Re: Mac X-Server Security Questions...
From: Florian Rommel (frommel_at_gmail.com)
Date: 04/07/05
- Previous message: Douglas Schlachta (Sr. Infrastructure Securty Analyst): "RE: SUS server"
- In reply to: Brad Berson: "RE: Mac X-Server Security Questions..."
- Next in thread: John Jasen: "RE: Mac X-Server Security Questions..."
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Thu, 07 Apr 2005 21:05:37 +0300 To: Brad Berson <brad.berson@bytebrothers.org>
Hi Brad,
Ok, let's start this whole thing a bit slower...
May I ask why you would need file sharing (smb or apple) on an
unprotected internet connection? I mean OS X Server comes with a VPN
server and Other clients can connect to it (Windows and Mac AFAIK).
As far as not believing you, well I do believe you, the whole thing just
seemed so far out especially from a security perspective. Also you didnt
mention in your first post that this was a OS X server, just OSX machine
that got compromised. As for the non-NAT offices, yea I ave come across
a few as well. I have also come across some offices that bought firewall
services from a ISP and it was never enabled. You can imagine the
surprise when blaster hit.
About information.. I don't kow where you are located but the NSA OS X
guides seem to be very good for learning how to nail OS X down.
About your first post however, you did get kinda vague about the whole
setup, since I understood that the machines were Desktop machines and
were connected and file sharing was enabled by default. And you blamed
it on the Mac users.
"For several years PCs have been such a huge
target that folks in the Mac world have gotten a little too comfortable.
Only now in the past month I've personally seen two instances of
completely unprotected OS-X boxes getting almost totally compromised."
and then:
"Now in the PC world nobody in their right mind leaves Windows' file
sharing ports open to the Internet, yet in the Mac world it seems like
people leave AFP (and Samba) widely accessible."
However you wrote that filesharing is needed and that it had been
enabled, so how are people in the Mac world leaving smb and afp wide
open if it had to be enabled because it was needed?
You got a box compromised that had file sharing enabled widely open on
the internet. I could be the same would happen with almost any box.
Anyway, I guess we all got off on the wrong foot, so for that I
apologize however in my defense and by reading another reply to your
post, I wasnt the only one who "sniffed" some FUD....
Also I highly recommend the NSA guides, even if you dont llive in the US...
Kind Regards,
//Florian Rommel, CISSP
---------------------------------------------------------------------------
Earn your MS in Information Security ONLINE
Organizations worldwide are in need of highly qualified information security
professionals. Norwich University is fulfilling this demand with its MS in
Information Security offered online. Recognized by the NSA as an
academically excellent program, NU offers you the opportunity to earn your
degree without disrupting your home or work life.
http://www.msia.norwich.edu/secfocus_en
----------------------------------------------------------------------------
- Previous message: Douglas Schlachta (Sr. Infrastructure Securty Analyst): "RE: SUS server"
- In reply to: Brad Berson: "RE: Mac X-Server Security Questions..."
- Next in thread: John Jasen: "RE: Mac X-Server Security Questions..."
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
