impenetrable OSX?

tz3gm

Registered
hi guys/girls...

i was just wondering if anyone experimenting with OSX has any hack attempts made on their boxes and if so through which ports...i really wonder which ports are open on MacOSX and how secure it is compared to OS 9...with the power of unix comes the very high possibility of hacking...i even suggested that OSX come with a built in firewall...has anyone experienced this? i know that macs are know for security, so i was wondering now that macs have a unix core, a lot of people/hackers will be gunning to take macs down...anyway, just wanted to know if anyone knows what ports are open by default, if there are any security holes known yet and if anyone has been hacked yet? thanks in advance, ryan
 

LunaMorena

Registered
Hmmm that's a good question... let's find out...

[darkmoon@jezebel darkmoon]$ nmap violet

Starting nmap V. 2.53 by fyodor@insecure.org ( http://www.insecure.org/nmap/ )
Interesting ports on (xxx.xxx.xxx.xxx):
(The 1518 ports scanned but not shown below are in state: closed)
Port State Service
22/tcp open ssh
111/tcp open sunrpc
756/tcp open unknown
759/tcp open con
1068/tcp open instl_bootc

Nmap run completed -- 1 IP address (1 host up) scanned in 1 second
[darkmoon@jezebel darkmoon]$


(jezebel is my linux box, violet is OS X... the IP has been masqued to protect the innocent [namely, me])

Of those ports, I knew about 22 and in fact opened that one myself. The rest I did NOT know were running. sunrpc has some known security holes. (I better see if I can figure out how to turn that off.) Don't know what the rest of those go to. Can anyone shed some light?

 
nmap run of our MacOS X box:

Port State Protocol Service
22 open tcp ssh
80 open tcp http
111 open tcp sunrpc
743 open tcp unknown
746 open tcp unknown


ssh and http were purposely enabled (telnet is off! yay!) but alas, I'm not sure how to axe the others.

Is there a versionof ipchains for MacOS X yet? That'd be a nice thing to have.. Or, just a way to eliminate that stuff entirely. :)

 

tz3gm

Registered
think of it this way guys, is there any other ways to get into a osx or unix box...let me put it this way...what if...you were a windows geek or unix geek and apple always boasted how secure it was with os9 and all, but then osx came out and it was unix which is really powerful but may have more holes, wouldn't the entire hacker or a lot of the hacker community be gunning for macosx boxes?

just my $.02
 

LunaMorena

Registered
Well my guess would be that any security issue that BSD has, OS X would inherit as well. Which is why those open ports have me worried... that was something nice about OS 9; it didn't have those ports. Which is why that scan has me concerned. I don't like having ports open when I don't know what they do or how to disable them.
 

Pascal

Official visitor
That seems serious enough for a feedback@apple.com...
 

wmoss

Registered
I have some concerns about the default suite of daemons and ports that are turned on as "standard" but unless these are items that are required to be running (for something like the NetInfo tool to find your MacOS X neighbors) I think it's worthy to report your concern to Apple, but I wouldn't loose too much sleep over it.

One thing that Apple doesn't ship with Mac OS X are compilers. Everyone made a big noise about Apple "crippling" their OS by not including tools like gcc in the default distribution and that Apple was dumbing down Unix. Apple's goals may very well be to do something like this, but one advantage is that malignant users or code which are able to gain access to your system are constrained by the lack of compilers on the box.
 

nauseum

Registered
someone mentioned ipchains (linux's firewall rules this month...)

BSD (and MacOSX) already have a firewall rules system.

ipfw - controlling utility for IP firewall

in fact, someone else on this board has already detailed some of the use of this utility (still very command line and UN*X, but since someone mentioned the equally criptic ipchains...)

moreover, BSD (and MacOSX) include natd (the alternative to ipmasquerade in linux-land)

a search on these utilities in these forums will give more information than i have time to write down right now, along with:

man ipfw
man natd

from a terminal, of course...

cheers,
NauSeuM
 
True, but it's still something that should probably be filtered/off by default. Last thing we need are MacOS X boxes getting hacked and used for DDoS attacks. That's what Red Hat boxes are for :p~ (NOTE: That's a JOKE. No linux distro wars!)
 

nauseum

Registered
hehe.. well. that was the point i was clumsily trying to make.

"out of the box" - MacOS X PB is way more secure than any other UN*X defaults to.

OSXPB has ftp, telnet, ssh, apache and so on disabled by default.

linux, freebsd, solaris and irix (the 4 UN*X OS's i have experience with) default to having these things turned ON if they are installed. bad. OSXPB does not.

true, OSX should be made to be even more secure "out of the box" (EVERYTHING OFF unless you specifically turn it on) since it is the assumption (no longer true since linux exploded onto the scene) that people installing those other UN*X OS's will 'know what they are doing' enough to turn off or secure the services they require. whereas, OSX is targetted at a non-UN*X market. mind you, i believe ALL of them should default this way. linux especially (for the same reasons stated above).

this is the kind of thing best left to feedback, of course...

which i have already done :)

cheers,
NauSeuM
 
Ahh.. very good point. :) At the very least, a nice detailed TIL on how to turn stuff like sunrpc/etc OFF (or filter it out) would be nice. There are a lot of mini-howto's floating around here, but people will tend to look at Apple's support site before anything else. Usually. :)
 

AdmiralAK

Simply Daemonic
Are there any antivandal applications out there for Mac OS X or are there going to be any in the foreseable future ?
(i.e. programs like netbarrier)
 
Top