> If someone has enabled iTunes sharing, that says nothing about which > ports are listening out-of-the-box.
It's enabled by default. I don't know what port numbers they are. I'm sure it's a simple google search for anybody who wants to know. > And it certainly doesn't justify > your assessment about Mac OS X's security. Bonjour is a red herring; > if you're concerned about security, then the simplest port scanner > will find open services anyway. There's a big difference between somebody needing to run a port scan, versus it simply appears on everybody's screen without even the slightest effort. Literally, if somebody enables VNC on their system, then their system name will appear in my Finder sidebar, automatically and by default out-of-the-box, just to make sure everyone knows they can attempt to connect to that system. Did your port scan an hour ago? New service appeared now? Your port scan wouldn't know anything about it, unless you run it perpetually. I disagree with the "red herring" comment. Bonjour is a security threat. With Screen Sharing (VNC) or file sharing, you don't have to go looking for it. It appears automatically in the window you probably already have open. Assuming you have Finder open most of the time. Now that I think of it, file sharing is enabled by default too. But by default there's only the "public" directory published, and that is empty and read-only. Still, if there are any exploitable vulnerabilities, then you're vulnerable. If you want security, you don't blindly assume your services are all invulnerable. You disable and block all the services you don't use. > You still haven't backed up your comments by comparing how "loose" > OS X is compared to other OSes. I feel I have. _______________________________________________ Tech mailing list [email protected] http://lopsa.org/cgi-bin/mailman/listinfo/tech This list provided by the League of Professional System Administrators http://lopsa.org/
