missing or confusing. OS X also lacks an integrated package management system for command line tools. Python, which serves as the basis for many open-source forensic tools, can be difficult to maintain and easy to misconfigure on OS X. Due to these challenges, many OS X users choose to run their forensic tools from Windows or Linux virtual machines. While this can be an effective and expedient solution, those users miss out on the much of the power of the Macintosh platform. This research will examine the process of configuring a native OS X forensic environment that includes many open-source forensic tools, including Bulk Extractor, Plaso, Rekall, Sleuthkit, Volatility, and Yara. This process includes choosing the correct hardware and software, configuring it properly, and overcoming some of the unique challenges of the OS X environment. A series of performance tests will help determine the optimal hardware and software configuration and examine the performance impact of virtualization options.
iPhone Backup Files. A Penetration Tester's Treasure by Darren Manners - February 7, 2012
One of the noticeable changes in recent technology history is the emergence of the smart phone. Technological advances in these fields have created devices that have almost the equivalent power and functionality of desktop computers.
iPad Security Settings And Risk Review For iOS 4.X STI Graduate Student Research
by Jim Horwath - November 11, 2011
The introduction of mobile computing introduces new risks and concerns to the firm. There are many questions concerning the operation, compliance, cost and risk with mobile computing devices.
Securely Integrating iOS Devices into the Business Environment STI Graduate Student Research
by Joshua Brower - June 15, 2011
iOS is the name of Apple’s mobile operating system. Previous to June 2010, it was known as the iPhone OS. Released in the summer of 2007, the first generation iPhone OS was a spectacular hit in the blackberry-dominated smartphone market.
Auditing Mac OS X Compliance with the Center for Internet Security Benchmark Using Nessus STI Graduate Student Research
by Ricky Smith - November 10, 2008
This paper describes the auditing of a Mac OS X v10.5 system using the compliance checks in Nessus 3.2.x from Tenable Network Security.
Secure Configuration of Apache in the Mac OS X Environment by Neil Fryer - December 7, 2006
Within this paper I will attempt to show how to secure both OS X and Apache, so that it can be used as an Internet facing web server.
Single-signon with Open Directory from GNU/Linux by Chad Walstrom - May 5, 2005
This paper examines methods for sharing account and configuration information between networked computers, focusing on the emerging secure standards of Kerberos, LDAP, SSL/TLS, and SASL.
MacOS X: User Friendlier Security for Unix by Raleigh Romine - December 13, 2003
In this paper, we explore the additions and modifications Apple has made to the FreeBSD core to enhance the security of the users of MacOS.
Macintosh Forensic Analysis Using OS X by Peter Hawkins - October 8, 2002
The purpose of this paper is to describe sound forensic techniques as they pertain to the Macintosh operating system.
Mac OS X 10.1.4: Security Analysis and Recommendations by Daniel Deal - June 4, 2002
This paper is an introduction to the security implications of Apple's latest offering (Mac OS X 10.1.4 at the time of this writing), providing particular focus on NetInfo, Mac OS X's directory system, and is intended to be a starting point for your own research
Improving the Security of a Default Install of Mac OS X (v10.1) by Preston Norvell - March 5, 2002
This paper will take administrators through the processes, both common and unique, of providing a more secure installation of Mac OS X.
Securing FreeBSD under Macintosh OSX by Bertram McGrath - September 30, 2001
This instructional paper introduces a broad range of applicable security measures that can be taken to provide a basic level of resistance to intruders, malicious code and damage or compromise to ones PC and/or its electronic contents when using Macintosh OSX.
Mac OS X 10.0 Security Essentials by Roland Miller - August 21, 2001
This report constitutes an evaluation of the out-of-the-box security of the shipping version of Mac OS X (version 10.0.4 Build 4Q12).
Most of the computer security white papers in the Reading Room have been written by students seeking GIAC certification to fulfill part of their certification requirements and are provided by SANS as a resource to benefit the security community at large. SANS attempts to ensure the accuracy of information, but papers are published "as is". Errors or inconsistencies may exist or may be introduced over time as material becomes dated. If you suspect a serious error, please contact firstname.lastname@example.org.
All papers are copyrighted. No re-posting or distribution of papers is permitted.