Foundations of Mac OS X Leopard Security (Books for Professionals by Professionals) [Paperback]

Charles Edge (Author), William Barker (Author), Zack Smith (Author)

Book Description

ISBN-10: 1590599896 | ISBN-13: 978-1590599891 | Publication Date: April 30, 2008 | Edition: 1

A common misconception in the Mac community is that the Mac is more secure than other operating systems. While this might be true in many cases, the fact that people actually use the computers is often not considered in this analysis. When sharing is enabled or remote control applications are installed, then a variety of security threats are established. This book enables users of the Mac to enable services while not sacrificing the security of their systems.

Editorial Reviews

About the Author

Cheridan Smith has been involved in Web development and design since 1997, when she began working on a research team for the "Y2K" millennium bug. It was here that she learnt about the Internet and promptly fell in love with the medium. In her career, she has been responsible for websites in the early 2000s, such as Weight Watchers Australia and Quicken.com.au, and worked as creative services manager of Yahoo! in Australia with clients such as Toyota, 20th Century Fox and Ford. She works as a senior interactive project manager for an Australian advertising agency.

Ken Barker is a technical project manager/development generalist who has successfully delivered software solutions in the healthcare, state government, online retail, and tourism industries. Prior to partnering in the formation of EdgeCase, Ken helped found the Columbus Ruby Brigade, a burgeoning group of professionals who are passionate about the Ruby programming language. He began using Ruby over three years ago on the job in a wide range of applications. In addition to being passionate about Ruby, Ken is an agile software development process evangelist.

Charles Edge has been working with Apple products since he was a child. Professionally, Charles started with the Mac OS and Apple server offerings in 1999 after years working with various flavors of Unix. Charles began his consulting career working with Support Technologies and Andersen Consulting. In 2000, he found a new home at 318, Inc., a consulting firm in Santa Monica, California which is now the largest Mac consultancy in the country. At 318, Charles leads a team of over 40 engineers and has worked with network architecture, security and storage for various vertical and horizontal markets. Charles has spoken at a variety of conferences including DefCon, BlackHat, LinuxWorld, MacWorld and the WorldWide Developers Conference. Charles' first book, Mac Tiger Server Little Black Book, can be purchased through Paraglyph Press. Charles recently hung up his surfboard and moved to Minneapolis, Minnesota, with his wife, Lisa. Charles can be contacted at krypted@mac.com.

Product Details

• Paperback: 488 pages
• Publisher: Apress; 1 edition (April 30, 2008)
• Language: English
• ISBN-10: 1590599896
• ISBN-13: 978-1590599891
• Product Dimensions: 9.1 x 7 x 1 inches
• Shipping Weight: 1.6 pounds (View shipping rates and policies)
• Average Customer Review: 4.0 out of 5 stars  See all reviews (4 customer reviews)
• Amazon Best Sellers Rank: #460,715 in Books (See Top 100 in Books)

More About the Author

Charles Edge has been working with Apple products since he was a child. Professionally, Charles started with the Mac OS and Apple server offerings in1999 after years working with various flavors of Unix. Charles began his consulting career working with Support Technologies and Andersen Consulting. In 2000, he found a new home at 318, a consulting firm in Santa Monica, California which is now the largest Mac consultancy in the country. At 318, Charles leads a team of over 40 engineers and has worked with network architecture, security and storage for various vertical and horizontal markets.

Charles has spoken at a variety of conferences including DefCon, BlackHat, LinuxWorld, MacWorld and the WorldWide Developers Conference. Charles' first book, Mac Tiger Server Little Black Book, can be purchased through Paraglyph Press. Charles recently hung up his surfboard and moved to Minneapolis, Minnesota, with his wife, Lisa. Charles can be contacted at krypted@mac.com

Customer Reviews

Most Helpful Customer Reviews

9 of 10 people found the following review helpful:

2.0 out of 5 stars Suffers from poor editing, August 2, 2008

By 

Fred (Missouri) - See all my reviews

This review is from: Foundations of Mac OS X Leopard Security (Books for Professionals by Professionals) (Paperback)

The major problem with this book is that it is poorly edited.

Examples #1 & #2, from pages 177-178: There are two sections with the following names: "Working with Default Services in Tiger" and "Allowing Non-Apple Services in Tiger". But the book is about *Leopard*.

The index has a block of entries under the subject "Tiger" - and *no* entry for "Leopard".

Screenshots in various places are sometimes either wrong (p. 345, where a HenWen config screen is placed instead of a Kerio login screen) or from previous versions of OS X (the Bluetooth Preference panes shown are *not* from Leopard; the location of the Firewall preferences pane being in the Security preferences rather than Sharing); other times the captions for screenshots haven't been updated from the Tiger version of the book.

The firewall section refers to a feature (including screenshots of it) - UDP blocking - that no longer exists in the firewall settings pane.

The section on ACLs omits any discussion of how to view them, or how to set them.

There are one or two mentions of "Sandbox" but no discussion of what it is nor how to use it.

There is a rather ridiculous editing gaffe where the text recommends using the Unix "mkdir" command to create a *file* (this command creates folders or directories, not files).

Examples could be multiplied, but these are some of the most egregious ones.

Lastly, the style is rather tedious. It reads like an oral presentation, but written English isn't spoken English.

I don't fault the authors for any of these issues. All of these problems should have been caught and fixed during editing. But these technical problems make me a bit uneasy about trusting the information in the book. This is the sort of book I would normally keep for reference purposes after reading it, but I'm going to give this one away. It's just not reliable as a source of security information.

It's not a one-star book - there is *some* useful information in it. But beginners should stay away, and others will need to be careful to verify what it says thanks to the editing problems.

13 of 16 people found the following review helpful:

5.0 out of 5 stars Best volume of its kind, May 30, 2008

By 

John A. Suda (Rochester NY) - See all my reviews
(VINE VOICE)   

This review is from: Foundations of Mac OS X Leopard Security (Books for Professionals by Professionals) (Paperback)

At least a half-dozen times in the book "Foundations of Mac OS X Leopard Security" the authors state that there is a misconception that the Macintosh computer is immune from security problems. That allegation may explain why there are very few books published (and nearly none in recent years) about security for the Mac. This book is meant to change all that. The authors acknowledge that the Mac OS Xsoftware has had little of the security problem experience of Windows (and other operating systems, to a lesser extent) but they spend 488 pages detailing exactly where and how the Macintosh platform is (or may be?) vulnerable.

Many of the security issues raised in the book are theoretical or deal with added elements of the Mac software install that contain non-Apple components -- Apache Web server and Perl and PHP scripting packages, for example. Many of the items of concern deal with generic problem areas of computer usage in general, both software and hardware, which affect the Mac as well as any other computers and networks. While the perspective of the book is on the Mac, much of the security review will apply to any type of computer or network.

Messieurs Edge, Barker, and Smith are seasoned Mac and security professionals who point out in a very systematic and comprehensive way the potential problems of running the Mac both in single use and networked environments. The focus is primarily on Mac OS X Leopard and the other software which comes with any new Mac computer, although there is some discussion of earlier OS X versions and earlier generations of Apple applications like Airport.

The book has five main parts covering general security matters, essential security fundamentals, networking, sharing, and workplace security issues. There are four very short appendices of modest value.

The initial first three chapters deal with general security and security fundamentals is basic stuff discussing how technical computer security issues are entwined with practical realities of using computers in a business or home, and that compromises between security and practicality generally must be made. There is discussion of types of security attacks, how the Windows booting programs, Parallels and Boot Camp, implicate Windows security issues on the Mac, and how the UNIX underpinnings of the Mac OS X allow for more sophisticated techniques and tools in securing the Mac computer and networks. Chapter 1 is a useful "quick start" guide of items which can be addressed readily by nearly any level of user to safeguard the Mac from many security concerns. Apple has provided a lot of built-in security features and services which can be adjusted by individual users to his or her own needs, like FileVault, Secure Trash, Keychain, permissions, and others. Higher-level users and maybe experienced security professionals not used to the Mac may be bored with the first part of the book.

Part two deals with protecting the Mac from malware and exploitable services in the OS and major applications like the Safari browser and Mail applications. It explains how malware can affect the Mac through script viruses, social engineering techniques, and other exploits. The book lists a number of available software tools which can help solve some of the potential problems. The section on reviewing and configuring monitoring processes and logs is especially interesting.

Securing networks, using and configuring firewalls, and wireless networking make up the bulk of part three. The content in chapters 7 through 9 is quite technical covering types of networks; routers, hubs and switches;proxy, DMZ, and other servers and hardware setups, advanced firewall configuration using both GUI and command line interfaces; filtering; traffic throttling; and more. The sections describing testing of firewalls and hacking wireless networks using tools like Kismac and iStumbler are especially useful.

Chapter 11, in part four, dealing with website security when utilizing the built-in Apple web services, includes a checklist of at least a dozen items to be dealt with in locking down a site. Security for remote conductivity is addressed also, with particular emphasis given to VPN, secure shell, and the use of network administration tools like Timbuktu and DAVE. Attention is given to both the standard MacOS X installation as well as to OS X Server. The most complex discussions involve using Open Directory in a security plan. My favorite sections were in chapters 14 on network scanning, monitoring, and intrusion prevention tools. The book describes how to understand your own machine/network security status by learning how to attack other networks. And how to use techniques like white/black box testing, fingerprinting, enumeration, port and TCP/UDP scans, ping sweeps, and more.

The book describes how intrusion detection is accomplished. Guidance is provided on software tools like Tripwire, snort, Checkmate, and others. The last chapter concerns forensics and how to handle attempted or successful intrusions to both understand security weaknesses and to preserve evidence for civil or criminal proceedings, CSI-like.

Nearly all of the presentations cover two levels of interactivity using either GUI-based tools or the command line. Except for a handful of sections, the presentations are useful even for higher-end users, including those dealing with medium to large networks.

The writing is workmanlike and without style or wit, but carefully organized and expressed. There are plenty of (grayscale) screenshots of relevant software application configurations, and sidebar Notes and Tips on many topics. Anyone who has a serious interest in Mac OS X security will benefit from this book as its main virtue is its systematic and comprehensive approach to the issues. It is designed to inform users of all levels how and why to think about OS X security. Geeks who want or need to know Mac OS X security will get a nicely organized book sufficiently filled with useful content. This is not a book intended to raise all security issues or to provide all the answers. It does answer many problems, and will point nearly all users in the right direction for their specific needs.

4.0 out of 5 stars Should be in your Shelf,, but better in PDF, March 13, 2010

By 

Leo of BORG "Leo M" (Central California, USA) - See all my reviews

Amazon Verified Purchase

This review is from: Foundations of Mac OS X Leopard Security (Books for Professionals by Professionals) (Paperback)

This Apress book probably deserved a space in your shelf 12 months ago when Leopard was in wide use. I bought it at the time and STILL refer to it from time to time.

That being said, a lot of the fundamentals in the book still apply. What I recommend is get the PDF version of this book and have it on your admin machine. It's still very useful and searching the PDF that you can get from APRESS makes it worth it to have a soft copy over having this book in paper.