SANS Security Checklist
There is now a security checklist covering 10.4 and with limited coverage of 10.4 Server available from the SANS S.C.O.R.E. team.
You can get the guide here.
Read more›There is now a security checklist covering 10.4 and with limited coverage of 10.4 Server available from the SANS S.C.O.R.E. team.
You can get the guide here.
Read more›A quick way to get secure hashes of all yer goodies
A glance at the underground sites shows a growing number of rootkits in development. Combine this with known, unpatched vulns, like the iSync mrouter privs escalation vuln, and I’m feeling naked without a tripwire.
Ed. Note: A tripwire application hashes a set of files and then looks for the files to change. Hopefully alerting you when that happens.
Read more›Monday’s Security Upate provides a fix to a critical vulnerability that allows malicious parties to trivially obtain administrative passwords.
In other words, it would behoove you to run this update sooner rather than later, or make sure you use a VPN when admining your server.
Read more›Get your update from Software Update or from Apple’s Update page.
A gargantuan boatload of fixes including Safari and Kerberos, so read the link to find out exactly what. This update is for 10.3.4-5 and 10.2.8.
Read more›Now that you know how to make a SSH tunnel how can you make it work without a password challenge?
Useful for automated processes, and lazy fingers, a public-private key set may be what you are looking for. You can also use keys with a passphrase for even more security.
Read more›
Recent Comments