| Subcribe via RSS

Mac OS X Security Configuration Guides

June 2nd, 2010 | No Comments | Posted in Security, Software

Apple has now released a 272-pages Security Configuration Guide for Mac OS X 10.6 (Snow Leopard).

Security guides for Mac OS X 10.3, 10.4 and 10.5 are also available at the same site:

Mac OS X Security guides:

http://www.apple.com/support/security/guides/

Tags: , ,

Mac OS X DNS workaround failed

August 2nd, 2008 | No Comments | Posted in Security

The latest Mac OS X security update (2008-005) failed to fix (or temporarily solve) the DNS vulnerability in the client version of Mac OS X 10.5 and 10.4. The update solved (temporarily) the same problem in Mac OS X server, but somehow Apple forgot to update the client libraries. The source port is still not randomized (but incremented by 1 each time). So, is this really a critical problem? Or should we worry more about DNS servers behind NAT?

Read more details about how the DNS workaround failed in Mac OS X 10.5 or how the DNS Workaround Failed in Mac OS X 10.4

Tags: , , , , , , , , ,

Mac OS X Security Update

August 1st, 2008 | 1 Comment | Posted in Security

Apple just released a new security update for Mac OS X (Security Update 2008-005). It affects Mac OS X Server 10.4, Mac OS X 10.4.11, Mac OS X Server 10.5 and Mac OS X 10.5.4. Its supposed to fix security issues in the following software: Open Scripting Architecture, BIND, CarbonCore, CoreGraphics, Data Detectors Engine, Disk Utility, OpenLDAP, OpenSSL, PHP 5.2.5, QuickLook and rsync.

Read the details about the security update here: Apple Mac OS X Security Update 2008-005

Tags: , ,
technoblog@trap.threatobs.com