security for file sharing via TCP/IP and other Macintosh security issues

security for file sharing via TCP/IP and other Macintosh security issues

Post by Mike Levi » Thu, 03 Jul 2003 12:36:15



Hi all -

    I have a Mac in my office (running OS 9) to which I connect from home by
File Sharing via TCP/IP. Recently another computer in the building was
hacked remotely and a bunch of files were erased. I am now concerned about
mine; is there any sort of software package that can be applied over the
file sharing to give a higher degree of security? And, is there any known
way to access a Mac on the internet if the file sharing is turned off?
    On a related issue, to monitor access to the Mac "in person" (people
using the machine from the console, is there any good software which can act
like a password protected screen saver, except that it 1) has several
possible passwords (so I can assign individual passwords to valid users, and
2) records the password and the date/time it's entered (so I can tell who is
using it when)?

I would greatly appreciate any suggestions (please cc: to

Mike

 
 
 

security for file sharing via TCP/IP and other Macintosh security issues

Post by Marc Heusse » Thu, 03 Jul 2003 15:09:32




Quote:>     On a related issue, to monitor access to the Mac "in person" (people
> using the machine from the console, is there any good software which can act
> like a password protected screen saver, except that it 1) has several
> possible passwords (so I can assign individual passwords to valid users, and
> 2) records the password and the date/time it's entered (so I can tell who is
> using it when)?

Is there a reason not to upgrade to Mac OSX?
It would give you some tools.

As for 2) it's not a good idea to record passwords, because this file
can be read by an intruder, therby getting many passwords.

If you need a record, just record accounts and attemps, but no passwords.
Or, if you need passwords, print them on a printer physically (they
cannot be read remotely).

Marc

--
Marc Heusser - Zurich, Switzerland
Coaching - Consulting - Counselling - Psychotherapy
http://www.heusser.com
remove the obvious CHEERS and MERCIAL... from the reply address
to reply via e-mail

 
 
 

security for file sharing via TCP/IP and other Macintosh security issues

Post by Robe » Fri, 04 Jul 2003 02:45:50



> Hi all -

>     I have a Mac in my office (running OS 9) to which I connect from home by
> File Sharing via TCP/IP. Recently another computer in the building was
> hacked remotely and a bunch of files were erased.

Was this a Windows computer?

Quote:> I am now concerned about
> mine; is there any sort of software package that can be applied over the
> file sharing to give a higher degree of security? And, is there any known
> way to access a Mac on the internet if the file sharing is turned off?
>     On a related issue, to monitor access to the Mac "in person" (people
> using the machine from the console, is there any good software which can act
> like a password protected screen saver, except that it 1) has several
> possible passwords (so I can assign individual passwords to valid users, and
> 2) records the password and the date/time it's entered (so I can tell who is
> using it when)?

See these software products:

http://docs.info.apple.com/article.html?artnum=31310

Note: At Ease is no longer under development and is not available for
purchase.

Multiple Users and Macintosh Manager have replaced much of the
functionality of At Ease (basic) and At Ease for Workgroups
respectively. Multiple Users is part of Mac OS 9, and Macintosh
Manager is available for AppleShare IP 6.x Servers and Mac OS X
Server. Macintosh Manager 1.3 works with Mac OS 7.6.1 through Mac OS
9.x client computers.

For more information on Macintosh Manager, please refer to the
following articles:

Article 75333: Macintosh Manager 1.3: Read Me

Article 60089: Mac OS X Server: Macintosh Manager Theory of Operation

I recommend upgrading to MacOS X if your environment allows it.

Robert

 
 
 

security for file sharing via TCP/IP and other Macintosh security issues

Post by Mike Levi » Sat, 05 Jul 2003 23:54:57




Quote:>> I have a Mac in my office (running OS 9) to which I connect from home by
>> File Sharing via TCP/IP. Recently another computer in the building was
>> hacked remotely and a bunch of files were erased.

> Was this a Windows computer?

Nope - another Mac.

Quote:>> I am now concerned about
>> mine; is there any sort of software package that can be applied over the
>> file sharing to give a higher degree of security? And, is there any known
>> way to access a Mac on the internet if the file sharing is turned off?

>> On a related issue, to monitor access to the Mac "in person" (people
>> using the machine from the console, is there any good software which can act
>> like a password protected screen saver, except that it 1) has several
>> possible passwords (so I can assign individual passwords to valid users, and
>> 2) records the password and the date/time it's entered (so I can tell who is
>> using it when)?

> See these software products:

> http://www.veryComputer.com/

> Note: At Ease is no longer under development and is not available for
> purchase.

> Multiple Users and Macintosh Manager have replaced much of the
> functionality of At Ease (basic) and At Ease for Workgroups
> respectively. Multiple Users is part of Mac OS 9, and Macintosh
> Manager is available for AppleShare IP 6.x Servers and Mac OS X
> Server. Macintosh Manager 1.3 works with Mac OS 7.6.1 through Mac OS
> 9.x client computers.

> For more information on Macintosh Manager, please refer to the
> following articles:

> Article 75333: Macintosh Manager 1.3: Read Me

> Article 60089: Mac OS X Server: Macintosh Manager Theory of Operation

> I recommend upgrading to MacOS X if your environment allows it.

Thank you for the pointers to info - I'll check them out. As for OSX, I'd
love to - I used to admin Unix boxes and this would certainly make me more
useful with respect to security; but we are a biology lab with some *
hardware stuck onto these machines. None of it will work (yet, anyways) with
OS X...

Mike

 
 
 

security for file sharing via TCP/IP and other Macintosh security issues

Post by Mike Levi » Sat, 05 Jul 2003 23:56:56




2:09 AM:

Quote:>> On a related issue, to monitor access to the Mac "in person" (people
>> using the machine from the console, is there any good software which can act
>> like a password protected screen saver, except that it 1) has several
>> possible passwords (so I can assign individual passwords to valid users, and
>> 2) records the password and the date/time it's entered (so I can tell who is
>> using it when)?
> Is there a reason not to upgrade to Mac OSX?
> It would give you some tools.

> As for 2) it's not a good idea to record passwords, because this file
> can be read by an intruder, therby getting many passwords.

> If you need a record, just record accounts and attemps, but no passwords.
> Or, if you need passwords, print them on a printer physically (they
> cannot be read remotely).

Good ideas! Thanks. As for OSX, I'd love to - I used to admin Unix boxes and
this would certainly make me more useful with respect to security; but we
are a biology lab with some * hardware stuck onto these machines. None
of it will work (yet, anyways) with OS X...

Mike

 
 
 

1. file sharing via TCP/IP

I don't seem to be able to use this, either in classic or X. I do
believe thta I have all the necessary extensions installed, and I
beleive that all the configuration is correct (e.g IP addresses etc).
But still my macs can't talk over TCP/IP, either via a hub or crossover.
And yet I don't have this problem with Appletalk.

Any suggestions??

TIA.

2. HOW TO MAKE: 100VG Crossover cable

3. !!DDE->TCP/IP, REAL TIME DATA PUMP, Trans.DDE App.DATA via TCP/IP

4. Restart remote computer?

5. FIle sharing over TCP/IP on PowerPC 8500 MacOS 8.1 - possible?

6. Strange Problem

7. APS (and others) security HOLE

8. ZAURUS PALMTOP / PC COMMUNICATIONS

9. Microsoft Security Issue

10. Security issue with Micro$oft products

11. TCP/IP for Apple IIgs via AppleTalk???

12. ARA connection via TCP/IP no dial to computer

13. TCP/IP for Apple{Talk,Share}?