OS X Exploits and Defense -  Paul Baccas,  Kevin Finisterre,  Larry H.,  David Harley,  Chris Hurley,  Johnny Long,  Gary Porteus

OS X Exploits and Defense (eBook)

Own it...Just Like Windows or Linux!
eBook Download: PDF
2011 | 1. Auflage
352 Seiten
Elsevier Science (Verlag)
978-0-08-055876-9 (ISBN)
Systemvoraussetzungen
49,97 inkl. MwSt
  • Download sofort lieferbar
  • Zahlungsarten anzeigen
Contrary to popular belief, there has never been any shortage of Macintosh-related security issues. OS9 had issues that warranted attention. However, due to both ignorance and a lack of research, many of these issues never saw the light of day. No solid techniques were published for executing arbitrary code on OS9, and there are no notable legacy Macintosh exploits. Due to the combined lack of obvious vulnerabilities and accompanying exploits, Macintosh appeared to be a solid platform. Threats to Macintosh's OS X operating system are increasing in sophistication and number. Whether it is the exploitation of an increasing number of holes, use of rootkits for post-compromise concealment or disturbed denial of service, knowing why the system is vulnerable and understanding how to defend it is critical to computer security.
* Macintosh OS X Boot Process and Forensic Software All the power, all the tools, and all the geekery of Linux is present in Mac OS X. Shell scripts, X11 apps, processes, kernel extensions...it's a UNIX platform....Now, you can master the boot process, and Macintosh forensic software.
* Look Back Before the Flood and Forward Through the 21st Century Threatscape Back in the day, a misunderstanding of Macintosh security was more or less industry-wide. Neither the administrators nor the attackers knew much about the platform. Learn from Kevin Finisterre how and why that has all changed!
* Malicious Macs: Malware and the Mac As OS X moves further from desktops, laptops, and servers into the world of consumer technology (iPhones, iPods, and so on), what are the implications for the further spread of malware and other security breaches? Find out from David Harley.
* Malware Detection and the Mac Understand why the continuing insistence of vociferous Mac zealots that it 'can't happen here' is likely to aid OS X exploitationg
* Mac OS X for Pen Testers With its BSD roots, super-slick graphical interface, and near-bulletproof reliability, Apple's Mac OS X provides a great platform for pen testing.
* WarDriving and Wireless Penetration Testing with OS X Configure and utilize the KisMAC WLAN discovery tool to WarDrive. Next, use the information obtained during a WarDrive, to successfully penetrate a customer's wireless network.
* Leopard and Tiger Evasion Follow Larry Hernandez through exploitation techniques, tricks, and features of both OS X Tiger and Leopard, using real-world scenarios for explaining and demonstrating the concepts behind them.
* Encryption Technologies and OS X Apple has come a long way from the bleak days of OS9. THere is now a wide array of encryption choices within Mac OS X. Let Gareth Poreus show you what they are.
* Cuts through the hype with a serious discussion of the security
vulnerabilities of the Mac OS X operating system
* Reveals techniques by which OS X can be 'owned'
* Details procedures to defeat these techniques
* Offers a sober look at emerging threats and trends

Paul Baccas is a researcher at Sophos plc, the UK security company. After reading Engineering Science at Exeter College, Oxford, he worked in various technical roles at Sophos, and is now mainly engaged in spam research. He is a frequent contributor to Virus Bulletin.
Contrary to popular belief, there has never been any shortage of Macintosh-related security issues. OS9 had issues that warranted attention. However, due to both ignorance and a lack of research, many of these issues never saw the light of day. No solid techniques were published for executing arbitrary code on OS9, and there are no notable legacy Macintosh exploits. Due to the combined lack of obvious vulnerabilities and accompanying exploits, Macintosh appeared to be a solid platform. Threats to Macintosh's OS X operating system are increasing in sophistication and number. Whether it is the exploitation of an increasing number of holes, use of rootkits for post-compromise concealment or disturbed denial of service, knowing why the system is vulnerable and understanding how to defend it is critical to computer security. - Macintosh OS X Boot Process and Forensic Software All the power, all the tools, and all the geekery of Linux is present in Mac OS X. Shell scripts, X11 apps, processes, kernel extensions...it's a UNIX platform....Now, you can master the boot process, and Macintosh forensic software- Look Back Before the Flood and Forward Through the 21st Century Threatscape Back in the day, a misunderstanding of Macintosh security was more or less industry-wide. Neither the administrators nor the attackers knew much about the platform. Learn from Kevin Finisterre how and why that has all changed!- Malicious Macs: Malware and the Mac As OS X moves further from desktops, laptops, and servers into the world of consumer technology (iPhones, iPods, and so on), what are the implications for the further spread of malware and other security breaches? Find out from David Harley- Malware Detection and the Mac Understand why the continuing insistence of vociferous Mac zealots that it "e;can't happen here"e; is likely to aid OS X exploitationg- Mac OS X for Pen Testers With its BSD roots, super-slick graphical interface, and near-bulletproof reliability, Apple's Mac OS X provides a great platform for pen testing- WarDriving and Wireless Penetration Testing with OS X Configure and utilize the KisMAC WLAN discovery tool to WarDrive. Next, use the information obtained during a WarDrive, to successfully penetrate a customer's wireless network- Leopard and Tiger Evasion Follow Larry Hernandez through exploitation techniques, tricks, and features of both OS X Tiger and Leopard, using real-world scenarios for explaining and demonstrating the concepts behind them- Encryption Technologies and OS X Apple has come a long way from the bleak days of OS9. THere is now a wide array of encryption choices within Mac OS X. Let Gareth Poreus show you what they are. - Cuts through the hype with a serious discussion of the security vulnerabilities of the Mac OS X operating system- Reveals techniques by which OS X can be "e;owned"e;- Details procedures to defeat these techniques- Offers a sober look at emerging threats and trends

Front Cover 1
OS X Exploits and Defense 4
Copyright Page 5
Contributing Authors 7
Technical Editor 6
Contents 10
Chapter 1: Macintosh OS X Boot Process and Forensic Software 16
Introduction 17
The Boot Process 18
The Macintosh Boot Process 19
EFI and BIOS: Similar but Different 19
DARWIN 20
The OS X Kernel 20
Macintosh Forensic Software 21
BlackBag Forensic Suite 21
Directory Scan 22
FileSpy 23
HeaderBuilder 24
Other Tools 25
Carbon Copy Cloner 26
MacDrive6/7 28
Summary 31
Chapter 2: Past and Current Threats 32
Before the Flood 33
The 21st Century Threatscape 41
Apple Vulnerability/Update Retrospective 42
Exploit Development and Research 71
Chapter 3: Maliciou Macs: Malware and the Mac 84
Introduction 85
Taxonomy of Malware 87
Viruses 87
Worms 88
Trojan Horses 90
Rootkits and Stealthkits 90
Bots and Botnets 92
Memetic Malware 93
Pre-OS X Mac Malware 96
HyperCard Infectors 96
Application and System Viruses 98
Trojans 101
Macro Malware 103
Heterogeneous Malware Transmission 106
Worms: AutoStart and After 107
OS X and Malware 109
Case Study-OSX/DNSChanger 111
Self-launching vs. User-launched 117
What Does That Mean? 118
Media Attitudes 118
Schadenfreude or Armageddon? 120
Is That It Then? 121
The Future 123
Message to the User Community 125
Message to Apple (and Microsoft!) 126
Watch and Learn 127
Summary 128
Solutions Fast Track 130
Frequently Asked Questions 134
Chapter 4: Malware Detection and the Mac 136
Introduction 137
Safe Out of the Box? 138
Anti-malware Technology 147
More About EICAR 148
Classic Anti-malware Detection Techniques 151
Signature Scanning 154
Heuristics Revealed 155
Anti-malware Products 157
Anti-malware Before OS X 158
Disinfectant 160
Anti-malware and OS X 162
avast! 162
ClamAV 163
ClamXav 164
Intego VirusBarrier 166
MacScan 167
McAfee Virex/VirusScan for Mac 167
Sophos 169
Symantec 170
Product Testing 172
Summary 174
Solutions Fast Track 174
Frequently Asked Questions 177
Chapter 5: Mac OS X for Pen Testers 178
Introduction 179
The OS X Command Shell 181
Compiling and Porting Open Source Software 184
OS X Developer Tools 185
Perl 187
Configuring CPAN 188
Using CPAN’s Interactive Mode 190
Using CPAN in Command-line Mode 193
Installing XWindows 193
Compiling Programs on Mac OS X 195
Compiling Versus Porting 195
Installing Ported Software on Mac OS X 196
Why Port: A Source Install Gone Bad! 196
OpenDarwin 198
Fink 202
Installing Binary Packages Using apt-get 203
Installing Source Packages using fink 204
Installing Source or Binary Packages Using Fink Commander 205
Using The “Top 75 Security Tools” List 207
Category: Attack (Network) 208
Category: Attack (Scanner) 209
Category: Attack (Web) 209
Category: Crypto 210
Category: Defense 211
Category: Defense / Forensics 212
Category: Evasion 212
Category: Footprinting 213
Category: Monitor (Sniffing) 214
Category: Multipurpose 216
Category: Password Cracking 216
Category: Password Cracking (Remote) 217
Category: Programming 218
Category: Scanning 218
Installing and Using The “Big” Tools 219
Wireshark 219
Installing Wireshark on MacOS X from Source 219
Installing Wireshark on MacOS X Using DarwinPorts 225
Nessus 226
Summary 230
Solutions Fast Track 230
Links to Sites 231
Frequently Asked Questions 232
Chapter 6: WarDriving and Wireless Penetration Testing with OS X 234
Introduction 235
WarDriving with KisMAC 235
Starting KisMAC and Initial Configuration 235
Configuring the KisMAC Preferences 236
Scanning Options 237
Filter Options 238
Sound Preferences 238
Traffic 241
KisMAC Preferences 242
Mapping WarDrives with KisMAC 243
Importing a Map 243
Using a GPS 243
Ready to Import 244
WarDriving with KisMAC 248
Using the KisMAC Interface 248
The KisMAC Window View Buttons 249
Additional View Options with KisMAC 251
Penetration Testing with OS X 253
Attacking WLAN Encryption with KisMAC 253
Attacking WEP with KisMAC 253
Reinjection 255
Attacking WPA with KisMAC 257
Other Attacks 258
Bruteforce Attacks Against 40-bit WEP 258
Wordlist Attacks 258
Other OS X Tools for WarDriving and WLAN Testing 258
Summary 261
Solutions Fast Track 261
Frequently Asked Questions 263
Chapter 7: Security and OS X 266
Leopard and Tiger Evasion 267
Application Firewall 267
iSight Voyeurism 268
Reliable Local Stack Buffer Overflow Exploitation 270
dylib (Dynamic Library) Injection and Other Nifty Tricks 276
Return to dyld Stubs and libSystem for Tiger 279
Leopard and Address Space Layout Randomization (ASLR) 284
Month of Apple Bugs 287
Pressure on Vendors and Effects 287
Overview of the Outcome 288
The Beginning: QuickTime RTSP URL Handler Flaw 290
A iPhoto Photocast XML Format String Vulnerability 291
The Exploit of the Apes 292
Apple DMG and Filesystem-related Kernel Vulnerabilities 295
AppleTalk ATPsndrsp() Heap Buffer Overflow Vulnerability 296
A mDNSResponder in Scarlet 297
The First Flaw: 1990 Style Stack Buffer Overflows Rock 299
The Second Flaw: When You Go Beyond the Limits 300
Abusing the mDNSResponder for Remote Root Profit 302
Chapter 8: Encryption Technologies and OS X 304
Introduction: OS9 TO OS X 305
OS X Security and Encryption: Encryption Within OS X 306
The System Keychain 306
Better Keychain Security 307
OS X Security and Encryption: OS X Password Encryption 308
Symmetric Ciphers 308
Asymmetric Ciphers 308
Hashes 309
Password Cracking 310
Shadows and DES 310
SHA-1 311
Windows LAN Manager 311
Salt and Rainbow Tables 312
Disk Images and Secure Virtual Disks 312
FileVault and Encrypted DMG Files 312
AES 313
FileVault 314
Plaintext Memory 315
Insecure Hardware 316
Firewire DMA 316
Patching DMA 317
Alternative RAM Attacks 318
Alternative Encryption Systems 318
Wireless Encryption 319
WEP 320
Initialization Vectors 320
WEP Threats 321
Wi-Fi Protected Access (WPA) 322
WPA Threats 323
Entropy, Passwords, and WPA 323
Secure Communication 324
Secure Socket Layer 324
Diffie and Hellman, Public Key Exchange 325
Man In the Middle 326
Certificate Authorities 327
Secure Communications: Summary of Suggestions 327
Secure Shell and Tunneling 328
Open Source Efforts 328
SSH 328
SSHD 331
VPN Encryption 332
Vpn 332
PPTP, L2TP, and OPENVPN 332
IPsec 332
IPv6 333
Summary 335
References 335
Index 338

Erscheint lt. Verlag 18.4.2011
Sprache englisch
Themenwelt Informatik Betriebssysteme / Server Macintosh / Mac OS X
Informatik Netzwerke Sicherheit / Firewall
Informatik Theorie / Studium Kryptologie
ISBN-10 0-08-055876-3 / 0080558763
ISBN-13 978-0-08-055876-9 / 9780080558769
Haben Sie eine Frage zum Produkt?
PDFPDF (Adobe DRM)

Kopierschutz: Adobe-DRM
Adobe-DRM ist ein Kopierschutz, der das eBook vor Mißbrauch schützen soll. Dabei wird das eBook bereits beim Download auf Ihre persönliche Adobe-ID autorisiert. Lesen können Sie das eBook dann nur auf den Geräten, welche ebenfalls auf Ihre Adobe-ID registriert sind.
Details zum Adobe-DRM

Dateiformat: PDF (Portable Document Format)
Mit einem festen Seiten­layout eignet sich die PDF besonders für Fach­bücher mit Spalten, Tabellen und Abbild­ungen. Eine PDF kann auf fast allen Geräten ange­zeigt werden, ist aber für kleine Displays (Smart­phone, eReader) nur einge­schränkt geeignet.

Systemvoraussetzungen:
PC/Mac: Mit einem PC oder Mac können Sie dieses eBook lesen. Sie benötigen eine Adobe-ID und die Software Adobe Digital Editions (kostenlos). Von der Benutzung der OverDrive Media Console raten wir Ihnen ab. Erfahrungsgemäß treten hier gehäuft Probleme mit dem Adobe DRM auf.
eReader: Dieses eBook kann mit (fast) allen eBook-Readern gelesen werden. Mit dem amazon-Kindle ist es aber nicht kompatibel.
Smartphone/Tablet: Egal ob Apple oder Android, dieses eBook können Sie lesen. Sie benötigen eine Adobe-ID sowie eine kostenlose App.
Geräteliste und zusätzliche Hinweise

Buying eBooks from abroad
For tax law reasons we can sell eBooks just within Germany and Switzerland. Regrettably we cannot fulfill eBook-orders from other countries.

Mehr entdecken
aus dem Bereich