Mac OS X now operates on a UNIX engine. As such it is much more powerful than previous operating systems. It is now a multitasking, multithreaded, multi-user, and multiprocessor system with enhanced interoperability with other systems. Along with that increased power comes increased security vulnerability. Part I introduces readers to the basics of OS X security. Part II addresses system security beginning at the client workstation level. This section addresses UNIX-specific information such as permissions, executables, and network protocols and the related security concerns. Part III covers network security. The chapters in this section will cover security for internet services, file sharing, and network protection systems. Part IV addresses enterprise security using a variety of tools (Kerberos, NetInfo, and Rendezvous) as well as workstation configurations to illustrate how OS X Server and OS X inter-operate. The final section addresses auditing and forensics and what to do when an OS X network is compromised. This section teaches readers to audit systems painlessly and effectively and how to investigate and handle incidents.
Bruce Potter, Senior Software Security consultant at Cigital, Inc., is the founder of The Shmoo Group, an organization of security and cryptography professionals. He is also the founder and president of Capital Area Wireless Network, a nonprofit community wireless initiative based in Washington, DC. He has spoken at the Black Hat and DefCon conferences.
Preston Norvell is a long-standing member of the Shmoo group and the originator of MacSecurity.org, a Shmoo Group-sponsored organization specializing in Mac OS security. By day he is a Project and Security Engineer for Mercury Data Group.
Brian Wotring is an independent software engineer and founder of knowngoods.org, an online database of file signatures. He is also the author of Osiris, a host integrity management application. An active member of The Shmoo Group, Brian has authored and ported many security related applications to Mac OS X and Mac OS X Server.