University of California, Riverside

Security



Mac


The Mac Operating System

Since OS X is essentially a UNIX based operating system, many of the security issues facing UNIX system administrators are OS X issues as well.

To activate/deactivate file sharing:

Via the Sharing system preference, under system preferences turn on only those services that are really needed. Each type of sharing enabled provides another "door" for a potential intruder.

Although the Mac has been relatively immune from viruses over the last few years, it's a good idea to have current virus protection. Here are some current products available for the Mac:

In OS X Apple provides an automated mechanism for keeping system software up-to-date which can be found in the Software Update system preference. This function can be scheduled to check for updates automatically.

In OS X, like all UNIX systems, there is a root account which provides unrestricted access to all files and functions of the operating system. When shipped, OS X has the root account disabled. It is recommended the root account is not enabled unless absolutely necessary. Even when needed, it's considered good practice to disable the account after use. The account is enabled and disabled via NetInfo Manager in the Utilities folder.

Many attempts to hack a system can be blocked with a firewall. There are hardware and software firewalls available offering various levels of protection and features. OS X includes a software firewall, which may not be enabled by default. To turn it on, go to your System Preferences and select the Sharing preference. Click the Firewall tab to find out whether the firewall is on or off. If it's turned off, simply click the Start button, and the firewall will start up.

Keep in mind that server-based applications, those that provide further server functionality like web-enabled databases and remote control software for example, may open more ports or "doors" to the computer. Each service that provides useful functionality, may also provide an opportunity for a hacker to gain access. Check with the software manufacturer to find out if there are security concerns and if so, what can done to minimize liability. Making sure current versions of the software are in use will usually help, since the latest versions tend to fix security holes that may have existed in previous versions.

If running a server, and especially if sensitive or confidential data is on the server, vigilantly monitor the server for intrusions or suspicous activities keeping abreast of current security issues. There are a number of websites available with useful information about Macintosh security issues:

More Information 

General Campus Information

University of California, Riverside
900 University Ave.
Riverside, CA 92521
Tel: (951) 827-1012

Department Information

Computing & Communications
Computing & Communications Bldg.

Tel: (951) 827-4741
Fax: (951) 827-4541
E-mail: helpdesk@ucr.edu

Footer