[Ti] Privacy

David Remahl david at ittpoi.com
Sun Jun 15 13:19:16 PDT 2003 

On söndag, jun 15, 2003, at 22:04 Europe/Stockholm, Tom R. no spam 
wrote:

> I've done packet sniffing when not behind a firewall, using
> a fixed IP address which is very seldom used, and found my
> unit hit with a port scan from outside in less than a minute.
> If you're running an application which leaves a port open,
> that can be found and exploited.

...can be found and _potentially_ exploited...

There are, as far as I know, no general vulnerabilities associated with 
simply having a port open. Furthermore, Apple has been quite good at 
updating the built in services (that are disabled by default) as 
vulnerabilities in the applications appear.

I would say that 90% of warnings raised by firewalls are false alarms, 
resulting from normal use of the network. Of the remaining 10%, I think 
9.9% would not have any idea what to do when they find a Mac on the 
other side. They may try to run a few common Windows exploits, try to 
log in over ssh with no password. The remaining 0.1% is the dangerous 
one. To avoid being attacked by that knowledgable tenth of a percent, 
make sure you keep up on the security updates (Software Update) and 
that you don't leave services on unless you really need them. And if 
you do need FTP or SSH, that you make sure to choose good (meaning 
long, complicated) passwords. If possible, replace FTP by using SFTP 
with SSH.

The only port I can think of that is open on a default Mac OS X 
install, is 631, for the CUPS print server. As far as I know, there 
hasn't ever been an exploit that made use of that, though.

/ Regards, David Remahl

> On Sun, 15 Jun 2003, Tarik Bilgin wrote:
>  . . .
>>> Is there any way that someone can gain access to our PowerBooks when
>>> we are online without our approval?  I have always assumed that such
>>> was not possible, but I am not dreaming.
>>
>> it totally depends what applications you are running. Yes, there are
>> applications you can run which will give people certain access to
>> services on your Powerbook.
>>
>> The most simple of these are: ftp service, web service, ssh service,
>> smb (windows file sharing) service, which can all b e switched on and
>> off in the sharing pane of Sys Prefs.

--- PGP key information---
pub  1024D/ 87256085 2003/06/12 David Remahl <david at ittpoi.com>
Web: http://ittpoi.com/david_remahl.asc
Fingerprint: 0C38 293C 86A9 7756 9CEA  4ED6 1651 620E 8725 6085

More information about the Titanium mailing list