Check out Check Point FDE for the Mac!
-
-
Mac OS X: Forensics Group on Yahoo! Groups
http://tech.groups.yahoo.com/group/macos_forensics/
-
Mac OS X: Preferred Virus Software?
I prefer ClamXav, easy-to-use, light, with a good detection rate, and detects Win and Mac OS X virus. Others: . avast . iAntiVirus (virus for Mac OS X only) . Intego X5 . Norton . Mcafee . Sophos . CA
-
Login & Logout Hooks
If you want to have a script run when a user logs in and/or logs out then you’ll likely want to look into using login and logout hooks. A hook is a script that runs as root (although you can execute as the user with su). Hooks are enabled in the /var/root/Library/Preferences/com.apple.loginwindow. You can do so using defaults, writing the path to the script into LoginHook as a string as follows: defaults write com.apple.loginwindow LoginHook /scripts/script.sh If you only want to run the script once (ie – at first login) then you can end the script with a defaults command that will then reset the field. defaults write com.apple.loginwindow LogoutHook…
-
Mac OS X Server 10.5: Managed Preferences Update
I originally posted this at http://www.318.com/TechJournal If you’re familiar with Managed Preferences in Tiger then you’re basically already familiar with Managed Preferences in Leopard Server. But there are some great new features that Apple has provided us with by popular demand. These include the following: Applications There are now more features to the Applications Managed Preference. You can allow or disallow applications by selecting them individually or a folder. This means that you can allow access to applications located in the /Applications folder but disallow all applications located in the /Applications/Utilities folder. There are also now controls for allowing specific widgets and disabling Front Row. Finder There are new options…
-
iWork/iLife Documents 2008 and Retrospect
I originally posted this at http://www.318.com/TechJournal iWork ‘08 applications (Keynote, Numbers, Pages) and iLife ‘08 components including iPhoto, iTunes, Garage Band have a slight issue with Retrospect – their data files are not considered documents using the Documents Selector. Now in the case of iPhoto, iTunes and Garage Band this is probably a good thing. However, for Keynote, Numbers and Pages it’s more than likely that if you’re using these then you will want Retrospect to back them up. So if you are using selectors and you are using the Documents selector then check out this Knowledgebase article from EMC/Dantz: http://kb.dantz.com/display/2n/articleDirect/index.asp?aid=9632&r=0.2114527
-
Mac OS X Server 10.5: Introduction to RADIUS
I originally posted this at http://www.318.com/TechJournal Remote Authentication Dial In User Service (RADIUS) can help to take the security of your wireless network to the next level beyond standard WPA authentication. Prior to Leopard RADIUS communications could be obtained using Elektron or OpenRADIUS running on OS X – but in Leopard no 3rd party software is required beyond Leopard Server. So how difficult is it to setup RADIUS on Leopard? You be the judge after reading this quick walkthrough. For the purpose of this walkthrough we are going to assume that you are using the Advanced Mac OS X Server style. Before you begin this walkthrough, make sure that the…
-
Mac OS X: New Trojan Discovered
I originally posted this at http://www.318.com/TechJournal Monday, October 29th, 2007 – Intego issued a security alert about a new Trojan Horse called OSX.RSPlug.A targeting the Mac. OSX.RSPlug.A changes the DNS (Domain Name Server) address that infected systems use to access web sites and installs a new task on infected systems to change the DNS server again if the end user changes it back to what it was before. This is similar to many attacks against the Windows Hosts files. However, if anyone is going to get this worm they have to authenticate as an administrative user for their system to get infected. OSX.RSPlug.A has been found on some pornographic Web…
-
Mac OS X 10.5: Advanced Networking Options
I originally posted this at http://www.318.com/TechJournal Slight change from how things were done in Tiger/Tiger Server, but all the old options are there if you look. The first change is that now there is a wizard that you can use to configure your network interface. Since this is on more advanced topics we’ll skip that but it’s worth noting. Another shift is that a network interface is now referred to as a Service. So when you go to add a interface you will associate it with a Service Name. If you remove a Service using the – icon in the list you can always readd it by clicking on the…
-
Mac OS X: Troubleshooting Kerberos
First make sure your time is within the acceptable skew. Then, your first set of tools is kinit, kdestroy, kpasswd. Or just use the Kerberos.app in /System/Library/CoreServices. Next is kadmin and kadmin.local. More on those later.