Check the following for services that don’t use hostconfig, launchd or cron: /Library/StartupItems/ /System/Library/StartupItem /etc/mach_init.d
-
-
Mac OS X: Enable X11 Forwarding
In the /etc/sshd_config file is a line that says: #X11Forwarding no You can change this to: X11Forwarding yes That will enable X11 forwarding. Of course, only do this if you know why (ergo I will not spell it out for you right now).
-
PGP FDE for Mac OS X
OK, so you can encrypt disks, but not the startup disk – although if you could (and you will be able to soon) then it would be far easier to mass deploy than other solutionz…
-
Mac OS X: Disable Delayed ack
Edit /etc/sysctl.conf as follows: net.inet.tcp.delayed_ack = 0
-
Mac OS X: Using OPFW
To set a password with OPFW: sudo OFPW -pass mypassword To set firmware mode to command mode: sudo /usr/local/bin/OFPW -mode 1
-
Mac OS X: NICL
nidump password .
-
Mac OS X: Another Site That Doesn't Get Updated Much
Well, mostly stuff for OS 9 but check it out anyway: http://freaky.staticusers.net/
-
securemac.com
This site isn’t being updated enough. Maybe I should start my own security site for the Mac. Not that I have time… Hmmmm…
-
Mac OS X: Hey, where's my admin user?
Hiding an admin user is a fairly straight forward task in Mac OS X. To do so, open Terminal and run the following command: defaults write /Library/Preferences/com.apple.loginwindow Hide500Users -bool YES Now, what if you sit down at a machine and you don’t see an expected admin user? Well, use that same command with a NO at the end to (hopefully) bring it back: defaults write /Library/Preferences/com.apple.loginwindow Hide500Users -bool NO
-
Mac OS X: DNSChanger Removal Tool
From SecureMac.com: SecureMac has released a free utility called DNSChanger Removal Tool to remove the DNSChanger Trojan Horse, also known as OSX.RSPlug.A and OSX/Puper, which has been found on numerous pornographic websites disguising itself as a video codec. Once downloaded and installed, DNSChanger changes the DNS settings on the computer, redirecting websites entered by the user to malicious sites. If personal information is entered on these malicious websites, it can lead to identity theft. If the DNSChanger trojan horse is detected, DNSChanger Removal Toolwill give you the option to remove it. If the DNSChanger trojan horse is detected and removed, you will need to restart your computer to clear out the bad DNS entries added…