Hi Godfrey, How do you turn on built-in firewalling? I use my administrator's account for work, because I want to have access to file vault. Can I use file vault from a user account? Paul
> On Apr 6, 2005, at 8:11 AM, Cotty wrote: > > > On 6/4/05, Godfrey DiGiorgi, discombobulated, unleashed: > > > >> (Note that the default Mac OS X configuration, out of the box, is > >> *not* > >> a proper security-managed Mac OS X system.) > > > > Godders, can you point me towards a decent URL that goes into detail > > about how one can properly manage the security in OS X? > > I've found this to be a reasonably good security primer for Mac OS X: > http://www.macdevcenter.com/pub/a/mac/2004/02/20/security.html?page=1 > It makes reference to several books that are worth reading too. > > The basics: > 1- create ONE administrator account, use it ONLY for installation of > software and management of the system. > 2- make all other accounts standard or controlled user accounts. Always > do your work in a user account. > 3- turn on the built in firewall and other security features. > 4- turn off auto-login, particularly if you're in a shared-use > environment. Set the screen saver to require password authentication to > re-enter your account. You might want to lock down all System > Preferences that can globally affect the config too (make them require > authentication) and consider locking the programs in > /Applications/Utilities off from user accounts. > 5- be sure to use Software Update and get all Security Updates on a > regular basis. > > Just that covers a tremendous amount of ground towards promoting a > low-risk computing environment. > > The biggest deficiency in the system configuration, as delivered, is > that it is configured for ease of setup and initial configuration ... > the first person to set up a system is automatically an administrator > account with auto-login turned on. And the built-in firewalling is not > turned on. These are > > Godfrey >
