Resources for Securing Mac OS X Panther, Tiger and Leopard


I will  be the first to admit that I am primarily a Windows and Linux user.  Not that I don’t like Macs, but the majority of my client base is single platform on the desktop (Windows) and either Windows or Linux servers. 

My lack of exposure to Macs, and subsequent lack of OS X-specific security understanding was made apparent to me this past week when I met with a large new educational client that was previously 95% Mac on the desktop.  Now they are down to about 50-50 Mac/PCs with a new mandate to become single platform, meaning converting from OS X to strictly Windows on the desktop.

I’m going to be making recommendations that will help this migration process, but in the meantime I have to make an assessment of their existing network and computing infrastructure, including down to the desktop level.  One of the assessment items includes workstation security, and like I said before, this is a major hole in my IT skillset, so I’m taking a crash course in OS X security this week.

I wanted to find a few online resources to prep with before I jumped head on into this project.  I know no one can become a security guru in a week, but everyone has to start somewhere.  I’m hoping my Linux security background will make digesting the OS X security information easier, but that is to be seen.

Here’s some of the resources I’ve found online that others may find usefull:

I’ve also ordered Foundations of Mac OS X Leopard Security by Charles Stephen Edge Jr.

 

 

 

2 Responses to “Resources for Securing Mac OS X Panther, Tiger and Leopard”

  1. Sebastien Says:

    Hi Julie,

    Just noticed your reference in your post. Hope my Securing Leopard article was a helpful primer into the world of OSX security. In actual fact you’ll find that securing an OSX system to a higher level doesn’t require too much additional effort. The next level up is using the usual access control mechanisms, and depending on how their Mac infrastructure is set up, the management of their identity and access management. In the end a good all-round security frame of mind will be more useful than in-depth knowledge of securing the OSX platform.

    It’s too bad to hear that they’re migrating away from OSX instead of towards it, but oh well, you win some, you lose some 😉

    If you’d like any additional help or info, please feel free to visit the Securethoughts Forums (http://www.securethoughts.net/forum/) where any security and OSX-related topics are welcome.

    Sincerely,
    Sebastien

  2. Glyn Geoghegan Says:

    Hi Julie,

    Just a quick note to let you know that we have released the updated guide to securing Leopard.

    It is available from:
    http://research.corsaire.com/whitepapers/technical.html

    Or directly at:
    http://research.corsaire.com/whitepapers/080818-securing-mac-os-x-leopard.pdf

    Regards,
    Glyn.


Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: