Mac OS X: Maximum Security


While Mac OS X is becoming more and more stable with each release, its UNIX/BSD underpinnings have security implications that ordinary Mac users have never before been faced with. Mac OS X can be used as both a powerful Internet server, or, in the wrong hands, a very powerful attack launch point.

Yet most Mac OS X books are generally quite simplistic — with the exception of the author's Mac OS X Unleashed, the first book to address OS X's ...

See more details below
Available through our Marketplace sellers.
Other sellers (Paperback)
  • All (10) from $1.99   
  • New (1) from $61.04   
  • Used (9) from $1.99   
Sort by
Page 1 of 1
Showing All
Note: Marketplace items are not eligible for any coupons and promotions
Seller since 2008

Feedback rating:



New — never opened or used in original packaging.

Like New — packaging may have been opened. A "Like New" item is suitable to give as a gift.

Very Good — may have minor signs of wear on packaging but item works perfectly and has no damage.

Good — item is in good condition but packaging may have signs of shelf wear/aging or torn packaging. All specific defects should be noted in the Comments section associated with each item.

Acceptable — item is in working order but may show signs of wear such as scratches or torn packaging. All specific defects should be noted in the Comments section associated with each item.

Used — An item that has been opened and may show signs of wear. All specific defects should be noted in the Comments section associated with each item.

Refurbished — A used item that has been renewed or updated and verified to be in proper working condition. Not necessarily completed by the original manufacturer.


Ships from: Chicago, IL

Usually ships in 1-2 business days

  • Standard, 48 States
  • Standard (AK, HI)
Page 1 of 1
Showing All
Sort by
Sending request ...


While Mac OS X is becoming more and more stable with each release, its UNIX/BSD underpinnings have security implications that ordinary Mac users have never before been faced with. Mac OS X can be used as both a powerful Internet server, or, in the wrong hands, a very powerful attack launch point.

Yet most Mac OS X books are generally quite simplistic — with the exception of the author's Mac OS X Unleashed, the first book to address OS X's underlying BSD subsystem.

Maximum Mac OS X Security takes a similar UNIX-oriented approach, going into significantly greater depth on OS X security topics:

  • Setup basics, including Airport and network topology security.
  • User administration and resource management with NetInfo.
  • Types of attacks, how attacks work, and how to stop them.
  • Network service security, such as e-mail, Web, and file sharing.
  • Intrusion prevention and detection, and hands-on detection tools.
Read More Show Less

Editorial Reviews

From Barnes & Noble
The Barnes & Noble Review
“Classic Mac” users didn’t worry much about security. Sure, old Macs were insecure, but they also lacked the features hackers needed to get at them. With OS X, though, you’re in the real world. Wake up, smell the coffee, then read Mac OS X Maximum Security.

John and William Ray cover all the Mac security risks and solutions you hoped never to worry about. Tools exist to improve the Mac OS X’s decent out-of-the-box security. You just have to learn how to use them. But above all, you have to develop an instinct for security. This book helps with the tools and the instincts.

You’ll review each vulnerability that afflicts systems like yours: attacks against data and passwords; malware; eavesdropping; impersonation, and the rest. Then, the Rays turn to securing specific OS X resources.

You’ll walk through customizing user accounts through the NetInfo database and User Templates directories. You’ll turn off unneeded Mac OS X network services (fortunately, many are automatically disabled at installation). Using TCP wrappers, you’ll restrict access to TCP services. (This requires some configuration, but the Rays explain the gory details.)

There are chapters on securing mail servers (too often left insecure); FTP; remote access; the Apache web server; and Samba file sharing. The Rays briefly introduce Mac OS X firewalls (Apple’s simple, bundled GUI firewall and command line tools). There’s even coverage of intrusion detection.

No matter who you are, your Mac and your data deserve protection. This book will help you protect them -- and yourself. Bill Camarda

Bill Camarda is a consultant, writer, and web/multimedia content developer. His 15 books include Special Edition Using Word 2000 and Upgrading & Fixing Networks for Dummies, Second Edition.

Read More Show Less

Product Details

  • ISBN-13: 9780672323812
  • Publisher: Sams
  • Publication date: 5/13/2003
  • Series: Maximum Security Series
  • Pages: 747
  • Product dimensions: 7.40 (w) x 9.05 (h) x 1.75 (d)

Meet the Author

John Ray is an award-winning developer and technology consultant with more than 17 years of programming and network administration experience. He has worked on projects for the FCC, The Ohio State University, Xerox, and the State of Florida, as well as serving as IT Director for a Columbus, Ohio¿based design and application development company. John currently serves as Senior System Developer/Engineer for The Ohio State University Extension and provides network security and intrusion detection services for clients across the state and country. His first experience in security was an experimental attempt to crack a major telecom company. Although he was successful, the resulting attention from individuals in trench coats made him swear off working on the "wrong side" of the keyboard forever.

John has written or contributed to more than 12 titles currently in print, including Mac OS X Unleashed and Maximum Linux Security.

Dr. William Ray is a mathematician turned computer scientist turned biophysicist who has gravitated to the field of bioinformatics for its interesting synergy of logic, hard science, and human-computer-interface issues. A longtime Macintosh and Unix enthusiast, Will has owned Macs since 1985, and has worked with Unix since 1987. Prior to switching his professional focus to the biological sciences, Will spent five years as a Unix programmer developing experimental interfaces to online database systems. He left this position when his desktop workstation was cracked, then used to attack other businesses' computers. The incompetence of his employer's system administrators resulted in his being accused of perpetrating the attacks, and a series of visits from the men in trenchcoats, nice suits, and dark glasses for him as well. As a result, Will has developed an enduring disgust for employers, system administrators, and users who don't take system security, and their responsibilities with respect to it, seriously.

Shortly after migrating to biophysics, Will developed a Macintosh and Unix-based computational biology/graphics laboratory and training center for The Ohio State University's College of Biological Sciences. At the facility, which he managed for five years, Will introduced hundreds of students and faculty to Unix, and provided training and assistance in the development of productive computing skills on the paired Macintosh and Unix platforms.

Will is currently an Assistant Professor of Pediatrics at the Columbus Children's Research Institute, Children's Hospital in Columbus, Ohio, and the Department of Pediatrics, The Ohio State University, where he is studying tools that work at the interface between humans, computers, and information, and working to build a core computational research and training facility for his institute.

Read More Show Less

Table of Contents



1. An Introduction to Mac OS X Security.

What Is Security? Traditional Mac OS Versus Mac OS X. Understanding the Threat. Summary.

2. Thinking Secure: Security Philosophy and Physical Concerns.

Physical System Vulnerabilities. Server Location and Physical Access. Server and Facility Location. Physical Access to the Facility. Computer Use Policies. Physical Security Devices. Network Considerations. Summary.

3. People Problems: Users, Intruders, and the World Around Them.

Your Users: People with Whom You Share Your Computer. The Bad Guys: People Who Would Do Your System Harm. Everybody Else. Summary.


4. Theft and Destruction of Property: Data Attacks.

Keeping Data Secret: Cryptography, Codes, and Ciphers. Data-Divulging Applications. Steganography and Steganalysis: Hiding Data in Plain Sight, and How to Find and Eliminate It. Summary.

5. Picking Locks: Password Attacks.

Typical Password Mechanisms. Testing Password Security. Improving Password Security, and Alternatives to the Standard Password Mechanisms in Mac OS X. Summary.

6. Evil Automatons: Malware, Trojans, Viruses, and Worms.

Defining Software Behavioral Space. Malware. Malware Threats. Solving the Problem. Summary.

7. Eavesdropping and Snooping for Information: Sniffers and Scanners.

Eavesdropping and Information Gathering. Monitoring Traffic with tcpdump. Sniffing Around with Ettercap. Network Surveys with NMAP. Other Information-Gathering Tools. Ethics of Information Gathering. Additional Resources. Summary.

8. Impersonation and Infiltration: Spoofing.

Spoofing Attacks. Spoofing Defenses. Summary.

9. Everything Else.

DoS. Buffer Overflows. Session Hijacking. Everything Else. Additional Resources. Summary.


10. User, Environment, and Application Security.

Adding a New User. Using the NetInfo Database to Customize a User. Sane User Account Management. Skeleton User Accounts. Command-Line Administration Tools. Restricting User Capabilities. Summary.

11. Introduction to Mac OS X Network Services.

What Is a Network Service? Network Service Vulnerabilities. Controlling Mac OS X Network Service Processes. Protecting inetd with TCP Wrappers. Increasing Security with xinetd. Summary.

12. FTP Security.

FTP Vulnerabilities. Activating the FTP Server. Configuring the Default lukemftpd FTP Server. Setting Up Anonymous FTP. Replacing the Mac OS X FTP Server. Alternatives to FTP. Summary.

13. Mail Server Security.

Basic Vulnerabilities. Sendmail. Activating Sendmail on Mac OS X. Protecting Sendmail. Updating Your Sendmail Installation. Postfix as an Alternative. Installing Postfix. Protecting Postfix. Delivering Mail—UW IMAP. Summary.

14. Remote Access: Secure Shell, VNC, Timbuktu, Apple Remote Desktop.

What Is SSH? SSH Vulnerabilities. Vulnerabilities in telnet and rlogin. Activating SSH. Advanced SSH Features. GUI Access Methods. Summary.

15. Web Server Security.

Introducing Apache. SSL-Protected Apache. Additional Resources. Summary.

16. File Sharing Security.

Apple Filing Protocol. WebDAV. Sharing Files with Samba. Common Unix Printing System. Other Resources. Summary.


17. Blocking Network Access: Firewalls.

Firewalling. Built-In GUI Mac OS X Firewall Tools. Built-In Command-Line Mac OS X Firewall Tools. Firewall Hardware. Firewall Resources. Summary.

18. Alarm Systems: Intrusion Detection.

What Is Intrusion Detection? Psionic PortSentry. Snort. IDS Resources. Summary.

19. Logs and User Activity Accounting.

The Role of Logs. User Logins and Accounting. Automated Log Monitoring: LogSentry. Common System Log Changes. Summary.

20. Disaster Planning and Recovery.

What Is Disaster Recovery and Why Do You Need It? Creating a Disaster Recovery Plan. Mac OS X Backup Software. Synchronizing Files: rsync. Summary.


Appendix A. Glossary.
Appendix B. Security Resources.
Appendix C. Secure Web Development.

Web Development Risks. Protecting Your Web Applications. Adding and Using suEXEC. Testing for Known CGI Vulnerabilities: Whisker. Additional Resources.


Read More Show Less

Customer Reviews

Be the first to write a review
( 0 )
Rating Distribution

5 Star


4 Star


3 Star


2 Star


1 Star


Your Rating:

Your Name: Create a Pen Name or

Barnes & Review Rules

Our reader reviews allow you to share your comments on titles you liked, or didn't, with others. By submitting an online review, you are representing to Barnes & that all information contained in your review is original and accurate in all respects, and that the submission of such content by you and the posting of such content by Barnes & does not and will not violate the rights of any third party. Please follow the rules below to help ensure that your review can be posted.

Reviews by Our Customers Under the Age of 13

We highly value and respect everyone's opinion concerning the titles we offer. However, we cannot allow persons under the age of 13 to have accounts at or to post customer reviews. Please see our Terms of Use for more details.

What to exclude from your review:

Please do not write about reviews, commentary, or information posted on the product page. If you see any errors in the information on the product page, please send us an email.

Reviews should not contain any of the following:

  • - HTML tags, profanity, obscenities, vulgarities, or comments that defame anyone
  • - Time-sensitive information such as tour dates, signings, lectures, etc.
  • - Single-word reviews. Other people will read your review to discover why you liked or didn't like the title. Be descriptive.
  • - Comments focusing on the author or that may ruin the ending for others
  • - Phone numbers, addresses, URLs
  • - Pricing and availability information or alternative ordering information
  • - Advertisements or commercial solicitation


  • - By submitting a review, you grant to Barnes & and its sublicensees the royalty-free, perpetual, irrevocable right and license to use the review in accordance with the Barnes & Terms of Use.
  • - Barnes & reserves the right not to post any review -- particularly those that do not follow the terms and conditions of these Rules. Barnes & also reserves the right to remove any review at any time without notice.
  • - See Terms of Use for other conditions and disclaimers.
Search for Products You'd Like to Recommend

Recommend other products that relate to your review. Just search for them below and share!

Create a Pen Name

Your Pen Name is your unique identity on It will appear on the reviews you write and other website activities. Your Pen Name cannot be edited, changed or deleted once submitted.

Your Pen Name can be any combination of alphanumeric characters (plus - and _), and must be at least two characters long.

Continue Anonymously

    If you find inappropriate content, please report it to Barnes & Noble
    Why is this product inappropriate?
    Comments (optional)