RE: Penetration Testing on Mac OS X

From: SD List (list@security-database.com)
Date: Sun Jul 22 2007 - 09:31:39 EDT


Hey there,

You should focus on OSX like any other unix based flavor.
Pay also attention to the its softwares and components (AirPort vuls,
safari, Dashboard...)

Nessus OSX version could be a good start to have an overview of the
security status and also to identify vulnerabilities related to other
protocols (dont forget, it is based on BSD)

cheers
security-database.com

> Hey,
>
> You could get some details about Mac OS vulnerabilities from the following
> sites:
>
> http://labs.idefense.com/
> http://secunia.com/
> http://www.us-cert.gov/
>
> http://www.securemac.com/
>
> hope it helps ....
>
> -----Original Message-----
> From: listbounce@securityfocus.com [mailto:listbounce@securityfocus.com]
> On
> Behalf Of michael-hermann@hotmail.com
> Sent: Friday, July 20, 2007 3:06 PM
> To: pen-test@securityfocus.com
> Subject: Penetration Testing on Mac OS X
>
> My customer recently got to me and asked my opinion about the security of
> Mac OS X. Specifically he wanted to know, how easy it is to break into
> this
> operating system and if Mac OS X has the same kind of vulnerabilities as
> other known operating systems.
>
>
> I would like to point out the pros and contras of this operating system.
> Could you help me with informations regarding vulnerabilities, facts and
> figures about implemented security details in this operating system,
> tutorials, etc.... ?
>
>
> thanks very much for helping
>
> greetings michael
>
> ------------------------------------------------------------------------
> This List Sponsored by: Cenzic
>
> Swap Out your SPI or Watchfire app sec solution for
> Cenzic's robust, accurate risk assessment and management
> solution FREE - limited Time Offer
>
> http://www.cenzic.com/c/wf-spi
> ------------------------------------------------------------------------
>
>
> ------------------------------------------------------------------------
> This list is sponsored by: Cenzic
>
> Need to secure your web apps NOW?
> Cenzic finds more, "real" vulnerabilities fast.
> Click to try it, buy it or download a solution FREE today!
>
> http://www.cenzic.com/downloads
> ------------------------------------------------------------------------
>
>

------------------------------------------------------------------------
This list is sponsored by: Cenzic

Need to secure your web apps NOW?
Cenzic finds more, "real" vulnerabilities fast.
Click to try it, buy it or download a solution FREE today!

http://www.cenzic.com/downloads
------------------------------------------------------------------------



This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:57:57 EDT