Maximum Mac OS X Security (Paperback)
暫譯: Mac OS X 最大安全性 (平裝本)

John Ray, William C. Ray

Maximum Mac OS X Security (Paperback)
  • 出版商: SAMS
  • 出版日期: 2003-05-13
  • 售價: $1,910
  • 貴賓價: 9.5$1,815
  • 語言: 英文
  • 頁數: 768
  • 裝訂: Paperback
  • ISBN: 0672323818
  • ISBN-13: 9780672323812
  • 相關分類: MAC OS 蘋果電腦資訊安全

    • 已過版

買這商品的人也買了...

商品描述

Descriptions:

While Mac OS X is becoming more and more stable with each release, its UNIX/BSD underpinnings have security implications that ordinary Mac users have never before been faced with. Mac OS X can be used as both a powerful Internet server, or, in the wrong hands, a very powerful attack launch point.

Yet most Mac OS X books are generally quite simplistic -- with the exception of the author's Mac OS X Unleashed, the first book to address OS X's underlying BSD subsystem.

Maximum Mac OS X Security takes a similar UNIX-oriented approach, going into significantly greater depth on OS X security topics:

  • Setup basics, including Airport and network topology security.
  • User administration and resource management with NetInfo.
  • Types of attacks, how attacks work, and how to stop them.
  • Network service security, such as e-mail, Web, and file sharing.
  • Intrusion prevention and detection, and hands-on detection tools.

Table of Contents:

Introduction.

I. MAC OS X SECURITY BASICS: LEARNING TO THINK SECURE.

1. An Introduction to Mac OS X Security.

What Is Security? Traditional Mac OS Versus Mac OS X. Understanding the Threat. Summary.


2. Thinking Secure: Security Philosophy and Physical Concerns.

Physical System Vulnerabilities. Server Location and Physical Access. Server and Facility Location. Physical Access to the Facility. Computer Use Policies. Physical Security Devices. Network Considerations. Summary.


3. People Problems: Users, Intruders, and the World Around Them.

Your Users: People with Whom You Share Your Computer. The Bad Guys: People Who Would Do Your System Harm. Everybody Else. Summary.

II. VULNERABILITIES AND EXPOSURES: HOW THINGS DON¿T WORK, AND WHY.


4. Theft and Destruction of Property: Data Attacks.

Keeping Data Secret: Cryptography, Codes, and Ciphers. Data-Divulging Applications. Steganography and Steganalysis: Hiding Data in Plain Sight, and How to Find and Eliminate It. Summary.


5. Picking Locks: Password Attacks.

Typical Password Mechanisms. Testing Password Security. Improving Password Security, and Alternatives to the Standard Password Mechanisms in Mac OS X. Summary.


6. Evil Automatons: Malware, Trojans, Viruses, and Worms.

Defining Software Behavioral Space. Malware. Malware Threats. Solving the Problem. Summary.


7. Eavesdropping and Snooping for Information: Sniffers and Scanners.

Eavesdropping and Information Gathering. Monitoring Traffic with tcpdump. Sniffing Around with Ettercap. Network Surveys with NMAP. Other Information-Gathering Tools. Ethics of Information Gathering. Additional Resources. Summary.


8. Impersonation and Infiltration: Spoofing.

Spoofing Attacks. Spoofing Defenses. Summary.


9. Everything Else.

DoS. Buffer Overflows. Session Hijacking. Everything Else. Additional Resources. Summary.

III. SPECIFIC MAC OS X RESOURCES AND HOW TO SECURE THEM: SECURITY TIPS, TRICKS, AND RECIPES.


10. User, Environment, and Application Security.

Adding a New User. Using the NetInfo Database to Customize a User. Sane User Account Management. Skeleton User Accounts. Command-Line Administration Tools. Restricting User Capabilities. Summary.


11. Introduction to Mac OS X Network Services.

What Is a Network Service? Network Service Vulnerabilities. Controlling Mac OS X Network Service Processes. Protecting inetd with TCP Wrappers. Increasing Security with xinetd. Summary.


12. FTP Security.

FTP Vulnerabilities. Activating the FTP Server. Configuring the Default lukemftpd FTP Server. Setting Up Anonymous FTP. Replacing the Mac OS X FTP Server. Alternatives to FTP. Summary.


13. Mail Server Security.

Basic Vulnerabilities. Sendmail. Activating Sendmail on Mac OS X. Protecting Sendmail. Updating Your Sendmail Installation. Postfix as an Alternative. Installing Postfix. Protecting Postfix. Delivering Mail—UW IMAP. Summary.


14. Remote Access: Secure Shell, VNC, Timbuktu, Apple Remote Desktop.

What Is SSH? SSH Vulnerabilities. Vulnerabilities in telnet and rlogin. Activating SSH. Advanced SSH Features. GUI Access Methods. Summary.


15. Web Server Security.

Introducing Apache. SSL-Protected Apache. Additional Resources. Summary.


16. File Sharing Security.

Apple Filing Protocol. WebDAV. Sharing Files with Samba. Common Unix Printing System. Other Resources. Summary.

IV. PREVENTION, DETECTION, AND REACTION TO ATTACKS: HEALTH CARE AND CHECKUPS FOR YOUR MACHINE.


17. Blocking Network Access: Firewalls.

Firewalling. Built-In GUI Mac OS X Firewall Tools. Built-In Command-Line Mac OS X Firewall Tools. Firewall Hardware. Firewall Resources. Summary.


18. Alarm Systems: Intrusion Detection.

What Is Intrusion Detection? Psionic PortSentry. Snort. IDS Resources. Summary.


19. Logs and User Activity Accounting.

The Role of Logs. User Logins and Accounting. Automated Log Monitoring: LogSentry. Common System Log Changes. Summary.


20. Disaster Planning and Recovery.

What Is Disaster Recovery and Why Do You Need It? Creating a Disaster Recovery Plan. Mac OS X Backup Software. Synchronizing Files: rsync. Summary.

V. APPENDIXES.


Appendix A. Glossary.
Appendix B. Security Resources.
Appendix C. Secure Web Development.

Web Development Risks. Protecting Your Web Applications. Adding and Using suEXEC. Testing for Known CGI Vulnerabilities: Whisker. Additional Resources.


Index.

商品描述(中文翻譯)

描述:
隨著每次版本的推出,Mac OS X 變得越來越穩定,但其 UNIX/BSD 的底層架構帶來了普通 Mac 使用者從未面對過的安全隱患。Mac OS X 可以作為強大的網際網路伺服器使用,或者在錯誤的手中,成為一個非常強大的攻擊發起點。

然而,大多數 Mac OS X 書籍通常相當簡單,除了作者的《Mac OS X Unleashed》,這是第一本針對 OS X 的底層 BSD 子系統進行探討的書籍。

《Maximum Mac OS X Security》採取類似的 UNIX 導向方法,深入探討 OS X 安全主題:

- 設定基礎,包括 Airport 和網路拓撲安全。
- 使用 NetInfo 進行用戶管理和資源管理。
- 攻擊類型、攻擊如何運作以及如何阻止它們。
- 網路服務安全,例如電子郵件、網頁和檔案共享。
- 入侵預防和檢測,以及實用的檢測工具。

目錄:
引言。

I. MAC OS X 安全基礎:學會安全思考。
1. Mac OS X 安全簡介。
安全是什麼?傳統 Mac OS 與 Mac OS X。理解威脅。總結。

2. 安全思考:安全哲學與物理考量。
物理系統漏洞。伺服器位置與物理訪問。伺服器與設施位置。對設施的物理訪問。計算機使用政策。物理安全設備。網路考量。總結。

3. 人員問題:用戶、入侵者及其周圍的世界。
你的用戶:與你共享計算機的人。壞人:會對你的系統造成傷害的人。其他人。總結。

II. 漏洞與暴露:事物如何不運作,以及為什麼。
4. 盜竊與財產破壞:數據攻擊。
保持數據秘密:密碼學、代碼和密碼。洩露數據的應用程序。隱寫術與隱寫分析:在明處隱藏數據,以及如何找到並消除它。總結。

5. 撬鎖:密碼攻擊。
典型的密碼機制。測試密碼安全性。改善密碼安全性,以及 Mac OS X 中標準密碼機制的替代方案。總結。

6. 邪惡自動機:惡意軟體、木馬、病毒和蠕蟲。
定義軟體行為空間。惡意軟體。惡意軟體威脅。解決問題。總結。

7. 竊聽與情報收集:嗅探器與掃描器。
竊聽與信息收集。使用 tcpdump 監控流量。使用 Ettercap 進行嗅探。使用 NMAP 進行網路調查。其他信息收集工具。信息收集的倫理。其他資源。總結。

8. 假冒與滲透:欺騙。
欺騙攻擊。欺騙防禦。總結。

9. 其他所有內容。
DoS。緩衝區溢出。會話劫持。其他所有內容。其他資源。總結。

III. 特定的 Mac OS X 資源及其安全性:安全提示、技巧和配方。
10. 用戶、環境和應用程序安全。
添加新用戶。使用 NetInfo 數據庫自定義用戶。合理的用戶帳戶管理。骨架用戶帳戶。命令行管理工具。限制用戶能力。總結。

11. Mac OS X 網路服務簡介。
什麼是網路服務?網路服務漏洞。控制 Mac OS X 網路服務進程。使用 TCP Wrappers 保護 inetd。使用 xinetd 增加安全性。總結。

12. FTP 安全。
FTP 漏洞。啟用 FTP 伺服器。配置默認的 lukemftpd FTP 伺服器。設置匿名 FTP。替換 Mac OS X 的 FTP 伺服器。FTP 的替代方案。總結。

13. 郵件伺服器安全。
基本漏洞。Sendmail。在 Mac OS X 上啟用 Sendmail。保護 Sendmail。更新你的 Sendmail 安裝。Postfix 作為替代方案。安裝 Postfix。保護 Postfix。郵件投遞—UW IMAP。總結。

14. 遠端訪問:安全外殼、VNC、Timbuktu、Apple Remote Desktop。
什麼是 SSH?SSH 漏洞。telnet 和 rlogin 的漏洞。啟用 SSH。進階 SSH 功能。GUI 訪問方法。總結。

15. 網頁伺服器安全。
介紹 Apache。SSL 保護的 Apache。其他資源。總結。

16. 檔案共享安全。
Apple Filing Protocol。WebDAV。使用 Samba 共享檔案。通用 Unix 列印系統。其他資源。總結。

IV. 預防、檢測和對攻擊的反應:你的機器的健康檢查與保健。
17. 阻止網路訪問:防火牆。
防火牆。內建的 GUI Mac OS X 防火牆工具。內建的命令行 Mac OS X 防火牆工具。防火牆硬體。防火牆資源。總結。

18. 警報系統:入侵檢測。
什麼是入侵檢測?Psionic PortSentry。Snort。IDS 資源。總結。

19. 日誌與用戶活動記錄。
日誌的角色。用戶登錄與記錄。自動日誌監控:LogSentry。常見系統日誌變更。總結。

20. 災難計劃與恢復。
什麼是災難恢復,為什麼需要它?創建災難恢復計劃。Mac OS X 備份軟體。文件同步:rsync。總結。

V. 附錄。
附錄 A. 詞彙表。
附錄 B. 安全資源。
附錄 C. 安全的網頁開發。
網頁開發風險。保護你的網頁應用程序。添加和使用 suEXEC。測試已知的 CGI 漏洞:Whisker。其他資源。

索引。

類似商品