Threat Level: green Handler on Duty: Rob VandenBrink

SANS ISC InfoSec Handlers Diary Blog


Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!

Cyber Security Awareness Tip #18: Mac Tips

Published: 2007-10-18
Last Updated: 2007-10-18 18:13:37 UTC
by George Bakos (Version: 1)
0 comment(s)

Welcome to day 18 of Cyber Security Awareness Month. Today we're welcoming your tips on securely working with Apple Mac systems. Let's start off with a bit of sage guidance I already received: Don't assume that your machine is secure simply because it's a Mac. While OS[789X] doesn't enjoy the sheer volume of badguy attention as other operating systems, the number certainly isn't zero and you can expect it to grow.

It's amazing how many Mac users and admins are submitting tips.  What is even more amazing is how many of those tips are repeated by the majority of you.  Can you spell c-o-n-s-e-n-s-u-s?

The vast majority of them are Mac versions of general Best Practices, but with a few software-specific tweaks.  Here is a list sent in from Kim at Pepperdyne:

1. Keep your firewall up - the Mac firewall is decent - use it consistently.
2. Keep patched - its better for Jobs' engineers to do a job on your computer, than for an intruder to do so. If you want to check for patch problems because your system has critical uptime, I find macintouch.com to be a prompt bellwether for patching issues. Oh, and see #3
3. Back up your system - an external HD and Carbon Copy Cloner is an effective solution for single computers. Back up to an encrypted HD image and/or physically secure your backup disk.
4. Do updates and installs with an administrator account; do your web and email with a different account.
5. Keychain is a huge advantage on the Mac, but definitely use a strong password. I advise one that is over 15 characters to defeat the behind-the-scenes LANMAN hashing that takes place on Macs that provide windows fileshares.
6. Turn on Filevault home directory encryption. As strong as your password x 128-bit AES. Make a strong master password and put it in an envelope and place it with your secret papers (tell your partner/lawyer/boss/spouse where it is, as appropriate).  I've been using FileVault under Tiger for over a year. My home directory has survived crashes and forced reboots (yah, they happen on Macs) on both Intel & PPC architectures.

If you have a tip, shoot it in using our contact form and I'll post them here throughout the day.

Cheers!

g

 

Keywords:
0 comment(s)
Diary Archives