Security hardening and Bastille for OSX

Similar Messages

• Hi looking for a bit of free  anti - virus and firewall for osx 10.8.2

  hi looking for a bit of free  anti - virus and firewall for osx 10.8.2 any pointers also any one used Mac cleaner ?

  1. This comment applies to malicious software ("malware") that's installed unwittingly by the victim of a network attack. It does not apply to software, such as keystroke loggers, that may be installed deliberately by an intruder who has hands-on access to the victim's computer. That threat is in a different category, and there's no easy way to defend against it. If you have reason to suspect that you're the target of such an attack, you need expert help.
  2. All versions of OS X since 10.6.7 have been able to detect known Mac malware in downloaded files. This feature is transparent to the user, but internally Apple calls it "XProtect." The recognition database is automatically updated once a day; however, you shouldn't rely on it, because the attackers are always at least a day ahead of the defenders.
  The following caveats apply to XProtect:
  It can be bypassed by some third-party networking software, such as BitTorrent clients and Java applets (see below.)
  It only applies to software downloaded from the network. Software installed from a CD or other media is not checked.
  3. Starting with OS X 10.7.5, there has been another layer of built-in malware protection, designated "Gatekeeper" by Apple. By default, applications and Installer packages downloaded from the network will only run if they're digitally signed by a developer with a certificate issued by Apple. Software certified in this way hasn't actually been tested by Apple (unless it comes from the Mac App Store), but you can be reasonably sure that it hasn't been modified by anyone other than the developer. His identity is known to Apple, so he could be held legally responsible if he distributed malware. For most practical purposes, applications recognized by Gatekeeper as signed can be considered safe.
  Gatekeeper has, however, the same limitations as XProtect, and in addition the following:
  It can easily be disabled or overridden by the user.
  A malware attacker could get control of a code-signing certificate under false pretenses, or could find some other way to evade Apple's controls.
  For more information about Gatekeeper, see this Apple Support article.
  4. Beyond XProtect and Gatekeeper, there’s no benefit, in most cases, from any other automated protection against malware. The first and best line of defense is always your own intelligence. All known malware circulating on the Internet that affects a fully-updated installation of OS X 10.6 or later takes the form of so-called "trojan horses," which can only have an effect if the victim is duped into running them. The threat therefore reduces to a battle of wits between you and the malware attacker. If you're smarter than he thinks you are, you'll win.
  That means, in practice, that you never use software that comes from an untrustworthy source. How do you know whether a source is trustworthy?
  Any website that prompts you to install a “codec,” “plug-in,” or “certificate” that comes from that same site, or an unknown one, is untrustworthy.
  A web operator who tells you that you have a “virus,” or that anything else is wrong with your computer, or that you have won a prize in a contest you never entered, is trying to commit a crime with you as the victim. (Some reputable websites did legitimately warn users who were infected with the "DNSChanger" malware. That exception to this rule no longer applies.)
  “Cracked” copies of commercial software downloaded from a bittorrent are likely to be infected.
  Software with a corporate brand, such as Adobe Flash Player, must be downloaded directly from the developer’s website. No intermediary is acceptable.
  5. Java on the network (not to be confused with JavaScript, to which it's not related) is a weak point in the security of any operating system. If a Java web plugin is not installed, don't install one unless you really need it. If it is installed, you should disable it (not JavaScript) in your web browsers. Few websites have Java content nowadays, so you won’t be missing much. This setting is mandatory in OS X 10.5.8 or earlier, because Java in those obsolete versions has known security flaws that make it unsafe to use on the Internet. The flaws will never be fixed. Regardless of version, experience has shown that Java can never be fully trusted, even if no vulnerabilities are publicly known at the moment.
  Follow these guidelines, and you’ll be as safe from malware as you can reasonably be.
  6. Never install any commercial "anti-virus" or "Internet security" products for the Mac, as they all do more harm than good. If you need to be able to detect Windows malware in your files, use the free software ClamXav — nothing else.
  Why shouldn't you use commercial "anti-virus" products?
  Their design is predicated on the nonexistent threat that malware may be injected at any time, anywhere in the file system. Malware is downloaded from the network; it doesn't materialize from nowhere.
  In order to meet that nonexistent threat, the software modifies or duplicates low-level functions of the operating system, which is a waste of resources and a common cause of instability, bugs, and poor performance.
  By modifying the operating system, the software itself may create weaknesses that could be exploited by malware attackers.
  7. ClamXav doesn't have these drawbacks. That doesn't mean it's entirely safe. It may report email messages that have "phishing" links in the body, or Windows malware in attachments, as infected files, and offer to delete or move them. Doing so can corrupt the Mail database. The messages should be deleted from within the Mail application.
  ClamXav is not needed, and should not be relied upon, for protection against OS X malware. It's useful only for detecting Windows malware. If you don't need to do that, avoid it. Windows malware can't harm you directly (unless, of course, you use Windows.) Just don't pass it on to anyone else.
  8. The greatest danger posed by anti-virus software, in my opinion, is its effect on human behavior. When people install such software, which does little or nothing to protect them from emerging threats, they get a false sense of security from it, and then they may do things that make them more vulnerable. Nothing can lessen the need for safe computing practices.
  9. It seems to be a common belief that the built-in Application Firewall acts as a barrier to infection, or prevents malware from functioning. It does neither. It blocks inbound connections to certain network services you're running, such as file sharing. It's disabled by default and you should leave it that way if you're behind a router on a private home or office network. Activate it only when you're on an untrusted network, for instance a public Wi-Fi hotspot, where you don't want to provide services. Disable any services you don't use.

• I put a $15 iTunes card and the money went in but every time I try to buy a game it tells me to answer some security questions and I for got the answers. What do I do?

  I put a $15 iTunes card and the money went in but every time I try to buy a game it tells me to answer some security questions and I for got the answers. What do I do?

  Hi Dylain,
  You can manage your Apple ID account here: https://appleid.apple.com/
  Here's an article on how to reset those questions: http://support.apple.com/kb/HT5312
  If you have problems, you can contact Apple Support here: http://www.apple.com/support/itunes/contact/
  Hope this helps!
  ~Joe

• Security Approach and Plan for single logon for Essbase and Reports.

  Please any one can suggest me, how can I do the Security Approach and Plan for single logon for Essbase and Reports by using Maxl or Administrator.If any one have code,please forward to my email Id: [email protected]

  Once you are logged in to the "Hyperion Portal" as you call it, your user credentials are automatically passed among all the components. Therefore, a lot of the logic you created to pass credentials between BQY files in a desktop environment are no longer needed.

• Powershell script for security groups and users for multiple share folders

  Hi scripting team,
  I need your help with powershell script for the below queries 
  1. List out the security groups for more than one server share path and output it to a file ( csv ) 
  For eg.
  If the are are two share paths 
  \\servername\foldermain\folder1
  \\servername\foldermain\folder2
  So I needs the list of security groups for each share path
  And the output needs to be under each any every path.
  2. Grab the users belongs to main security groups and it nested groups for more than one security group and listed the users under each and every group. No need to display nested groups. Just users belongs to main group and users under nested.
  Your teams help is much appreciated 
  Thank you.
  Thilochana kumararatne

  Hi Braham,
  Thanks for your quick reply.
  Are we able to do this on two stage method
  1. grab the security groups from the share paths
  if can grab the share path from a separate txt file than copying it to the <your path> location
  so i can modify the txt file
  once run the script
  if can the output like below to a CSV file
  \\servername\foldermain\folder1group 1group 2group 3\\servername\foldermain\folder2group 1group 2group 3then i know which groups belongs to which share paththen i can remove the duplicate groups and keep the common groups to grab the users belongs to itso with the second script same as the first copy the security groups to a txt file and the out put as below.what I needs is the users full name and the samaccount name ( user id )group 1user1user2user3
  group 2user1user2user3looking forward your help on thisThank you.Thilo

• MacBook and Word for OSX

  I use Word all the time on the MacBook, problem is it constantly quits on its own, no warning. The document and the icon disappear. I get a little dialogue box to notify apple if I want. I did this a few times then stopped. This is Word for OSX and I never had a problem with it on my old iBook. Anybody else have this problem or know what to do. Safari sometimes quits on its own too, but I don't loose data when that happens, its only an annoyance. Of course when I want to shut down, then nothing seems to want to quit.

  The current version of Office Mac is 2011.
  The last version of Quicken for Mac is 2007.
  Both will work with 10.6.8 on your MacBook Air.

• Security update 2008-005 for OSX 10.4.

  My mate has an intel iMac running OSX Tiger 10.4. which is now not starting up. This problem occurred as he was downloading the 2008-005 security update yesterday. Any suggestions or solutions on how to get his iMac up and running again please? He didn't run disc utility before-hand. I am sure he will do so in the future , assuming he can the Mac going again.

  Hello and Welcome to Apple Discussions ...
  Try resetting the System Management Controller: http://support.apple.com/kb/HT1543?viewlocale=en_US
  Carolyn

• HT5312 security question, and email for Send reset security info

  hello,
  i forgot answer for my security question, but my email for Send reset security info email to j•••••@poczta.onet.pl is not current
  please help me .what can i do?

  We can't help you here, we don't even have access to (legitly) Directory Services.
  Please check with AST.
  Check the AppleCare number for your country here:
  http://support.apple.com/kb/HE57
  Call them up, and let them know you would like to be transferred to the Account Security Team.

• More secure forms and CAPTCHA for non-BC sites?

  Spam is ramping up...
  Clients are unhappy.
  When can we expect this issue to be addressed?
  Loving Muse and Edge :)
  Thanks!

  The short answers are:
  There are no forms enhancements in the Q2 release. The Q2 release is currently in late Beta. Subscribers who can accept the terms of the Non-disclosure Agreement are invited to participate in the Beta program by going to museprerelease.com.
  Addressing the need for CAPTCHA and/or similar technology for sites hosted on non-Adobe hosting is a high priority for the Q3 release of Muse.
  We're not ignoring your pleas. The Q2 release marks the first release of work that started nearly 2 years ago. Completing the changes that are part of the Q2 release has required long hours and the full attention of the entire development team. We simply have not had the bandwidth to ponder anything else. We all look forward to that changing once the Q2 version of Muse is released.
  Options for limiting or eliminating spam prior to the Q3 release of Muse include:
  1) Verify your hosting includes a compatible version of SQL.
  This will not elminate spam, but it does throttle the number of submissions a spammer can submit via your form. For your site go to http://<yoursiteurl.com>/scripts/form_check.php This URL will load a page that will report the status of the form processing on your site. Confirm there's a green checkmark next to SQL Configuration.
  2) Use a third party forms service.
  JotForms, WuFoo and Adobe Forms Central all provide very powerful services for creating and managing forms that require little or no knowledge of HTML coding. The forms created using one of these services can be pasted as an HTML object on a page in Muse.
  3) Use a third party form processing library.
  This solution requires some knowledge of coding. Products such as CoffeeCup software's forms solution can be used with Muse.
  4) Host the site, or at least the form page, on Adobe Business Catalyst.

• Does CME support Secure SIP and SRTP for endpoints ?

  I have searched through official cisco documents and web, but no info. The idea is to configure CA, CAPF server, CTL client etc ... as stated in CME Admin guide for TLS implementation. However endpoint config part is missing (voice register pool) as well as global setting part (voice register global). Anyone tried to implement this or have any info ?  

  Hi nlwright0408,
  Thanks for using Apple Support Communities. Based on what you stated, it sounds like you want to know if there is an authenticated SMTP. I would recommend that you read this article, it may be able to help the issue.
  TCP and UDP ports used by Apple software products - Apple Support
  25
  TCP
  Simple Mail Transfer Protocol (SMTP)
  5321
  smtp
  Mail (for sending email); iCloud Mail (sending)
  587
  TCP
  Message Submission for Mail (Authenticated SMTP)
  4409
  submission
  Mail (for sending mail), iCloud Mail (SMTP authentication)
  Cheers,
  Mario

• HT1491 I am trying to reset my security questions and I am not getting any reset email. Can somebody help me?

  I am making my first purchase on iTunes and since it is my first purchase, the security questions were asked.  I forgot the answers to the security questions and requested for an email to reset my answers. It has been three days now and I still haven't received any email. Can somebody help me?

  If you aren't getting the email, and you've checked the spam folder on your rescue email account as well as the inbox, then you could try contacting iTunes Support or Apple to get the questions reset.
  e.g. you can try contacting iTunes Support : http://www.apple.com/support/itunes/contact/ - click on Contact iTunes Store Support on the right-hand side of the page, then Account Management , and then 'Forgotten Apple ID security questions'
  or try ringing Apple in your country and ask to talk to the Accounts Security Team : http://support.apple.com/kb/HE57

• Developing security Roles and profiles

  Hi Team,
  Can you guys let me know how to develop security roles and profiles. We are rolling out for a company in Japan, and the congif is completed. We are in the process of developing test cases ans also security roles and profiles for users? Can somebody guide and help me on this?
  Regards,

  Hi,
  Use Tcode = PFCG -->then create any customized roles and profiles for any users on module based.
  user masters: USR01 to 09, UST04,
  profiles: USR10, USR11, UST10S, UST10C,
  authorisations: USR12, USR13, UST12.
  password exceptions USR40.
  History tables(may not be applicable but FYI): users: USH02, USH04,
  profiles: USH10, auths USH12.
  R/3 Security Tcodes
  End User Transaction Code  Menu Path   Purpose
  SU3  System > User Profile> Own Data  Set address/defaults/parameters
  SU53  System > Utilities > Display Authorization Check  Display last authority check that failed
  SU56  Tools --> Administration --> Monitor --> User Buffer  Display user buffer
  Role Administration Transaction Code  Menu Path   Purpose
  PFCG
  Tools --> Administration --> User Maintenance --> Roles  Maintain roles using the Profile Generator
  PFUD   Work on SAP check indicators and field values
  Select: Copy SAP check IDu2019s and field values
  Installation
  1. Initial Customer Tables Fill
  Upgrade
  2a. Preparation: Compare with SAP values
  2b. Reconcile affected transactions
  2c. Roles to be checked
  2d. Display changed transaction codes
  SU24
  Same as for SU25:
  Select: Change Check Indicators > Maintain Check Indicators>Maintain 
  Regards,
  Srini Nookala

• HT5312 Reset security questions and answers

  How do i find the answers or reset my security questions?

  You can't reset your security questions withour knowing the previous answers. You may wish to contact itunes store support for further help. Here's how to submit your ticket for that:
  Visit:
  https://expresslane.apple.com/
  Follow these steps:
  All Products and Services > iTunes > iTunes Store > Account Management > iTunes Store account security
  Answer the questions and if required sign in with your Apple ID and password - same one you used to log in on this support forum.
  You will find an option to send an email to Apple on that page. Indicate that you forgot the answers to your security questions and wait for iTunes support to reply.
  I hope this helps.

• Is there a recent security update for OSX version 10.6.8?

  Is there a recent security update for OSX version 10.6.8?

  I am getting more confused. I have Lion 10.7.5 and thought this would not be susceptible to SSL problem.
  I also took Lanny's advice and went to "gotofail.com" and it said I was SAFE.
  Can I assume I am OK?
  Also,i have an ipod 4g and went to the same gotofail, and it also said I am safe. I have not udated the security patch as do not have sufficient space (need 2.7gig) but someone suggested a  go around which I have not tried yet.
  I am accessing the net via a Veiizon jet pak, and not using open networks.
  Please comment

• Wipe Mac OSX and reinstall for resale

  The theory is that I want to sell my mac at some point and erase all reference to online banking, passwords, security codes, and any hidden software errors that may exist before I hand it over to the next owner. Bear with me cos I know this is a very common question BUT im quite confused.
  Ive read talk of carbon copy programs boot discs etc argh. is it really needed.
  Basically this is the stage i can get up to then somone fill in the rest?
  Right using Backup from .mac I'll back up all my Home Folder. Im also doing a full drag and drop copy of the home folder to an external hard drive to have a non compressed or archive backup.
  Next, do i need to use the disk utility OR do I need to just insert the OSX disc and follow the prompts? Im thinking I want to install the OS on a clean hard drive you see rather than just copying over the other...
  Ok thats as far as I have got.

  Step 1: Backing up current machine
  If you want to retain a backed up version of your machine, then use something like Carbon Copy Cloner, SuperDuper!, etc. to make a bootable backup/clone onto an external, bootable HD. That allows you to use the Migration Assistant to transfer your stuff to a new machine.
  Step 2: Preparing the machine for sale
  This is the way I prepare old machines that came with OS X installed, which allows them to act just like one from the factory. First, boot with the Apple Hardware Test disk that came with the machine, run the extended tests, and make sure everything passes. Then, boot with the restore disk that came with the machine (holding down the C key until you get a screen), erase and zero the HD. When that's finished, reformat it Mac OS Extended, install the OS 9 drivers (if the machine can boot into OS 9), and then restore the software.
  When finished, click on the restart button, holding down the CMD+S keys. This puts the machine into single-user mode and gives you an Unix command line terminal screen. When the text stops scrolling, type in this command and click the return key:
  shutdown -h now
  This shuts down the computer; the next time it is turned on, the Setup Assistant will appear and the new user will get to personalize it. This also alleviates the necessity of presetting any display parameters, internet and e-mail settings, etc. As long as the monitor can hook up to the machine, the OS will select a usable resolution and the user can use the Display prefpane to suit their needs. They'll also have to run Software Update and bring everything up to the latest version.
  BTW, include all the software disks and manuals that came with the machine.