> If your macs are running MacOS X, which is pretty much BSD-based, you can at > least try to scan it as a BSD box and then based on the results try some bsd > exploits for 68k processor or whatever... at least it gives some clues... > > it seems that default install is very unprotected, somewhat like default > redhat install - it even has portmapper running there - I attached here > results of "netstat -a" and "ps -aux" of a PowerBook (not mine, I don't know > much about Mac, I asked a friend to run those commands on his machine). I > guess soon we'll have lots of bsd exploits ported to mac with a mac-specific > shellcodes :))) > Actually the MAC OS 10 default install is amazingly secure. Portmapper and nibind (and apparantly remote debugging on a window system crash) are enabled by default but all of inetd.conf is commented out. There is also ipfw built in (but with allow all all as the default) so you can trivially make the machine quite secure by blocking pretty much everything (nibind will run happily as long as you enable all all on the loopback interface) with ipfw. I haven't yet seen an ntp patch (although the update may have contained one) but all in all I'd say they did a good job of this and gave you the necessary tools to do a better job if you are in a high risk environment. Peter Van Epp / Operations and Technical Support Simon Fraser University, Burnaby, B.C. Canada
This archive was generated by hypermail 2b30 : Thu Apr 26 2001 - 15:15:09 PDT