Web Security

Hi all,

The topic title is pretty self explanatory really. Back when i was a Windows user I liked to think I knew how to keep my machine reasonably secure, but owning a Mac for the past 4 years or so has lulled me into a false sense of security. Feeling like everything is stable and secure and being looked after for me. (TBH I feel like owning a Mac has made my head incredibly soft in a lot of ways over this time but I know there are some other factors at work here!). And of course “hardly any viruses/trojans/malware are written for Mac, are they” ( :rolleyes: right!).

I’m currently on OS X 10.5.8, and I know with software you get what you pay for, so free security systems won’t be that great, but I’m unfortunately not working atm and completely broke! So my question is what free/cheap things should I be doing to keep my system secure?? Is my best bet to make sure I’m up-to-date with OS X when I can afford it? Or should my version theoretically be as secure as the latest one?

I’m not looking for an easy answer or hand out here, I really do want to learn so that I know how to help my self with this but where to start these days?!? :blink: With no one to ask for help I struggled when trying to use terminal commands even just to batch rename a load of files, so you can see I have some catching up to do!!

Thanks all!

PS. please don’t reply “go back to windows”!! I may well do this when I can afford to!

PPS. Just saw I should have given my $0.02 here but I missed it!

EDIT: The pedant in me wanted edit the title to Net Security! :wacko:

I’m on Snow Leopard so I dunno if this will be the same on 10.5.8.

There’s a built in firewall. Turn it on. Adjust as needed. See: Apple -> System Preferences -> Security -> Firewall -> Click the lock to make changes -> Advanced. I, for example, have added ‘/Applications/MAMP/Library/bin/httpd’ and ‘/Applications/MAMP/Library/bin/mysqld’ manually and set them to “Block incoming connections”. Note that any changes to the firewall require a restart of the app in question. For example, if I allow httpd in the firewall, I need to restart httpd before the change takes effect.

If you use Safari as your browser, make sure you uncheck “Open safe files after downloading” in Safari Preferences. No idea why this abominable feature exists. You do not want files automatically launching after download in any universe I am aware of.

If ever your computer asks for your administrator password, find a better program. There’s no reason for an app to do this. Of course there are exceptions to this rule but in general if you need to provide your admin password, something is fishy, the programers suck at OSX, and you need to question it.

You can use something like AppDelete. It can monitor and log any install files. Note: I don’t use this feature. But if you’re paranoid dozens of apps like this exist.

In the finder do CMD+F, change the search query to “Last modified date: today” + “System files: are included” (Use the [+] icon and all the other buttons up in there to build this query) then look at stuff. If you don’t recognize things, work your way backwards Sherlock Holmes style.

Activity Monitor, double click some app, click “Open Files and Ports” to see what’s going on with certain processes.

Console -> All Messages. Everything you ever wanted to know about your mac is there. It’s verbose and probably useless, but it’s all there.

Enjoy.

Thanks very much Conner! This is all very good to know.

Done! I don’t know why I didn’t use the firewall before. This would have been the first obvious step. I may have to monitor it over the next few days to see if i need to add any exceptions.

I use Firefox and Chrome. I’m pretty certain both are set up to never allow this. You’re right, that’s insanity!!

OK, thanks. Good to know.

OK sure, I can keep an eye on this. It all looks normal to me, but I would imagine to my untrained eye it would be pretty easy to make rogue system files look like real ones?? I.e. hide them in trusted application folders.

This only seems to work for processes running under my user name and not those running under root etc. And it doesn’t mean that much to me…But this page might help root out (no pun intended!) unwanted processes:

http://www.westwind.com/reference/os-x/background-processes.html

Excellent! This is also very useful to know.

Thanks a lot! I’ve also been told that browser-jacking never happens on a Mac. Is this really true?!? Also heard it’s incredibly easy to hack peoples iSight/webcams. How can I guard against this.

Thanks again for all your help!

That’s a pretty vague and meaningless statement. The short answer is no.

Black electrical tape.

Or by being very ugly.

Sorry, I don’t have anything [else] meaningful to add to the topic >

Well I know that browser jacking can probably take many forms but, yes, I’m quite computer illiterate. This is what I have been told and suspected to be misinformation. Thanks.

Well yeah I’ve got that covered already so I’m not too worried…

…but really!?! :unsure: It’s that hard to stop??

Thanks for the informative post Conner.

Just offering a simple solution.

I personally think it never happens.

The only time I can imagine it does is user error and maybe a misunderstanding of Flash. You can avoid this by upgrading to the latest version of Flash player, then System Preferences -> Flash Player, then click “Camera and Mic” and fix the settings accordingly.