 | ||||||||
|
[ home | newsletter | past | join | listserve | shareware | directory | links | md9 ]
View all our book reviews. Or, view our Software, hardware, and game reviews.
by Dave Johnson
"From a security standpoint, they (Macintoshes) might as well have been toaster ovens: They didn't have a shred of security built in, and didn't need it either, because there wasn't a thing you could do to compromise a toaster oven," so starts Mac OS X Maximum security. The authors continue by explaining how we users of the Macintosh demanded more features and power from our Macs. And with that new power came new vulnerabilities. This book is divided into four parts: 1) Security Basics, 2) Vulnerabilities and exposures. 3) Specific Mac OS X Resources and How to Secure them, and 4) Prevention, Detection and Recovery. I wish parts 1 and 2 were available as "Mac OS X Security in a nutshell." The authors do an excellent job of explaining potential threats without the hysteria. A reader of parts one and two will have a much better idea of what they need to be concerned about and better yet, what they do not need to be concerned about. Part one should be read by every Macintosh owner. The authors introduce the reader to computer security and get you to think about security in terms of what an attack might do: Steal your data, hijack your resources or deny access to your system, and what the consequences of a successful attack could be for you. They also explain not all successful attacks are due to errors in the system but are often a result of laziness of the user. Part two is more technical and discusses specific types of attacks and what the attacker is hoping to accomplish. They introduce the reader to the world of Malware, Trojans, viruses, and worms. How they work to exploit vulnerabilities in your system. By the end of this section you will have a strong respect for the importance of good passwords and security procedure; it lays the groundwork for sections 3 & 4 by introducing the concept of a "Computer Use Policy." Such a policy may not be of much use for the individual user, but it becomes very important in a computer lab or office environment. In section three they discuss applications such as Sendmail and Apache how to install, configure and make them secure. While their explanations are clear, they give only a brief mention of OS X Server. Someone wanting to set up and configure Sendmail is most likely to be doing it on a server, not a client machine. Worse, their approach often bypasses features Apple has built in the OS without explaining why. Many of these bypasses will be overwritten by future Apple updates. You will have to keep track of the patches you have applied so you can reapply them after each update. It would have been nice if for example they would have spent some time on why you might want to use sendmail over Apple's mail server. The fact they ignore OS X Server limits the book's usefulness. In the final section they cover Firewalls, Intrusion detection, Logs and Disaster Planning and Recovery. The discussion on Firewalls considers the software firewall built into OS X, how to use it and how to tweak it even more that the standard GUI allows. They then compare that to consumer and commercial hardware firewalls and how they differ, and where each is appropriate. Discussion continues with protecting your system with tools such as PortScan, Snort and Guardian.. The section on Logs and logging will make many readers' eyes glaze over. Logs are often boring, but when a problem occurs, knowing how to read logs is a great asset in determining what went wrong.. They finish up with the one subject so many of us fail to consider—Disaster Planning: Emphasizing the importance of regular backups and having a plan in place so you know ahead of time what you have to do when disaster strikes.. Overall I think this is an excellent and timely book. They make the user aware of the security risks of running server software without the "the sky is falling" hype. However an administrator who is looking for help to safeguard an OS X server is going to be somewhat disappointed. They have a companion web site at htttp://www.macosxunleashed.com with additional discussions and updates.
View all our book reviews. Or, view our Software, hardware, and game reviews. [ home | newsletter | past | join | listserve | shareware | directory | links | md9 ] © 2004 by Samuel Leidy & MLMUG |
||||||||
