Mac OS X Security Checklist
To immediately secure your Macintosh system, take the three steps below:
- Install anti-virus software
If you don't have anti-virus software installed, you may leave your
system vulnerable to viruses, Trojan horses, spam, and other intrusions.
Students, faculty and staff can download anti-virus software from the BevoWare site. You should configure your software to scan regularly and set your virus definition (DAT)
files to auto-update.
- Use the Mac OS X firewall
The built-in firewall protects your machine against Internet attacks and
random network scans. To turn on the firewall:
- In 10.4, open System Preferences and select Sharing. Click Firewall and then click Start.You can then choose to allow specific services.
- In 10.5, open System Preferences and select Security. Click Firewall and then select the level of control you want for the firewall. You can choose to allow specific services and applications.
- Run the software update application
Keeping your software up-to-date helps protect your system. Macintosh
provides a Software Update application that
you can use to schedule regular automatic updates.
For increased security, you should also take the following steps:
Create a user account
You should not use your administrator account for everyday tasks on your
computer. Your administrator account allows you to install software, but
using it all the time is dangerous because viruses and Trojan horses
run from the administrator account can cause greater harm to your computer.
To prevent damage to your system, you should create
a user account for every day use.
Set strong passwords on all accounts
All users on the UT network are expected to choose
strong passwords and guard them well. If someone else obtains your
password, they can access your private data (including e-mail), alter
or destroy your files and perform illegal or inappropriate activities
in your name. To learn more about choosing strong passwords, visit the Password Dos and Don'ts topic.
Disable file sharing
File sharing should be disabled unless you are purposefully using
it to copy items from one computer to another, or to allow a known party
to access files stored on your computer.
Be careful when using peer-to-peer file sharing applications
Although peer-to-peer (P2P) applications such as Napster, Gnutella, iMesh,
Audiogalaxy Satellite, and KaZaA, are a good way of sharing information,
if you do not use them appropriately you may degrade the performance of
the Universitys network, unknowingly share your personal data, inadvertently
violate federal copyright law, or expose your computer to malicious code
use. Read What
You Need to Know about Peer-to-Peer File-Sharing Applications.
Use secure file transfer
When transferring files over the Internet you should always use a secured
connection. SSH and SFTP applications encrypt and protect your passwords
and information. If you use Telnet or a non-secure FTP program,
your information is sent in the clear for anyone to see. SSH and SFTP
clients are available for download on the BevoWare site.