Sidebar Sidebar
Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.

General Security Questions

S

SC68Cal

macrumors 68000
Original poster
Feb 23, 2006
1,642
0
Hey everyone, I was just reading a whitepaper on securing OS X, and that got me thinking. How likely is a home user to be attacked? I currently have a webserver in my dorm that is only able to be accessed by people inside of the Temple network.

But regardless, I only allow HTTP requests, SSH shell logins, iTunes sharing, and windows file sharing. I'm slightly concerned about the windows file sharing (because it's windows, and we all know anything with windows in it has to have a hole somewhere) but frankly the permissions only allow public read, and no write cababilities.

Are most of the security threats based on user error? meaning that a program or virus is installed?

I guess the best way to find out if my security is tight is go find some script kiddies and get their scripts that they (didn't) write and attempt to do some cracking against my dorm computer. I'm already looking into some SSH v1 exploits, because my dorm computer I believe allows SSH 1 connections.

Sorry for the stream-of-consciousness of this post. It basically boils down to how likely am I to get attacked, and what is the most that they can do.

Basically, if I lock down my SSH (if not outright disable it) and only allow HTTP, how badly can I be attacked? I mean, I guess the worst is a DNS attack (but basically I can stop that by changing the apache config)?

EDIT: Links for my own reference
http://users.tkk.fi/~kalyytik/hacker/ssh-crc32-exploit_Korpinen_Lyytikainen.html#3.1 First incidents
http://www.macgeekery.com/tips/security/basic_mac_os_x_security
http://www.zone-h.org/en/index
 
SC68Cal said:
Are most of the security threats based on user error? meaning that a program or virus is installed?
Click to expand...

Well in a literal sense, yes most breaches are based on user error, because there are rarely widespread exploits which don't already have patches released.

The most common scenario is either a naive user clicking their way into executing something malicious.

Second most common is people running scripts which scan consecutive IP addresses and look for open ports. Open ports generally have either defined or common services associated with them. Sophisticated scanning software, like nmap, can make a really good guess about what OS is running based on which ports are open and how they respond. Once a cracker thinks he knows what OS you're running, he looks it up in an exploit database and tries to find matching exploits. He'll then run each matching exploit until he either gets in or they all fail.

The latter scenario is probably not terribly common. Although there are lots of people out there portscanning, there aren't a whole lot of easy, unpatched vulnerabilities. I've heard of the SSH1 you mentioned but I'm not terribly worried about it. If you're doing anything notable with your website, though, then your machine might become a target for attack. The sad truth is that really good security is way too complex for even sophisticated end users...just keep installing the patches as they come out and lock down all services you don't use.
 
Thank you for your input, it is much appreciated. Okay, so worst case scenario: I get attacked and they deface my website. All I do is restore it from a backup and move on with my life right?
 
SC68Cal said:
Thank you for your input, it is much appreciated. Okay, so worst case scenario: I get attacked and they deface my website. All I do is restore it from a backup and move on with my life right?
Click to expand...

Yeah I overlooked your comment about running a web server. Are you using any CGIs or DBMS (like mySQL)?
 
savar said:
Yeah I overlooked your comment about running a web server. Are you using any CGIs or DBMS (like mySQL)?
Click to expand...

Lord no. I'm just cutting my teeth on client-side Javascripts. I'm not even into server-side Javascript or JSP or ASP, which I have books for sitting on my bookshelf that are waiting for finals to be over to read.

Frankly, most of my hosting needs never have been above simple HTML, even when I had a small web development busniess.

Honestly, my biggest achievement in fantastical web development was using Fireworks to batch generate a picture gallery for our club website @ www.templepaintball.com
 
I think with what your doing and the security measures on the macGeekery page you should be pretty safe. If you dont plan on using SSH disable it, or at least force it to SSH v2 and use a different port.

Just one thing, you mention itunes shareing and windows sharing, just make sure that you use some sort of undescriptive name for the shares. I had my powerbook at my university and during a security course the students scanned the subnet, while I was pretty confident they couldnt get into my mac I neglected to remove my name from the itunes share, the bastards found it and because I was their tutor at that stage they scanned the living crap out of my powerbook. No harm, but it was a pretty humiliating and stupid mistake. I got back at them when I marked their finals! LOL
 
Lollypop said:
the bastards found it and because I was their tutor at that stage they scanned the living crap out of my powerbook.
Click to expand...

So they basically set up a mini-DOS (Denial of Service) attack on you? That's pretty funny.
 
SC68Cal said:
So they basically set up a mini-DOS (Denial of Service) attack on you? That's pretty funny.
Click to expand...

They tried, but didnt get far. The class was rather fast pased and the lecturer moved on to other stuff very fast, so it was a mini-DOS of 2 minutes!
 
You must log in or register to reply here.
Register on MacRumors! This sidebar will go away, and you'll see fewer ads.
Top Bottom
Back