BKMCOSXS.RVW 20031025 "Mac OS X Security", Bruce Potter/Preston Norvell/Brian Wotring, 2003, 0-7357-1348-0, U$39.99/C$62.99/UK#30.99 %A Bruce Potter %A Preston Norvell %A Brian Wotring %C 201 W. 103rd Street, Indianapolis, IN 46290 %D 2003 %G 0-7357-1348-0 %I Macmillan Computer Publishing (MCP) %O U$39.99/C$62.99/UK#30.99 800-858-7674 www.mcp.com info@mcp.com %O http://www.amazon.com/exec/obidos/ASIN/0735713480/robsladesinterne http://www.amazon.co.uk/exec/obidos/ASIN/0735713480/robsladesinte-21 %O http://www.amazon.ca/exec/obidos/ASIN/0735713480/robsladesin03-20 %P 385 p. %T "Mac OS X Security" Part one covers the basics. Chapter one provides a very brief look at foundational security tools, and some UNIX user and group information. Installation, in chapter two, has a little information about BSD services and filesystems, but otherwise is a fairly standard run through the installation process. Part two is about system security. Chapter three looks at general security practices for the Mac OS X client, in terms of boot and screensaver passwords and user setup. There is a review and some expansion (additional commands) of the UNIX material from chapter one in chapter four. The user applications discussed in chapter five mostly have to do with the keychain, email, and Web browser. Part three deals with network security. Internet services, in chapter six, concentrates on the configuration of the Apache Web server. A variety of file sharing options are discussed in chapter seven. Chapter eight looks at network services in terms of firewalls, virtual private networks (VPNs), and wireless networking, and has a rather odd inclusion of antivirus tools. The concepts are good but the details are weak. Enterprise security is in part four. Chapter nine looks at the host configuration very briefly, mentioning the login banner and Kerberos. Directory services and Open Directory are reviewed in chapter ten. Part five examines auditing and forensics. (Get it? Never mind ...) Chapter eleven discusses various logs and options for auditing. The Osiris change detection program and TASK (The @stake Sleuth Toolkit) are described in chapter twelve. Chapter thirteen closes off with a generic look at incident response. Once again Mac users get a rather lackluster resource for security, which is a pity, since they now have a reasonably secure underpinning to the system. copyright Robert M. Slade, 2003 BKMCOSXS.RVW 20031025