• Create BookmarkCreate Bookmark
  • Create Note or TagCreate Note or Tag
  • PrintPrint

Security-Minded Thinking

Although Chapter 31, “Server Security and Advanced Network Configuration,” goes into security details in considerably more depth, it's a good idea to start thinking about security issues now. In this chapter, you're going to configure your machine so that you can connect to it from other machines. If you can connect to it, so can anyone else, and it's time to start thinking about security. Here are some common sense guidelines that you can use when thinking about your machine's security:

  • Regularly apply updates to the operating system. It is common for the Unix vendors to fix security problems and make the fixes available as downloadable updates, usually called patches.

  • Do not turn on any unnecessary services. If you don't know what the service is, you probably don't need it.

  • Do not turn on the telnet service. telnet transmits passwords in clear text. That is exactly what some of the crackers are looking for.

  • Restrict as many of the TCP-based services as possible with tcpwrappers. OS X already comes with tcpwrappers installed, and is configured to assume that you will use tcpwrappers. Using tcpwrappers allows you to control access to some services. You can, for example, restrict access to the ftp service by using tcpwrappers.

  • Use secure shell (SSH) for remote logins to your machine.


PREVIEW

                                                                          

Not a subscriber?

Start A Free Trial


  
  • Creative Edge
  • Create BookmarkCreate Bookmark
  • Create Note or TagCreate Note or Tag
  • PrintPrint