Never Ending Security

It starts all here

Tag Archives: Tips

Mac OS X Hardening Tips, Guides, Checklists, Tools and Utility’s


Hardening Mac OS X:
http://www.macshadows.com/kb/index.php?title=Hardening_Mac_OS_X

OS X Hardening Guide:
http://www.davidsalomon.name/CompSec/auxiliary/Mac%20OS%20X%20Hardening%20Guide.pdf

Mac Hardening Guidelines:
https://techwiki.uwm.edu/display/SecOfficeStandGuide/Mac+Hardening+Guidelines

OS X Hardening: Securing a Large Global Mac Fleet
Video: https://2459d6dc103cb5933875-c0245c5c937c5dedcca3f1764ecc9b2f.ssl.cf2.rackcdn.com/lisa13/castle.mp4
PDF Slides: https://www.usenix.org/sites/default/files/conference/protected-files/castle_lisa13_slides.pdf
Or watch the video online at: https://www.usenix.org/conference/lisa13/os-x-hardening-securing-large-global-mac-fleet

ENRW OS X checklist and hardening guide:
https://www.ernw.de/download/hardening/ERNW_Checklist_OSX_Hardening.pdf

Roll your own malware detection:
http://jacobsalmela.com/roll-your-own-malware-detection

Mac OS X Server Hardening Checklist:
https://wikis.utexas.edu/display/ISO/Mac+OS+X+Server+Hardening+Checklist

Guide to Hardening Your Firefox Browser in OS X (pdf):
www.bishopfox.com/download/977

Mac OS X security benchmarks:
http://benchmarks.cisecurity.org/downloads/browse/index.cfm?category=benchmarks.os.unix.osx

Official Apple security configuration guides (OS X 10.3 to 10.6):
https://www.apple.com/support/security/guides

Hardening by Disabling Unnecessary Services:
http://www.cyberciti.biz/faq/disabling-unnecessary-mac-osx-services

DEF CON 11 – Jay Beale – Locking Down Mac OS X:
https://www.youtube.com/watch?v=dk7lSxyYU_s

iSight Disabler:
http://www.macupdate.com/app/mac/23346/isight-disabler

SecurityGeneration Guide:
http://www.securitygeneration.com/securing-leopard/creating-and-managing-accounts

Safegadget.com guides:
http://www.safegadget.com/30/free-security-how-to-computer-security-computer-protection-on-macintosh
http://www.safegadget.com/32/free-security-how-to-internet-security-computer-protection-on-macintosh

NSA Security Guides:
https://www.nsa.gov/ia/mitigation_guidance/security_configuration_guides/operating_systems.shtml

-= TOOLS AND UTILITY’S=-

Harden Your Mac OS X Firewall With Icefloor:
http://www.larrytalkstech.com/icefloor-harden-mac-os-x-firewall

HnTool: Hardening Tool for *nixes
https://github.com/hdoria/HnTool

latig0sx: OS X Auditing & Hardening
https://github.com/lain77z/latig0sx

duraconf – A collection of hardened configuration files for SSL/TLS services:
https://github.com/ioerror/duraconf

Lynis – Security auditing and hardening tool for Unix/Linux based systems:
https://cisofy.com/download/lynis

Chkrootkit:
http://www.chkrootkit.org/download

Maltego & CaseFile
http://www.paterva.com/web6/products/download.php

BASE, Basic Analysis and Security Engine
http://sourceforge.net/projects/secureideas/

Security Tools Collection:
http://sourceforge.net/projects/sectools/

OSSEC, an Open Source Host-based Intrusion Detection System:
http://www.ossec.net

Snort, Intrusion Detection System:
https://www.snort.org

Radmind:
http://sourceforge.net/projects/radmind

Nefu – A network monitoring daemon:
http://rsug.itd.umich.edu/software/nefu

Nessus vulnerability scanning solution for auditors and security analysts:
http://www.tenable.com/products/nessus/select-your-operating-system

AIDE – Advanced Intrusion Detection Environment:
http://sourceforge.net/projects/aide

Troubleshooting Tool for Macs with AppleJack:
http://applejack.sourceforge.net

Webmin, web-based interface for system administration of UNIX:
http://sourceforge.net/projects/webadmin

DansGuardian Webmin Module:
http://sourceforge.net/projects/dgwebminmodule

Checksec.sh
http://www.trapkit.de/tools/checksec.html

More software can be found on:
http://www.securemac.com