Security

• Unlike most vendor UNIXen, ships in a reasonably secure default configuration

  • inetd services all disabled

  • user explicitly enables select services, through GUI or by modifying text files

• ipfw installed, but configuration defaults to open access

  • ipfw on Mac OS X

  • Brick House (GUI configuration app)

• Follow normal UNIX security practices

• MacSecurity.org

• Tips

  • Don't enable single-user emulation

  • Disable the automounter "by hand" in /etc/hostconfig if you don't need it

  • First user account created is an "administrative" user, as defined by membership in group "admin"

  • root password is set to be the same as the administrative user

Send comments to: leonvs@occam.com
Copyright © 1999-2000 Leon Towns-von Stauber. All rights reserved.