A
little bit of history.
MacOS < OS X has no command line.
“ Where’s the DOS?” There isn’t one.
Control vs. simplicity 3
|
MacOS
versions prior to OS X have no command line. The “GUI” you
see IS the actual OS, not just a user interface on top
of an underlying OS structure. This may seem obvious, but
people have asked me “Where’s the DOS?” There
isn’t one.
So, WYSIWYG for real. Depending on your point of view, this
can be extremely comforting, or extremely frustrating. Or both.
|
|
There
can be only one.
Historically, single-user systems Multi-user
addons: AtEase, Multiple Users
But, no over-the-network console login
Timbuktu
|
Macs
were historically always single-user systems. Things like
AtEase (and more recently, Multiple Users, which comes
with the OS) allow for different users with different levels
of access privileges (kinda like the Win98 login). But
there is no over-the-network console login. You can’t
remotely connect to your Mac as though you’re sitting
at the actual keyboard. (Well, there is Timbuktu...we’ll
talk about that later.)
|
|
Macs
can serve
Some built-in server functionality
• File Sharing
• Printer Sharing
• Personal Web Sharing With 3rd party apps, FTP/Gopher server, etc. Remote
administration -- Timbuktu.
|
Some
built-in server functionality exists, but with limited over-the-network
user control.
In other words, “out of the box” Macs can share
files (File Sharing), act as print servers for printing over
the network (Printer Sharing), and serve web pages (Personal
Web Sharing). With the shareware program NetPresenz, a Mac
can be an FTP/web/gopher server.
But remote administration of a (non-OS X) Mac is tricky. Perhaps
the most powerful tool for this is Timbuktu. |
|
Ok,
so what’s Timbuktu?
Server component on one Mac
Client on another Mac
Client can control the server
iMac = LoJack! |
Like
PCAnywhere. Load the server component on one Mac, load the
client on another Mac, and the client can control the server.
You can even move the cursor, open/close apps, etc. on the
remote machine. Nice for teaching and presentations.
Also nice for turning a stolen iMac into a LoJack. :) See handout
# 2 or URL below.
Not really important to our class, but OH so cool. |
|
General
Security implications
Single-user-ness -- inconvenient, but aids security.
• Typically, not a lot of services listening on ports
• No remote login Basic services - relatively easy to do safely
Without physical access, not much a bad guy can do |
| The
Mac’s single-user-ness, while sometimes inconvenient,
helps contribute to its security. You generally do not have
a bunch of services listening on ports and you cannot log
in remotely. Even if you do set up file and web sharing,
it’s pretty easy to do it safely. Without physical
access to the machine, there is not much a bad guy can do
to a stock Mac. |
|
Unique
is Good
(Apple users have learned how to find the silver
lining in a mushroom cloud.)
Macs are a small population -- security advantage
Example: Viruses.
• Creators want large-scale effects, so, go after the big target -- Windows.
• Why bother with Macs? Too small of a target. |
Mac
users, by virtue of being part of a relatively small population,
have some significant security advantages.
Take viruses. People who create viruses and worms tend to want
their little creations to have large-scale effects. This is
part of the reason why there are so many Windows viruses --
big target. Who’s going to bother to spend all the time
and effort making a piece of Mac-specific malware that affects
maybe ten percent of all computer users? |
|
Unique,
but still pretty versatile
Security tools available for Macs that you might
not have known about:
• PGP, email with SSL support, SSH, SFTP, personal firewalls, antivirus
software, VPN clients, traceroute, ping, sniffers, file encryption tools, etc.
Lots are free, or cheap shareware. Many available on Dartmouth’s
PUBLIC file server. |
PGP: MacPGP
(for older systems -- free), Network Associates PGPFreeware
(free for academics), GPG for OS X (GPL, free)
SSL email: Eudora, Outlook/Entourage, Communicator?
All free, all available for OS X or Classic
SSH: MacSSH (free), F-secure SSH for Mac (payware,
big academic discount, but MacSSH is better anyway). SSH is
built in to OS X.
SFTP: MacSFTP Carbon, MacSFTP Classic, shareware
(cheap)
Personal firewalls: Norton for Mac, commercial,
academic discount. OS X has built-in fw, Brickhouse front end
is shareware.
Antivirus: Various. Norton is good, academic
discount.
VPN -- CheckPoint VPN-1 for MacOS 8 and up.
Commercial, academic price unknown.
Traceroute -- WhatRoute. Free. Get from PUBLIC.
Not needed on OS X.
Ping -- MacPing. Free, PUBLIC. Not needed
on OS X.
Sniffers -- Etherpeek, NetWatchman, others…most
seem to be payware, but you can use demos for free.
File encryption -- PGP (see above), Apple
File Encryption tool, Stuffit Lite (stuff and require password
-- not really encryption, but does help hide the data in a
pinch). Available for OS X or Classic, free. |
|
Versatile
in not so nice ways
Macs were not completely overlooked by the black
hat community…
• Several groups develop Mac hacking software
• Online sources of Mac hacks, e.g. Freaky’s, alt.hackintosh, HotLine
servers, etc.
• There were/are a variety of blackhat tools and exploits for Mac |
In
spite of the uniqueness factor, Macs were not completely
overlooked by the black hat community. A handful of small
but dedicated underground hacker groups do develop Mac hacking
software, and websites devoted to Mac hacks, e.g. Freaky’s
Macintosh hacks archive, alt.hackintosh, HotLine servers,
and more.
There were/are a variety of blackhat tools and exploits
for Mac.
AtEase and File Sharing hacks, SubSeven trojan, portscanners,
keystroke loggers, BackOrifice client (for Mac users who want
to 0\/\/N BO’d Windows victims), anonymous emailers,
DOS attacks (early version of Open Transport had a bug, it
was used in a DDOS attack here at Dartmouth and it brought
our network to its knees)... etc. |
|
What
to do
Now:
OS X, the Unix-based next generation of Mac OS. We’re
not so unique anymore.
Our focus:
How to secure your Mac using mainly the tools that came with
it, and how you can use the network/Internet more securely.
Mac OS 9.x and Mac OS X. Not OS X Server. |
And
now, we have...OS X, the Unix-based next generation of MacOS,
and EVERYTHING has changed. We’re not so unique anymore.
We’re going to focus on how you can secure your Mac using
mainly the tools that came with it, and how you can use the
network/Internet more securely. Starting with old MacOS (still
in use on a lot of old and not so old machines, and as a second
boot choice under OS X), and then moving on to OS X (now preinstalled
on new Macs).
We won’t be getting into Mac OS X Server, but the same
principles that apply to normal OS X also apply to Server. |
|
Physical
Security
Crucial. Generally, if someone has physical
access to your Mac, they can own it.
• Boot from external devices
• Single-user mode (OS X)
• Mess with OF
• OS X can dual-boot into OS 9, rendering Unix file permissions moot
Options:
Security cage, disable single-user mode, password-protect OF,
password protect HD |
Crucial.
Generally, if someone has physical access to your Mac, they
can own it. They can boot from CD-ROM, Zip, netboot, external
USB/FireWire drive; in OS X, they can boot single-user mode
(root shell with no password), or boot old MacOS and OS X’s
permissions become moot (similar to dual-boot Windows machines)
Options:
Security cage. Block access to CD-ROM etc. and rear ports.
Annoying if it’s the machine you use every day.
In OS X, disable single-user mode in Open Firmware, then password-protect
OF. But that can cut both ways -- SUM is sometimes the last
resort for rescuing data. (The Miller handout mentions a utility
to password-protect single-user mode -- I have not tried it,
but that might be a good thing to add.)
For MacOS, there is third party software for password-protecting
the hard disk such that it can’t be mounted even if you
boot of other media. Don’t forget the password though...
|
|
Physical
Security Solutions
Realistically: Be sensible.
• In a server environment, lock and key
• In a dorm, hide the power cord or the mouse, or pull the hard drive power
connector and then lock the case with a padlock. :) No tools needed. |
Realistically,
the best option is to be sensible.
In a server environment, important machines should be under
supervision and/or lock and key anyway.
In a place like a dorm, you can discourage the casual nosiness
of your roommate’s friends when you’re not there,
by doing something like hide the power cord or the mouse, or,
for the slightly geekier approach, pull the hard drive power
connector and then lock the case with a padlock (the case has
a built-in loop for this purpose). |
|
File
Sharing
Client use:
• Prep
• AppleTalk “on” (see Chooser)
• Appletalk set to proper network interface (AppleTalk Control Panel -> Ethernet)
• Connecting to shares
• Old and new way (same end result, new way is a bit easier and more flexible). |
First,
client use. Quick howto:
Make sure AppleTalk is “on” (see Chooser) and that
it is pointed at the right network interface (AppleTalk Control
Panel, choose Ethernet.)
Connecting to shares the “old school” way:
Apple Menu -> Chooser -> AppleShare -> pick
a zone -> pick a server from the list of
servers in that zone -> connect using a
logon and password, or select “Guest” if available/applicable.
The newfangled way:
Launch Network Browser (from Apple Menu, probably)
-> pick a domain (or just go for AppleTalk)
-> look for servers, connect as above. |
|
Password
Encryption
Starting with MacOS 9, File Sharing passwords
are encrypted BUT…
ONLY if both the client and server are running OS 9.x or better.
Backwards compatibility.
Newer client will default to a clear text password in order
to accommodate the older Mac.
Login window will indicate the level of security of the password
transfer. |
| Starting
with MacOS 9, File Sharing passwords are encrypted (I don’t
know the scheme), but ONLY if both the client and
server are running OS 9.x or better. In other words,
to maintain backwards compatibility, if a MacOS 9 user tries
to connect to a MacOS 8 server (or another old server, like
Linux with netatalk), then the OS 9 client will default to
a clear text password in order to accommodate the older Mac.
You will be able to tell when you go to login -- the login
window will indicate the level of security of the password
transfer. If it says “clear text” then watch
out. |
|
OS
9 on both ends
MacOS 9 to MacOS 9
|
| |
|
OS
9 to old server
MacOS 9 to Linux Netatalk
|
| |
|
OS
9 to OS X
MacOS
9 to OS X (Diffie-Hellman Exchange)
|
| |
|
What
if it IS clear text?
Sensitive
data?
Only copy?
• If so, use encryption, or another medium Access privileges?
• Impostors logging in as you, what could they do?
Server admin contact?
Duplicate password? |
Is
the data on the other end extremely sensitive or is it the
only copy? Perhaps you should encrypt it or compress and
password-protect the file(s) first, or use another more secure
medium to transfer them.
What access privileges does your account have on that server?
(In other words, if someone did sniff your password, and that
person later logs in as you, can he damage the system? It would
look like YOU did it.)
Can you contact the server admin and ask him to change your
password to something else? (You can usually change it yourself,
but of course if the whole communication is unencrypted, then
the new password will also be visible to a sniffer.)
Are you using the same password that you use for other things
(like BlitzMail, KClient, your web account, etc.)? A bad guy
will probably try applying that password to these other services. |
|
Done
with client, now: Server FS
Lots
of (better) alternatives…
• Dartfiles
• Blitz
• Dartmouth ftp
• Floppy, Zip, CD-R or CDRW
• USB/FireWire HD |
IDon’t
do it unless you have to. Alternatives:
Put copies of your most-used and/or current working files in
your 10MB folder on Locker, Strongbox, or Vault.
Blitz them to yourself.
If you have a homepage at Dartmouth, make a directory on the
ftp server where your webpages live, and use that to move files
around (you have 5MB of storage for web files, more than most
would ever need for webpages).
Carry a floppy or Zip disk. If you have a CD burner, carry
a CDR or CDRW with copies of your stuff on it. Media is cheap.
External hot-swappable drives (how about your iPod? ;) are
getting cheaper. |
|
The
point of diversification
Eggs
in one basket and all that. Lose a copy at worst, your Mac
doesn’t go down with it.
You might want File Sharing anyway:
• Collaboration on group projects
• Fun stuff (sharing games, pictures, or mp3s How to do it safely. |
If
someone hacks into your Strongbox folder, or Webster, or
you lose the Zip disk, then you’ve lost only a copy
of your stuff. Beats the heck out of someone breaking into
your Mac and deleting the originals or nuking your System
Folder.
But, File Sharing is nice and lots of people use it not only
for retrieving things remotely, but also for collaborating
on group projects (you and your project partners could upload
and download each other’s work from a shared folder,
for example) and for fun stuff (sharing games, pictures, or
mp3s -- of course, only the legal ones). So let’s go
into how to do it right. |
|
|
