A good start is something like this: <http://books.google.com/books/about/A_Practical_Guide_To_Unix_For_Mac_Os_X_U.html?id=o9K8KEQic5sC>
A little old, but it'll get you started. Care to share the article links you're looking at? We can help decipher them. Turning on the firewall is good, knowing which services to allow and not allow is simple for someone who knows the OS inside and out, but to a newb (and we've all been there, including me) it can be well nigh unintelligible. On Aug 17, 2012, at 7:20 AM, JohnV wrote: > Yes Master. I will Master. I will study these things you have shown me. You > have so much knowledge, Master, I will try to understand but there is SO > much... Ignorance is NOT bliss... and I will still try to walk the rice > paper, even though all I can manage so far is to blow my nose on it. Well, someday, grasshopper, you will snatch the pebble from my hand, and if it's by sneaking up behind me with a 2x4 you will have learned well! 8-P > > John Vengrouskie > > On Aug 16, 2012, at 12:09 PM, Bruce Johnson wrote: > >> >> On Aug 16, 2012, at 8:19 AM, JohnV wrote: >> >>> iMac intel >>> >>> In playing with security/firewall settings while reading aricles on Mac >>> vulnerabilities, I changed a setting and now, when I fire up the iMac >>> (10.6.8) , after logging in, I get a stacked set of identical windows, each >>> asking if I want to ALLOW or DENY a named application to have access. I >>> clicked on DENY on each but would appreciate a clue about what these things >>> ARE. >>> >> >> You went and fiddled with things you do not comprehend, Grasshopper, and now >> it's broken. 8-) >> >> Go forth and undo your doings. These are all things that OS X normally uses >> behind the scenes to do things. >> >> Google is your friend, man is your less friendly, but very knowledgeable >> local geeky 'friend'. >> >> Denying these services means you : cannot share files, cannot connect to >> Windows shares, cannot print. >> >> This is a common consequence of encountering scary security and >> vulnerability articles with not enough understanding of the underlying >> processes and systems involved. >> >> There are a lot of FUD-ish articles out there that make it sound as if your >> Mac is merely seconds away from being completely taken over by Albanian >> criminal hacker terrorists intent on using your mac to trade child porn, >> nuclear secrets and celebrity email passwords, and getting you thrown in >> Gitmo while stealing every cent you own and taking out 14 billion dollars in >> loans in your name from banks run by Russian mobsters, who WILL pay to >> invent a time machine to go back in time to threaten castrating your >> grandfather before your father was born to force you to pay back the loans... >> >> Out of the box, if nothing is turned on in the Sharing pane, your Mac is >> pretty much immune to outside attacks as is. If you're connected behind a >> typical DSL or Cable router using NAT, your mac is pretty much immune to >> outside attacks as is. >> >> All of these things are parts of services that are called when you have >> stuff in the sharing pane ticked. >> >>> krb5kdc >> >> Kerberos, used for authentication by a host of services >> >> NAME >> krb5kdc - Kerberos V5 KDC >> >> SYNOPSIS >> krb5kdc [ -a ] [ -x db_args ] [ -d dbname ] [ -k keytype ] [ -M mkey- >> name ] [ -p portnum ] [ -m ] [ -r realm ] [ -4 v4mode ] [ -n ] >> >> DESCRIPTION >> krb5kdc is the Kerberos version 5 Authentication Service and Key Dis- >> tribution Center (AS/KDC). >> >>> >>> nmbd >> >> Look, you cannot share with Windows systems now. >> >> NAME >> nmbd - NetBIOS name server to provide NetBIOS over IP naming services >> to clients >> >> SYNOPSIS >> nmbd [-D] [-F] [-S] [-a] [-i] [-o] [-h] [-V] [-d <debug level>] >> [-H <lmhosts file>] [-l <log directory>] [-p <port number>] [-s <con- >> figuration file>] >> >> DESCRIPTION >> This program is part of the samba(7) suite. >> >> >>> >>> smbd >> >> Now you cannot mount volumes from Windows servers, either (or linux ones, or >> many NAS boxes) >> >> NAME >> smbd - server to provide SMB/CIFS services to clients >> >> SYNOPSIS >> smbd [-D] [-F] [-S] [-i] [-h] [-V] [-b] [-d <debug level>] >> [-l <log directory>] [-p <port number(s)>] [-P <profiling level>] >> [-O <socket option>] [-s <configuration file>] >> >> DESCRIPTION >> This program is part of the samba(7) suite. >> >> >>> >>> cupsd >> >> The CUPS (heart of the printing system in OS X) central dispatcher. Since >> the Mac uses 'network' printing even to use locally attached printers, >> preventing cupsd from doing it's thing, means you cannot print. >> >> cupsd(8) Apple Inc. >> cupsd(8) >> >> NAME >> cupsd - cups scheduler >> >> SYNOPSIS >> cupsd [ -c config-file ] [ -f ] [ -F ] [ -h ] [ -l ] [ -t ] >> >> DESCRIPTION >> cupsd is the scheduler for CUPS. It implements a printing system based >> upon the Internet Printing Protocol, version 2.1. If no options are >> specified on the command-line then the default configuration file /pri- >> vate/etc/cups/cupsd.conf will be used. >> >> >> >>> >>> AppleFileServer >> >> Now you cannot share files with other Macs. >> >> NAME >> AppleFileServer -- Apple File Protocol server. >> >> SYNOPSIS >> AppleFileServer >> >> DESCRIPTION >> How to run the AppleFileServer >> >> Running on MacOS X Desktop >> >> The AppleFileServer is typically launched using the Sharing >> Preference. Launch System Preferences. Select Sharing. Select >> the Services tab. Select Personal File Sharing and click start. >> >> >> >> >> -- >> Bruce Johnson >> University of Arizona >> College of Pharmacy >> Information Technology Group >> >> Institutions do not have opinions, merely customs >> >> >> -- >> You received this message because you are a member of G-Group, a group for >> those using G3, G4, and G5 desktop Macs - with a particular focus on Power >> Macs. >> The list FAQ is at http://lowendmac.com/lists/g-list.shtml and our >> netiquette guide is at http://www.lowendmac.com/lists/netiquette.shtml >> To post to this group, send email to [email protected] >> For more options, visit this group at >> http://groups.google.com/group/g3-5-list > > -- > You received this message because you are a member of G-Group, a group for > those using G3, G4, and G5 desktop Macs - with a particular focus on Power > Macs. > The list FAQ is at http://lowendmac.com/lists/g-list.shtml and our netiquette > guide is at http://www.lowendmac.com/lists/netiquette.shtml > To post to this group, send email to [email protected] > For more options, visit this group at http://groups.google.com/group/g3-5-list > -- Bruce Johnson University of Arizona College of Pharmacy Information Technology Group Institutions do not have opinions, merely customs -- You received this message because you are a member of G-Group, a group for those using G3, G4, and G5 desktop Macs - with a particular focus on Power Macs. The list FAQ is at http://lowendmac.com/lists/g-list.shtml and our netiquette guide is at http://www.lowendmac.com/lists/netiquette.shtml To post to this group, send email to [email protected] For more options, visit this group at http://groups.google.com/group/g3-5-list
