Edit /etc/sysctl.conf to change the following line: net.inet.ip.fw.verbose_limit = 65535
-
-
What is a Kerberos Realm
A realm is where the kerberos database is stored. The realm lives on one computer (KDC) and can have read-only slave servers (kinda’ like a cluster). Each realm will have a listing in the following files /private/var/db/krb5kdc/ .k5.FQDN.OF.REALM (secret key) kdc.conf (configuration file for the KDC) kadm5.acl (access control list for KDC)
-
Interview with SANS Leadership Lab
Interview I did with Stephen Northcutt of the SANS Institute: http://www.sans.edu/resources/leadershiplab/osx_security.php
-
SANS Course on Mac OS X Security
I originally posted this at http://www.318.com/TechJournal The SANS Institute recently released a course by Charles Edge (er, me) on Mac OS X Security Fundamentals. The course is described in the following manner: “SANS is the leader in Information Security. This course on securing Mac OS X is the fastest way and most comprehensive way to get up to speed on applying the principals of the information security industry to the Mac. Written and taught by one of the security veterans of the Mac community, this course covers how real world security concepts are applied to the Mac with real world examples from the Mac community. The course offers a balanced…
-
Mac OS X: Showing Invisible Files
I originally posted this at http://www.318.com/TechJournal Have you ever been looking for some files an you just can’t find them. Well, maybe they’re hidden. If you need to see hidden files, use the following command:defaults write com.apple.finder AppleShowAllFiles -boolean true killall Finder The problem with seeing hidden files is that you see a lot of stuff that you really probably don’t want to see. So to get back to a state where you don’t have to see all of the invisible files, use the following command: defaults delete com.apple.finder AppleShowAllFiles killall Finder
-
HOWTO: arp poisoning made easy
So arp can display the table for name to Ethernet address resolution. That’s pretty easy, just run arp with a -a flag and it will show you all the other systems in your arp table. the table is managed dynamically. But what if you wanted to set one in there statically. Well, you could use the arp with a -s flag followed by the host name and then the ethernet address you want to assign for that host name. If you point a host name to an invalid address then you’ve poisoned your arp cache.
-
Mac OS X: Forensics
It’s old but it’s good: http://www.afp548.com/Articles/security/postmortem.html
-
Xsan Presentation from Black Hat
My Xsan presentation from Black Hat 2006, in Las Vegas, NV: bh-us-06-edge
-
Abstract for my Mac OS X Security Tools talk at DefCon 2006
https://forum.defcon.org/archive/index.php/t-7554.html
-
Mac OS X Server: LayerOne Presentation on Mac OS X Server Security
Below is the presentation I gave at the LayerOne Security conference in May of 2006 in Pasadena, CA. Topic was Mac OS X Server Security. mac_server_security-layerone-charles_edge