• JAMF

    Guest Blogging for the #jnuc on Vulnerability Assessments

    In case anyone missed this fact: I love to write. The nerdier the content, the better. And when I heard that the JAMF Nation User Conference had a session for InfoSec (and specifically around how we do vulnerability assessments), I knew that was my kind of session. So, the marketing team was kind enough to let me write it up. Here it is on the JAMF Software blog: http://www.jamfsoftware.com/blog/jamf-software-security-and-vulnerability-assessments/.

  • Articles and Books,  Bushel,  Consulting,  Mac OS X,  Mac OS X Server,  Mac Security,  Mass Deployment,  personal

    Childproof Your Mac

    When I put a computer in my daughters room, I soon realized I could no longer watch over her shoulder as she worked away at school games, Minecraft and of course Civilization (after all, that was my first game). So much as I wrote an article a long time ago about child-proofing an iPad, now I’m writing about child-proofing a Mac. For me, I find that child-proofing is a bit like taking my kid to McDonald’s. I said never ever ever ever would I do this and then… Well, peer pressure, ya’ll… So if I have to do it, I figure someone else might. So here’s a quick and dirty guide to doing…

  • Business,  Mac Security,  personal

    Be A Good Patriotic American By Renting Sony’s The Interview

    Recently I’ve read a lot of things about the attacks against Sony. I’ve read that they’re nothing more than extortion attempts by hackers that probably live in their parents basements (based on the fact that the initial demands didn’t mention North Korea at all). I’ve read they were orchestrated by China by people who felt North Korea was being picked on and couldn’t stand up for themselves. I’ve read highly unconvincing reports from the FBI that they were orchestrated by North Korea. No one really knows. I can send traffic to servers from anywhere in the world. Anyone can anonymize their web traffic as easily as using a ToR plug-in…

  • Bushel

    Bushel Interview with Tech.mn

    Slowly but surely information about what I left 318 to do has been leaking out. And I wouldn’t say leaking. More like being broadcast to the world. I’ve worked on a few little things here and there at JAMF Software since my arrival. But my core duty is to shepherd the development and strategy behind a new Mobile Device Management tool called Bushel. A little more about Bushel is available here, and I’ll likely post more about it here when the time is right: http://tech.mn/news/2014/11/04/jamf-software-bushel-apple-device-management/ And to access the Bushel site: http://www.bushel.com And some of the writing that are now finding their way onto the Bushel blog: http://blog.bushel.com

  • Mac OS X,  Mac OS X Server,  Mac Security,  Mass Deployment

    Pentesting Mac OS X Server With Nessus 5

    One of my favorite tools for penetration testing is Nessus from Tenable Network Security. Nessus 5 is the latest release in the family of vulnerability scanners that is probably amongst the most prolific. Nessus 5 does discovery, configuration auditing, profiling, looks at patch management and performs vulnerability analysis on a variety of platforms. Nessus can also run on a Linux, Windows or Mac OS X and can be used to scan and keep track of vulnerabilities for practically any platform, including Mac OS X. To install Nessus, go to the Nessus site and click on the Download button, around the middle of the page. Agree to the download agreement and…

  • Mac OS X,  Mac OS X Server,  Mac Security,  Mass Deployment

    10 Tips on Policy Enforcement and Tracking for Mac OS X

    Large deployments of Mac OS X based systems are becoming more and more prevalent. In some ways, this is due to one to one programs and more frequent enterprise deployments of Mac OS X. As such, people are more and more looking to manage systems. And any time you have systems being managed, those using managed systems start looking to break the management of the computers. Therefore, a new topic comes up: trying to discern when a system has broken out of the management framework. For example, how do you know when users have broken your firmware password? How do you know when they’ve circumvented your managed preferences framework to…

  • Network Infrastructure

    Free Junos

    For some time, Juniper has been agressively trying to win converts from Cisco. Not only in terms of sales, but also the hearts and minds of the engineers who influence purchasing decisions. Aggressively going after engineers has meant that for years, Juniper has made their certifications essentially free for those of us who were certified with Cisco. But now, they’re starting to cast their net a little wider and go after getting anyone and everyone certified for free, provided of course that you can pass the test. Juniper’s Junos is being offered for free for a limited time. If you’re interested in beefing up your security and/or networking skills, this…

  • Mac Security

    Finding Stolen Machinery

    I got this press release and thought it was pretty interesting. It’s just a cut/paste, and hasn’t been edited: BREAKING NEWS – New York City – MacPhoneHome finds another stolen computer! Late on a recent Sunday night, a Columbia University student was crossing Morningside Park returning to the Columbia University campus. He was accosted by four knife wielding thugs who beat him and robbed his MacBook Pro laptop, iPhone and wallet. The student advised Columbia University security personnel that since his laptop was partitioned with both a Windows and Mac Partition, he had installed both PC PhoneHome and MacPhoneHome tracking and recovery software on his computer which is available by…