lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <CC23423D.3749%thor@hammerofgod.com>
Date: Wed, 11 Jul 2012 22:00:24 +0000
From: "Thor (Hammer of God)" <thor@...merofgod.com>
To: phocean <0x90@...cean.net>
Cc: "full-disclosure@...ts.grok.org.uk" <full-disclosure@...ts.grok.org.uk>
Subject: Re: Preferred OSX Security/Server Lists

Same here… I couldn't find anything that really served my needs.  It was hard enough to find the right resource to enable a single user to have multiple email addresses for OSX Lion Server Mail – but I figured that out.  Maybe we should start one then?  I'm moving the HoG website over as well and I'll be including the Wiki stuff, so I'll have the resources to host something like that.

Regarding the actual reason for moving, there are several, but I'll focus on the most important.  I'm a big music and media person, and I like to be able to have my music accessible when and where I want it and have options for redirection of equipment.  Setting up Windows Media Center was a pain, and it was slow and very limited in features.  And there were issues with "Zune" files working or not working, the general requirement for network configuration, and just a lot of complexity.  With OSX I just run it, tell iTunes to share my library, and then I can play whatever I want on my iPad or iPhone.  Then I just plugged in the AppleTV to my main entertainment system, and then I could remotely play stuff on my iPhone directly to that stereo.  I have speakers run outside, so I can literally be in the backyard and tell my iPhone "Play Robert Plant" and it plays from my phone to the Apple TV and out the speakers.  SUPER smooth.

So after that I starting digging in to OSX more and have liked it more and more as I go.  Having the same features with such a dramatically less complex installation is really a huge benefit to me.  iCal, iChat, Mail, and iContact servers and amazingly simple and do exactly what I need – compared to Exchange and PS, and all that stuff, well…  :)

Of course my main concern (and reason for posting) is that I want to make sure I do my due diligence and learn what I need to learn in order to properly secure the services I put out on the Internet.  For instance, I can set up IIS to be tremendously secure in my sleep as I've done it for years.  However, I don't know what to do with Apache.  I just don't know it.   So I want to find out about principal accounts, service contexts, virtual directories, server-side applications, etc etc.  HoG has never been hacked (to my knowledge) but I'm totally expecting to be pwned now that I'm basically doing a 180 in my production environment.

I think starting an actual Mac security list would be a good idea.  Hell, maybe I can sell enough "Thor's Microsoft Security Bible" copies to help buy more Mac equipment :)  LOL.

t

From: phocean <0x90@...cean.net<mailto:0x90@...cean.net>>
Date: Wednesday, July 11, 2012 12:32 PM
To: Timothy Mullen <thor@...merofgod.com<mailto:thor@...merofgod.com>>
Cc: "full-disclosure@...ts.grok.org.uk<mailto:full-disclosure@...ts.grok.org.uk>" <full-disclosure@...ts.grok.org.uk<mailto:full-disclosure@...ts.grok.org.uk>>
Subject: Re: [Full-disclosure] Preferred OSX Security/Server Lists

Hi,

I do not know any specific stuff yet, though I have been a recent switcher myself.
I had a quick look but it seems that there are not many resources.
So this is going to be an interesting topic.
Just curious: what are the motives for your switch?

Regards,
--- phocean


Le 9 juil. 2012 à 19:45, Thor (Hammer of God) a écrit :

Greets all.

I was hoping to get some opinions on your "favorite" OSX security/server admin sites/lists.  I'm converting the HoG internal and production networks over to OSX and OSX Server and would like some "pre-vetting" suggestions for a decent source of information.

Thanks much.

t
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/


Content of type "text/html" skipped

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ