SecureMac.com
About SecureMac Advertise Security Consulting Mac Security Store Send Feedback

Site Information
Site Background
Who runs the site
Advertising
Security Consulting
Employment/Jobs
Feedback Form

SecureMac Software
PrivacyScan

 

Mac OS X Security
sudo buffer overflow exploit + fix
Disable Single User Boot Mode
Malevolence - Dumping Passwords
nidump security
Startup Security - Open Firmware Password Protection

Mac OS X Network Security
SAINT
Secure FTP Wrapper
Ettercap - sniffer interceptor logger
Snort - Network Intrusion Detection System
SSH Admin
SSH Helper
xnu - enable MAC Address spoofing


Mac OS X Virus

Mac OS X Firewalls
Firewalk Firewall Utility
NetBarrier X

Mac OS X App Sec.

Mac OS X Encryption
LittleSecrets
GPGMail - PGP Functionality

Mac OS X DoS

SecureMac Library
Mac Cable Modem Security
Mac Security Auditing
Mac OS X Security Understanding
Mac OS X Security Second Lessons
Mac OS X Security Third Lesson
Mac OS X Single User Mode Root Access
Mac OS X Shareware Firewalls
Mac OS X Secure Installation
Cable & DSL Connections - Security Measures
Better Safe than Sorry
Apple.com Security Resources
Marketing Macintosh Security Programs

AtEase Security System

lockout
info, views, download, rating, security, insecure



Information: At Ease popularity has kind of died down. I remember schools using it but now they don't seem to. It's a product I never liked. Found it rather insecure. Millions of ways to hack around it.

Views:
The New Version, Well You need to email me with information on it. I couldn't find any on Apples website, so if you run it, Email me! I guess this product would be good for Jr High or Elementary schools.

Download Version:
None known. Costs $$.

Rating:
rate



Insecurity:
At Ease Files + Hacks + Fixes:
Research Papers/Instructions:

Open Other peoples files is a email submitted from someone with malicious intent. Always know what other people are expecting so the administrator can be prepared.

Complete AtEase Bypassing Guide - Jibblet
Bypassing AtEase version 3.0 -RDK
Bypassing AtEase -By the Weasel
AtEase 5.0 Security Advisory: At Ease 5.0 will allow a user to access any user's volume on the server.

The tested configuration is as follows:

MacOS 7.6.1 (should work with anything greater than 7)
At Ease 5.0.2
AppleShare IP 5.0.3
Netscape 4.0.7 (No reason it shouldn't work from .99 to 4.5)

How to do it:
Log in as any user that has access to Netscape Communicator, and type in file://Macintosh%20HD/System%20Folder/ and you are able to access the disk.
Do the same thing, except use file://At%20Ease%20Volume%20Name/At%20Ease%20%Docs/username and it's quite easy to browse through anyone's files.
It is possible to download files from any user's directory. I have been unable to actually open any of the files once they are downloaded, however in an educational setting, just viewing names in a certain directory could constitute some serious problems (such as if a teacher works with Special Education students, and has a list of documents to their parents).
Apple apparently will not fix their own product. There is a 3rd party extension available for this at: http://www.ncal.verio.com/~lsr/programs/MSIENoServers.hqx
Tim Conrad



Files/Patches/Hacks:
AtEase Hacker is a set of utilities to bypass the security features.
AtPeace is another Hack for AtEase. Simple.
DisEase DisEase/AtEase. nice hack.
There are many more ways then listed here. If you know of one please email us. We are more than happy to research and post it here!



Enter Email Address:

Enter your message:


Select Either of These Two Buttons


Security + OS
DiskLock
PowerBook Security Control Panel
Empower Pro
FileGuard
FreeGuard
FoolProof
Deus Lock Master
OnGuard
Keys Off
LockOut
MacOS Algorithm
Modem Security
Password Key
PGPuam
PPF
Shift Key Suite
Stealth Signal
SuperLock Lite
SuperLock Pro
Web-Confidential


Macintosh Viruses
Disinfectant
Sophos Anti-Virus
Norton AntiVirus
Nav 7 Nav 6 Nav X
Virex - Oct
VirusBarrier - Netupdate
vScan - Discontinued.

Mac Physical Security


Macintosh Firewalls
DoorStop Firewall
Firewall Q & A
IPNetSentry
NetBarrier
Norton Personal Firewall

Mac Spyware & Privacy
Monitorer
NetShred - Delete Files Safely

Network Security
MacAnalysis
Oyabun Tools
WDTech RAE
ToolDaemon

Application Security Issues
AIM - AOL Instant Messenger
Back Orifice
Eudora E-Mail Client
Internet Configure
IE 5.1, OE 5.1, Powerpoint, Excel Vulnerability
MS Personal webServer
NetBus
Outlook Express 4.5 Password Flaw
SubSeven
Sub7ME Server

Resource Info
AppleShare Server Info

Mac OS Encryption
EnScript
FGP
FileTwister
ForgotIt?
GenPass
MacLockSmith
My-Privacy
My Secret
PGPi
PGPhone
PGP Personal
PGP Freeware
PowerCrypt-dev
Private File
Quick Encrypt
SubRosa Utilities
Tresor

Deleting Files
Eraser Pro
ShredIt

Backups

Apple Hardware

MacOS DoS
Mac Attack


All material (c) 2014 SecureMac.com and respected owners