inside mac sec GSEC Gold paper
Permalink
Failed to load latest commit information.
antimal
antisploit
creds
files
fw
remote
server
LICENSE
OSX_Mavericks_Core_Technology_Overview.pdf
OSX_MountainLion_Core_Technologies_Overview.pdf
README.md
hosts
inside_mac_sec-BSK.doc
macsec_appendix.doc
mavericks-cves.pdf
sandboxes-mavericks.txt
sandboxes-mtnlion.txt
sec401.5_outline
sec401.6_outline
security-lion.txt
security-mtnlion.txt
security-mv.txt
system-sandboxes-mavericks.txt

README.md

inside-macsec

Notes, evidence, text, errata, references, and todos from my paper Inside Mac Security. It was published by GIAC for the GSEC Gold certification in March 2014. The official released verion is available from GIAC at http://www.giac.org/paper/gsec/28443/mac-security/124082 .

Abstract

Mac OS X includes many unique security technologies ranging from the Keyring system, integrated Kerberos, application and network firewalls, code signing, anti-malware and exploitation resistance technologies, and Internet client application security to many commands (client and server) specific to Macintosh systems that support the security systems including those for certificate management, firewall configuration, drive imaging and encryption. We introduce the Mac OS X security systems and discuss the built-in tools with deliberate focus on the system utilities and command line tools used by security professionals.