Mac Security Software?

[dunc]

Too all mac users

Do you use any kind of anti-virus, anti-spam, anti-keylogger software? If so - what?

I'm using ClamXav but was just wondering if there are more?

[Cleo]

None here.

Not something that I worry about.

I've heard of a few Trojans but they need you to enter your admin user ID and password in order to do anything.

[raymor]

Not really too much to worry about or do on a desktop running a network operating system like
Mac, Linux, FreeBSD, etc.. Most of what you're talking about are programs designed to detect
and try to stop the symptoms, or effects, of an inherently insecure disk operating system (DOS)
such as Windows.

A network OS like you have is designed so that even the users can't mess it up if they try.
That's what makes shared hosting possible - you can log into the server, upload files, run
scripts, etc., but you can't do anything bad to the underlying system, because the system is
designed for that. Mac OS X is built on the same system as those shared servers (all derived
from UNIX).

I said what you referred to were programs designed to detect and try to stop the symptoms, or
effects, of an inherently insecure Disk Operating System (Windows). Mac, like Linux and other
POSIX systems, takes a different approach - just make the damn OS secure, rather than trying
to think of, detect, and stop everything a bad guy might do with the security holes.

ClamXav is pretty much doing nothing but slow your machine down.
Antivirus on non-Windows systems is generally used only on firewalls and mail servers to
protect the Windows machines sitting behind the secure system. If you don't have any Windows
machines plugged into your Mac, ClamXav isn't doing much. It's just trying to detect viruses that
can't hurt your Mac system anyway.

Security on your Mac is mainly a matter of two types of configuration, common sense, and backup.
Configuration wise, set your firewall to not allow any incoming connections that aren't required.
Turn off any services you don't use. For example, your Mac can run a web server, but there's
no need to run the web server software on your desktop, so make sure that's off. Then you have
common sense - don't run software that you unexpectedly receive via email, or that you downloaded
from hack sites. Lastly, make sure you have a really solid backup system which includes multiple
levels, so if something bad happens just before the backup runs you can use the previous backup
.
Clonebox is actually the state of the art backup for your system. Though Clonebox is marketed
for servers, really it's designed to clone network operating systems like Mac, FreeBSD, and Linux.

So those are the cornerstones of network OS security - use your firewall, don't run public services
needlessly, backup, and don't be a dumbass. You can certainly do beyond that, but it realyl won't
be by installing a bunch of new programs to detect this and stop that - it'll mainly be configuration settings. Google is your friend for more information, as is http://www.securemac.com/ .
The one thing you might want to install would be an IDS, or intrusion detection system.
"An IDS" really means "Snort" - it's THE IDS that everyone uses. Rather than a dozen
different programs to detect this and detect that like you have for Windows, on network
operating systems you just have one program which detects anything unusual.
Snort has thousands of rules to detect different kinds of intrusion attempts. Rather than
specifically targeting a specific virus or a patching a specific security hole, an enterprise
grade IDS watches for anything "unsual". That means that as you run it for a while you'll
tweak things so it knows what is "usual" for your sysytem and what is not.


macosxsnort.php

[Cleo]

This just came into one of my RSS feeds today.
Intego releases report on Mac, iPhone security for 2009

[dunc]

Thanks raymor - lots of good info there for me to look over and implement, most of which I have never heard of

I had one of those trojans the other day Cleo, it nearly got me - but I used my jedi skills to combat it