Is there a checklist for securing MacOSX machines?
Asked
Active
Viewed 498 times
1
-
1I have a question. Is there some kind of rules about answering your own questions? Do people do this so that other people in the future will already have an answer? – Dec 02 '12 at 04:40
-
2[Here is some guidance on answering your own question](http://meta.stackexchange.com/q/17463/150133) – makerofthings7 Dec 02 '12 at 04:46
-
1@Rell3oT [Also here is a blog entry from the creator of this site](http://blog.stackoverflow.com/2011/07/its-ok-to-ask-and-answer-your-own-questions/) – makerofthings7 Dec 02 '12 at 04:48
-
1Thank you! Good concept. At first it seems weird but its a good idea – Dec 02 '12 at 14:28
2 Answers
2
DISA STIGs are always good:
http://iase.disa.mil/stigs/os/mac/mac.html
DISA is the Defense Information Systems Agency, the IT shop for the US Department of Defense. STIGs are the configuration guides that they publish for security networking and computing devices.
Mark E. Haase
- 1,912
- 2
- 15
- 24
-
I've never seen the STIG format before. Funny that Safari won't open them and I had to use Opera. Do you know if STIGs are processed electronically somewhere/somehow? (as an online checklist?) – makerofthings7 Dec 03 '12 at 05:42
-
They provide some in PDF format and some are in XML format. The ones I linked to were in PDF, so I'd be surprised if you couldn't open them. The XML ones are admittedly hard to work with; there is no stylesheet that I know of that will pretty print a STIG. – Mark E. Haase Dec 03 '12 at 22:49
0
Apple has official Security configuration guides here, and there is a checklist in the appendix.
Protect the device from Firewire / DMI based attacks: Use epoxy on the physical ports, or update the OpenFirmware settings
The NSI's (slightly modified from Apple's guide) reference is here
Add a password to your OpenFirmware-based Mac
makerofthings7
- 50,488
- 54
- 253
- 542