From: Kevin McPeake <cowboy @
home .
byelex .
nl>
>Yeah, but with the MacOS, I still can leave things like filesharing, and
>other networking services ON and not worry about security. Heck, I could
>leave the Guest login with write permissions enabled on the Mac, and
>still run a secure server on the Net. (AppleTalk doesn't route over the
>net, without some very special plugins, which don't come standard.)
I wouldn't be too surprised to see Apple file sharing over IP as a
standard option soon. That would sure open up a lot of Mac networks
connected to the Internet to attack.
>Yes, but with the Mac, things get very complex, because typically, you
>pass commands to a "command line interface" via the httpd.....where's the
>command line interface?
I've seen command line interfaces brought up on Macs, though this is
likely a remote possibility on a Mac being used as a Web server. More
likely however, is that one or more scripting languages will be
installed to support scripting CGI programs. These scripting languages
can provide access to internal OS services -- though they should be
harder to exploit than the Unix and DOS command line interpreters.
Also, for remote administration and maintenance of MacOS web servers on
the Internet the webmaster will often install an FTP server on the Mac
(so that web pages can be updated, etc.) -- opening up the Mac to the
possibility of attack via FTP using a compromised (sniffed or guessed)
reusable password.
I've also heard of other protocols/products being used across the Internet
to control a server Mac (such as Timbuktu -- a Mac program similar to
PC-Anywhere and CarbonCopy).
- Morrow
|
|
