Mailinglist Archive: opensuse-security (685 mails)

< Previous Next >
Securing a mac infested network with Suse
Look this is a most painful topic for me to put in front of you all and
perhaps it is not the right forum but I have been monitoring for a while
and I need a place to start...

My company uses macintoshes on the LAN but I cannot seem to find much
good information on how these annoying little machines impact security.
I have scanned them with several tools and I have found a few network
services running: SRVLOC (427/tcp), afpovertcp (548/tcp), a warning
concerning CVE:CAN-1999-0454, a warning concerning ICMP_MASKREQ, plus I
have been able to conduct a ping attack on the macs effectively
disconnecting them from the network. They periodically send out packets
addressed to 239.255.255.253 a SRVLOC Service Request (apparently part
of the SLP protocol. But what's that ip?) On win machines and Linux
boxes you can read a ton about how to secure them and you can find
zillions of people willing to help but when I try to talk to the mac
people about what their machines are doing on my LAN I get slapped in
the face with what I like to (angrily) call "Apple Arrogance" (and yet
they are unable to find the button that turns off the unneeded
services.) Everything I do read, from "official sources" gives one the
impression that Apple has thought of everything and I need not worry,
Mr.Jobs will take care of everything for me. Unofficially I have found
a dozen or so "tools" designed to wreak havoc with a mac and the network
its on. Does anyone know what risk these mystery machines really pose
to a network? Will I have to settle for putting them behind a firewall
and not be able to secure them individually? I know that generally macs
are a miniscule part of the problem but for a novice like myself with a
number of them to worry about I'd like to have a handle on what the
issues actually are instead of leaving it all up to Apple.

If you have a better forum for this question let me know and I'll go
there. This is just a shot in the dark with this issue.

Tim





< Previous Next >
This Thread
Follow Ups