Re: Penetration Testing on Mac OS X

From: Carl Jongsma <info@xxxxxxxxxxxxxx>
Date: Sat, 21 Jul 2007 12:17:47 +0930

Hi Michael,

OS X comes out of the box in a fairly secure state, though there are a small number of services that are running that could be of interest to the pentester. The recent talk of a new vulnerability targeting mDNSResponder could provide a means to enter a default installation.

What is of interest to pentesters will depend on how the target system has been setup. Apple patches for included third party software are a little bit delayed from when the developers release them, so if the target system allows Kerberos authentication for accessing services (for example), then there are some openings that can be targeted (if the system maintainer hasn't already patched them).

As with all systems, the choice and implementation of weak passwords is a common problem and probably the most significant over time.

An excellent resource for security related issues affecting Apple (besides news sources) is hackintosh.org. There is also the Apple Developer Connection and online source to Darwin. The NSA have released a paper detailing their recommendations on how to secure OS X, which may be a good read if you haven't already read it. Other than that, have a bit of a look around the net, there are a number of resources that can easily be found via Google.

Carl

Sûnnet Beskerming Pty. Ltd.
Adelaide, Australia
http://www.beskerming.com

------------------------------------------------------------------------
This list is sponsored by: Cenzic

Need to secure your web apps NOW?
Cenzic finds more, "real" vulnerabilities fast.
Click to try it, buy it or download a solution FREE today!

http://www.cenzic.com/downloads
------------------------------------------------------------------------

References:
- Penetration Testing on Mac OS X
  - From: michael-hermann

Prev by Date: Re: Hping2, packet crafting question...
Next by Date: howto - BackTrack2 Final in vmware fusion
Previous by thread: Penetration Testing on Mac OS X
Next by thread: RE: Penetration Testing on Mac OS X
Index(es):
- Date
- Thread

Relevant Pages

Re: Mac OS X Security - Not Quite as Strong as you Thought
... as they can keep fooling the public into thinking it is secure. ... You don't have any reason to imply that Apple is trying to fool the ... Apple has shown signs of complacency around security in the recent ... If Mac OS is "not properly secure" what would Windows be called? ...
(comp.sys.mac.advocacy)
Re: Mac OS X Security - Not Quite as Strong as you Thought
... Apple has shown signs of complacency around security in the recent past. ... As long as the perception is that the OS is secure, I don't think this situation will change. ... If Mac OS is "not properly secure" what would Windows be called? ...
(comp.sys.mac.advocacy)
Re: Recurrent question
... Apple is claiming ... >>exactly the opposite, a ". ... > Could you please explain to me how a "Secure Default Configuration" is ... nothing to do with security at all, and does not help with security ...
(comp.security.firewalls)
Re: Linux or OSX?
... > Is that because it ships with all services turned off by default? ... the BSD can be made equally secure. ... I use FreeBSD and swear by it. ... I also like linux and Apple as well. ...
(alt.computer.security)