SecurityPassword weakness in Internet Config in MacOS
What is Internet Config?
From Internet Config FAQ: “The Internet Configuration System was designed to make your life easier by reducing the number of times which you need to enter your Internet preferences into the various preferences dialogs of all your Internet applications.
For example, currently you need to enter your Email address into many common
Macintosh Internet applications, for example Eudora, NewsWatcher and Anarchie.
The goal of the system was to get each of these applications to get this information
from one common place and to give you …
June 2, 2001 •
6 min read
SecurityInformation
Euroda is a widely supported Email client for both Macs and PC’s. Pro Version supports multiple accounts and personalities.
Views
Eudora has grown a lot from user suggestions. They have a nice BETA SITE where you can beta test their PRO version.
Download Versions
Download new Beta Version of Eudora PRO
Download FREE Eudora Light Version or Purchase PRO Version
More Info
QUALCOMM can be reached by email, website or call them directly at 1 800 238 3672
Insecurity
This mail client has been pretty secure. There has been a little exploit known that will show a password for …
June 2, 2001 •
2 min read
SecurityInformation
Let me clarify something for all of you. BackOrifice, NetBus – Those are PC trojans. They will not break your macintosh. The tools described are to control a PC infected with BackOrifice from a MACINTOSH. Yes a Mac. Don’t fear Macs don’t have registries and other fun things.
Views
Some people actually use BackOrifice for their Windows computers for Free, control of the remote the computer. In nature Back Orifice is a trojan. It will let a user connect to it remotely and do odd things. Like have access to files, screenshots, …
June 2, 2001 •
1 min read
SecurityConnections and Protections
Cable and DSL Connections and Security Measures
What type of connection do I have?
Two new remote access technologies are rapidly growing – cable modems and Digital Subscriber Line (DSL) modems/routers. Cable Modems are a shared media. This means that you share a common wire with other people in your neighborhood (see figure one). As more people gain access, the more traffic that is generated over that single wire. Both telco and cable companies are constantly working to increase the amount of bandwidth and service area available to their customers. …
June 2, 2001 •
6 min read
SecurityInformation
John Copeland, a professor at Georgia Tech, noticed his computer sending packets when he was not conducting any traffic. This Mac Attack effects computers running MacOS 9 with a internet or network connection. A FAQ Page has been setup to help you understand the situation.
FIX
After a lot of complaints from MacOS 9 Owners, Apple released a correct solution for the denial of service problems. Open Transport 2.6 is the fix, Only for Mac OS 9; Mac OS 8.6 for PowerMacintosh G4, iBook, and iMac (Slot-loading) computers. Apple says addresses DHCP …
June 2, 2001 •
2 min read
SecurityGrouchySmurf is the first public release of an ICMP broadcast attack for the MacOS. Last night the application was released by Freaks Macintosh Archives a hacker related website for the macintosh community. They wrote a review/press release on the application to hype it. Now it is online and available for download. The ICMP broadcast attack will be explained in details further in this document.
Were not going to try to hide the bad uses of this program. This review is to inform you of the new software released and what damages …
June 2, 2001 •
4 min read
SecurityInformation
Do you know that every single postscript file that you print on a Macintosh using the Print To File function actually secretly puts your email address in the file? Pretty scary, isn’t it?
Problem
Apple LaserWriter driver embeds the user email address within the postscript.
Product Effected:
All postscript file printed via print to file in MacOS.
(Tested on 8.6 and 9.0)
Download
You can download Strip A Post from:
(Strip A Post is a nice little utility that removes that piece of personal information from those postscript files)
SecureMac – 1.0 version
Jake Luck Homepage
Closing Notes
The Author Jake Luck …
June 2, 2001 •
1 min read
SecurityMac OS X Single User Mode Root Access – CodeSamurai
Forward
There’s always the constant battle between user-friendliness and security. Apple has known about this vulnerability for some time now; and back in the days of OpenStep, a patch to that OS was released to fix this problem. Now is the era of Mac OS X, and even though that old OpenStep patch won’t work for OS X, Apple could still easily release a similar patch, or better yet, a permanent fix that will be forever installed by default.
It is argued that …
June 2, 2001 •
5 min read
SecurityMacintosh OS X Security – Third Lesson
MAC OS X Now that we’ve covered the basics of computer security in general and an overview of Mac OS X security specifically, it is time to get a bit more in depth. Because some UNIX gurus and elite hackers now know Mac OS X better than most early-adopting Mac fans, caution needs to be taken above and beyond what has already been covered. This is because of the advanced capabilities of the new OS and the open source condition of many of the …
June 2, 2001 •
5 min read
SecurityMacintosh OS X Security – Second Lesson – Chevell
MAC OS X The early adopters have been using OSX 10.0 for the better part of two weeks now. Early adopters, while not all the UNIX gurus and application developers Apple targeted the release for, are zealous, ambitious and daring- perhaps too much so.
As I stated in my previous Mac OS X Security overview, Mac OS X is a completely new operating system to most Mac users. Its UNIX under pinnings are foreign to the point-and-click community. The interface is certainly foreign …
June 2, 2001 •
6 min read
SecurityIssue:
Netscape Navigator/Communicator stores passwords in plain text
remote: no
local: yes
published: September 12, 2000
vulnerable:
Netscape Navigator/Communicator 4.x (and all versions?)
Security Issue:
There’s been a lot of security advisories and such about cookies security, but since the mac security is often very different from other operating systems, this is worth of mention.
The problem is in fact very simple, Netscape stores saved passwords as cookies in a file called MagicCookie that can be found in the netscape user folder (different for each user created.) in the Preferences folder of the system folder (System Folder: Preferences: Netscape: …
June 2, 2001 •
1 min read
SecuritySecurity Auditing Tools for the Macintosh
In today’s media you only hear about hackers rummaging through data stealing important information. You hear about how your security becomes more and more insecure. All these hackers are hitting websites, stealing passwords and credit card numbers. Yes, it’s true a lot of this doesn’t pertain to the MacOS. It’s the Windows and UNIX servers being hacked. Yet it does happen. Administrators don’t take the right precautions to ensure their customers are secure. The customer is thought to be dumb. It is believed that not …
June 2, 2001 •
3 min read
SecurityInformation
Keystroke loggers are common amongst hackers all around the world. Keystroke loggers do exactly what it says, it is a small program that logs to a file everything that you type and the person who installed the logger can retrieve the log whenever he/she wants. Hackers use the software to gain information like logins/passwords or any other useful data.
TypeRecorder 1.5 is a shareware control panel created by Rampell Software. The software itself is marketed as a tool that would be useful in the case your system crashes, power outages or …
June 2, 2001 •
3 min read
SecurityCable Modem and Macs Security Information
Security Aspect: Macs and Cable Modems
An issue has surfaced which has been ignored and avoided for a long time. In the past, people thought of Macintosh computers as being so secure that you didn’t even need to talk about security. Since the early 90’s, there have been a few web sites dedicated to Macintosh security or hacking, all of which have surfaced, dissolved and expired.
Picture your network. You’re on one line, and your computer is only listening to its own traffic. But computers aren’t smart, …
June 2, 2001 •
6 min read
SecurityNorton Personal Firewall is a excellent solution for stopping hackers from gaining unauthorized access to your computer. Setting up and configuring your firewall in the past has been a ugly time consuming task. Personal Firewall offers a simple out of the box installation protecting your Mac in minutes!
Why use a firewall?
SecureMac.com has reviewed many firewall solutions for your Macs. Many people ask us why should I use a firewall all I do on my computer is chat, email and go on the web. Every computer that has a network connection …
June 2, 2001 •
5 min read
SecurityWhat is NetBarrier?
NetBarrier is a personal firewall to protect you against hackers, vandals and other security risks for macintosh users that are connected to the internet. Experts estimate that 85%-97% undetected.
NetBarrier provides its “four-level line of defense” as a optimal security so that you can use the internet safely without leaving yourself vulnerable to any type of attacks.
The four-level line defense is as listed below
NetBarrier’s Personal Firewall protects and monitors all incoming and outgoing data. A customized mode allows you to create your own defense rules, offering the most …
June 2, 2001 •
5 min read
SecurityInformation
You can use ShredIt to shred files, folders, the free space on a disk, or the entire contents of a drive. It will shred data on the hard drive, an external hard drive, a floppy disk, a zip disk, windows formatted media, a RAM disk, any disk you can attach you can attach to your Macintosh (except Read-only disks and CD ROMs).
Configure ShredIt to ask you before it shreds so that you can confirm or cancel shredding.
Choose the overwrite pattern and the number of times it will overwrite the original …
June 2, 2001 •
2 min read
SecurityInformation
Security method. The Eraser Pro deletes your files by using a sophisticated procedure. It lets you customize many details of this job. The recovery of deleted files becomes impracticable: there’s no utility able to do it!
Simple method. You may also choose some details of this job.
The Eraser Pro returns several information while is using the features of above and allows you to stop its performance at any time. It works fine and fast in background, deleting large groups of items, you may also instruct it to ask you the permission, …
June 2, 2001 •
3 min read
SecurityInformation
Files deleted by the Macintosh through the trash can are easily recovered using most disk utilities, including Norton and MacTools. Burn securely erases data in sensitive files by overwriting the data one or more times before the file is deleted. When combined with encryption such as that provided by Enigma a user of Burn can keep their system’s sensitive data completely secure.
Views
Excellent program if you want to totally delete those secure files/images/directories. A must have for the people who want to keep anonymous and secure.
Download Version
You can download Tresor from:
SecureMac …
June 2, 2001 •
2 min read
SecurityInformation
Drop a file on this application to quickly and securely encrypt it, or decrypt previously encrypted files. Supports both QE’s original encryption format, and a text-based one, suitable for sending in the body of e-mail messages. Supports self-decrypting archives, so you can send encrypted data to another user without them needing to have QuickEncrypt.
Download Version
You can download Quick Encrypt 3.0.3 from:
SecureMac
Or try Downloading From:
Dejal’s FTP Site
Features
QuickEncrypt is very configurable and has many features, including archiving several files in one encrypted file, multiple worksets, user-controlled password limitations, default passwords, automatic encryption …
June 2, 2001 •
1 min read
