RE: Mac X-Server Security Questions...

["Brad Berson" <brad.berson () bytebrothers org>]

> However I still find it hard to believe that these boxes got
> "almost totally" compromised AFTER all patches wer installed
> and no specific file sharing got enabled....

Florian, you may believe or disbelieve what you wish.  Ignoring things that don't fit into your belief system doesn't 
really accomplish anything, though.  I believe the facts speak for themselves, and let me first remind you, yes, the 
whole idea of that OS-X box being on the Internet was for file sharing so, yes, that was enabled.

Step 1.  Hook X-Server to cheap DSL router with NAT.  This way we know we're not getting hacked while not yet patched.
Step 2.  Install OS-X, enable file sharing (mentioning that explicitly this time as a reminder)
Step 3.  Install all patches (a couple of reboots necessary to get them all in)
Step 4.  Remove cheap router - X-Server now on unfiltered Internet connection
Step 5.  Watch with no surprise as log file fills with evidence of intrusion attempts.  Then reel in horror one hour 
later as log file fills with evidence of SUCCESSFUL intrusion attempts from an IP belonging to a school in Greece.

My post wasn't a troll, and there's NO FUD there either.  Facts are facts.  Sorry about not clarifying that "nobody in 
their right mind" comment - it was directed at the server world and my post is generally focused on server security 
issues.  Forget all the ignoramuses like sitting ducks on broadband connections, ignoring the little icon in Windows' 
system tray for two solid years flashing "updates are available" (and BTW, XP Home leaves sharing off by default), 
wondering why their connection seems so slow and accustomed to pop-ups flashing by when their browsers aren't even 
running.  I'm talking about putting _servers_ on the Internet and the fact remains, nobody in their right mind puts a 
Windows server on the Internet without protecting it.  Oh sure, a few people do, but it's a minority.  And I'm 
concerned because first hand I'm not see nearly so much caution from the folks putting X-Servers on the Internet.

I'm encountering a number of Mac -based offices that don't even have simple NAT and that's damn scary.  Facts are facts 
- ANYONE can get hacked regardless of OS - and this complacency behind the supposed superior security of [pick your OS] 
is not just dangerous, it's PROVEN dangerous.

If anything I'm getting FUD and trolls in some of the responses, including yours, and I really don't need it.  I admit 
being inexperienced with the Mac side of the world but I'm not an idiot and I'm not naïve.  Save the FUD and the 
difficult to substantiate claims (i.e. "the [Mac] users are much LESS gullable then the normal Windows user") for 
someone who wants an OS war, in some other forum, please.  I'm seeking information to educate myself and to protect 
myself and our clientele and that's it.

TTFN
-Brad

---------------------------------------------------------------------------
Earn your MS in Information Security ONLINE
Organizations worldwide are in need of highly qualified information security
professionals.  Norwich University is fulfilling this demand with its MS in
Information Security offered online.  Recognized by the NSA as an
academically excellent program, NU offers you the opportunity to earn your
degree without disrupting your home or work life.

http://www.msia.norwich.edu/secfocus_en
----------------------------------------------------------------------------