You can set most of the setting on a Mac centrally, if they are bound to an Open Directory server. I do not see a setting to block applications from being launched, though.
--Matt Ross Ephrata School District ----- Original Message ----- From: Ben M. Schorr [mailto:[email protected]] To: NT System Admin Issues [mailto:[email protected]] Sent: Mon, 17 Oct 2011 08:42:21 -0700 Subject: RE: Macs and vunerabilities > Can you set the parental controls centrally or do you have to walk around to > every Mac and configure them individually? > > Ben M. Schorr > Chief Executive Officer > ______________________________________________ > Roland Schorr & Tower > www.rolandschorr.com<http://www.rolandschorr.com/> > > From: S Powell [mailto:[email protected]] > Sent: Thursday, October 13, 2011 16:33 > To: NT System Admin Issues > Subject: Re: Macs and vunerabilities > > I know that many people on this list use GPO to whitelist apps in windows, > you can do the same on a mac with parental controls. > > We have a few, laptops and iMacs; and while they are only used by admins, we > have had normal users using them in the past. we have used Sophos and > ClamXAV, but for the most part simply limiting the users from running as > admin goes a long way. > MacDefender required admin credentials to install. > > > > > > > ----------------- > Who'd you rather be, the Beatles or the Rolling Stones? > > On Thu, Oct 13, 2011 at 15:41, Steven Peck > <[email protected]<mailto:[email protected]>> wrote: > The most recent big one was the Mac Defender. > http://en.wikipedia.org/wiki/Mac_Defender > > Apple's initial response was 'head inthe ground'. Due to outrage they did > eventually provide a fix. > > QUOTE > According to Sophos, by May 24, there had been sixty thousand calls to > AppleCare<http://en.wikipedia.org/wiki/AppleCare> technical support about > Mac Defender-related > issues,[16]<http://en.wikipedia.org/wiki/Mac_Defender#cite_note-wisniewski-apple-support-15> > and Ed Bott of ZDNet<http://en.wikipedia.org/wiki/ZDNet> reports that the > number of calls to AppleCare increased in volume due to Mac Defender, and > that a majority of the calls now pertain to Mac > Defender.[17]<http://en.wikipedia.org/wiki/Mac_Defender#cite_note-bott-16> > AppleCare employees have been told not to assist callers in removing the > software.[18]<http://en.wikipedia.org/wiki/Mac_Defender#cite_note-cluley-malware-17> > Specifically, support employees have been told not to instruct callers on > how to use Force Quit and Activity Monitor to stop Mac Defender, as well as > not to direct callers to any discussions pertaining to the problems caused > by Mac > Defender.[16]<http://en.wikipedia.org/wiki/Mac_Defender#cite_note-wisniewski-apple-support-15> > An anonymous AppleCare support employee said that Apple instituted the > policy in order to prevent users from relying on technical support instead > of anti-virus > programs.[18]<http://en.wikipedia.org/wiki/Mac_Defender#cite_note-cluley-malware-17> > /QUOTE > > While I don't see it in the wikipedia article, I believe that Russian law > enforcement raided a company where they provided services using this and a > variety of other programs to exploit systems and information stolen from > them. > > While in this case and it's varients these are primarily trojan based, with > no enterprise monitoring or reporting capabilities you have no way of > knowing if this is in your environment or not. > > On Thu, Oct 13, 2011 at 3:01 PM, David Lum > <[email protected]<mailto:[email protected]>> wrote: > Well, we're getting a Mac invasion here and there is zero apparent concern > for managing these things or worrying about vulnerabilities. To get to AD > resources they're standing up Win7 VM's but doing as much work as possible > on the native MacOS. > > They can get to the Internet, file shares, printers, e-mail, etc on native > Mac but I just have alarms going off in my head "unmanaged machines with no > idea what intellectual property is on them". > > Dave > > From: [email protected]<mailto:[email protected]> > [mailto:[email protected]<mailto:[email protected]>] > Sent: Thursday, October 13, 2011 2:49 PM > > To: NT System Admin Issues > Subject: Re: Macs and vunerabilities > > I remember the big "mac virus" recently was socially engineered - but that's > definitely the mac's biggest vulnerability. Given that mac users generally > believe they are invulnerable, its an arguably bigger vector than the same > one on a Windows system. > > Sent from my POS BlackBerry wireless device, which may wipe itself at any > moment > > ________________________________ > From: David Lum <[email protected]<mailto:[email protected]>> > Date: Thu, 13 Oct 2011 21:45:39 +0000 > To: NT System Admin > Issues<[email protected]<mailto:[email protected]>> > ReplyTo: "NT System Admin Issues" > <[email protected]<mailto:[email protected]>> > Subject: Macs and vunerabilities > > Does anyone have a link to an article or two that shows vulnerabilities that > have actually been exploited? Preferably not a random blog post... > David Lum > Systems Engineer // NWEATM > Office 503.548.5229<tel:503.548.5229> // Cell (voice/text) > 503.267.9764<tel:503.267.9764> > > > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ > ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ > > --- > To manage subscriptions click here: > http://lyris.sunbelt-software.com/read/my_forums/ > or send an email to > [email protected]<mailto:[email protected]> > with the body: unsubscribe ntsysadmin > > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ > ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ > > --- > To manage subscriptions click here: > http://lyris.sunbelt-software.com/read/my_forums/ > or send an email to > [email protected]<mailto:[email protected]> > with the body: unsubscribe ntsysadmin > > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ > ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ > > --- > To manage subscriptions click here: > http://lyris.sunbelt-software.com/read/my_forums/ > or send an email to > [email protected]<mailto:[email protected]> > with the body: unsubscribe ntsysadmin > > > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ > ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ > > --- > To manage subscriptions click here: > http://lyris.sunbelt-software.com/read/my_forums/ > or send an email to > [email protected]<mailto:[email protected]> > with the body: unsubscribe ntsysadmin > > > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ > ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ > > --- > To manage subscriptions click here: > http://lyris.sunbelt-software.com/read/my_forums/ > or send an email to > [email protected]<mailto:[email protected]> > with the body: unsubscribe ntsysadmin > > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ > ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ > > --- > To manage subscriptions click here: > http://lyris.sunbelt-software.com/read/my_forums/ > or send an email to [email protected] > with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to [email protected] with the body: unsubscribe ntsysadmin
