Thursday, December 20, 2007

Mac OS X Open Source and Security

Previously I blogged about my regularly used Open Source applications on the Mac. Today I am dealing with some applications that deal with security on the Mac. In my career I wear two hats, one of Open Source advocate/developer/consultant and then also a security consultant hat.
I also have a keen interest in keeping my Mac secure when using it from day to day - thus the tools I am about to discuss deal with "personal" security (local firewall for example) as well as "network" security.

Lets get started.

  1. MacGPG (
    • The Free Software implementation of PGP. I specifically use the GPGMail plug-in for Apple to allow me to send and receive encrypted email as well as sign emails and verify email signatures.
  2. sshfs (
    • A FUSE pluggable filesystem for the Mac that allows it to mount drives on other Unix or Linux hosts using ssh. This might not be a specific security related app but it does allow for extra security when sharing across a network - the links are encrypted and safe from snooping.
  3. Waterroof (
    • A personal firewall manager that exposes the underlying, powerful, ipfw firewall of Mac OS X. There were a couple of scares with the Leopard firewall's default behavior when it first ship and it led me to look for more information on the topic. Waterroof allows a user to truly fine-tune the firewall. A handy wizard also allows novice users to set up a very secure default policy.
  4. MacPorts Apps (
    • Some applications are best served using macports. To install the following app download and install macports and then issue: "sudo port install appname"
    1. nmap (
      • nmap is the de-facto standard when it comes to port scanning. You can use nmap to learn a lot about hosts, networks and services.
    2. wireshark (
      • wireshark is a packet sniffer with a lot of advanced capabilities. Packet captures can be analyzed to a great level of detail. It also produces traffic flow and usage reports on the traffic that it captures. If you need find out what is going on on your network you need Wireshark.
Thats it for this installment. There are many more apps within MacPorts that I'm not covering here, as well as some legendary apps like KisMac. I will try to blog again soon about some more Mac OS X Open Source goodness. As always comments are welcome and if you know of any other great OSS security analysis tools on the Mac please let me know.

No comments: