Useful
Tools - NetInfo Manager
Getting
into NetInfo is outside the scope of this class.
See the von
Stauber presentations for more on NetInfo
Be careful with this
tool and the command-line tools (nidump, niutil, etc.) But
you should know that they exist in case you come across a howto
that requires their use.
|
Put
simply, NetInfo is a central directory for storage of service
information
(e.g., DNS lookups, but it does more than that). It’s
a distributed database
system, inherited from the days of NeXT. Since there aren’t many large
OS X
environments, it’s usually manifested as a local database just on your
machine.
Use Netinfo Manager to view information, but don’t change anything unless
you know what you’re doing. Among other things, you can use it to create
non-standard shares beyond the OS X default.
The OS X System Administration guide goes into some detail about NetInfo
and its security implications, see his references for more info. |
|
Useful
Tools - Terminal
We’ve
already mentioned the Terminal a bunch of times. It’s your
window onto the CLI.
There is a Terminal-related caveat in OS
X: aliases and symlinks |
The
Terminal is how to get at the CLI on OS X. The default shell
is tcsh, I use
bash. With some tweaking, you can get color-coded dir listings,
syntax
highlighting in Vim, etc. All that cute Unix stuff. Google for what you want
to
do and odds are that someone will already know how.
Terminal caveat: Mac aliases created in the Finder (which operate like
symlinks or Shortcuts) do not behave properly from the Terminal, at least not
in bash. They are treated as empty files. Furthermore, symlinks created in the
Terminal will not work as aliases in the Finder. It’s a quirk. |
|
Useful
Tools - tcpdump
Covered
in detail in another class
Use sudo, and remember that the Mac’s ethernet interface is
called en0, not eth0, and you have to specify it explicitly:
sudo tcpdump -i en0 …
MacSniffer is a nice front end |
Tcpdump
is included in OS X. It needs to be run with sudo or as root,
and you
always have to tell it which interface to use (en0 by default).
MacSniffer is a good graphical front end for it, written by the same
guy that
wrote BrickHouse. |
|
Useful
Tools - MacSniffer
|
MacSniffer
lets you select options like capture size, how much header
info to
show, hex/ascii data, name lookups on or off, etc. and you
can create and run
filters to pick out the data you want to see. Ethereal-esque. |
|
Useful
Tools - MacJanitor
Shareware or freeware program for doing system cleanup tasks
like log rotation, cache cleanup, etc. Good to use if you have
to shut down your Mac every night, since that may prevent a
lot of tasks from running.
|
It’s
important to keep your logs working properly, since that’s
likely to be the
first place you look if you have a security problem. |
|
Useful
Tools - CheckMate
Preference
pane to generate MD5 checksums of key files and scan for changes.
|
Brian
Hill rules. CheckMate generates a list of MD5 checksums for
key files
(and for any other files you add to it) and re-scans on a schedule
you specify.
It
and emails you the scan results, and also sends an email alert if a checksum
has changed.
A caveat: If you toggle ftp on/off in the Sharing Pane, that does change
inetd.conf, which causes CheckMate to send an alert. Don’t panic. |
|
<<Back | Index | Next >>
|
