Threat Level: green Handler on Duty: Richard Porter

SANS ISC InfoSec Handlers Diary Blog

Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!

The Ultimate OS X Hardening Guide Collection

Published: 2012-02-20
Last Updated: 2012-02-20 02:04:54 UTC
by Johannes Ullrich (Version: 1)
7 comment(s)

Many security professionals tend to use OS X systems. Maybe for the nice and shiny looks, or the Unix under pinnings that make it a great platform to run current tools. However, the operating system itself isn't exactly "secure out of the box" and like all operating systems can profit from some additional hardening tricks. 

I have recently looked over a number of OS X hardening guides, and found that not many specifically address the latest version of OS X (Lion, 10.7), nor are they necessarily well maintained. Instead of coming up with another (soon to be outdated) guide, I am trying to come up with a "meta guide". If you know of a good hardening guide for OS X: Please let me know. Also, if there are any tricks that you find useful (or things that fired back and didn't work at all): Let me know too. 

Most notably: Apple released a guide for each version of OS X up to Snow Leopard, but I can't find one for Lion. Does it exist?

Here are some of the guides that I have sound so far:

NSA Guide:
Mac Shadows:
Univ. Texas:
Center for Internet Security:



Johannes B. Ullrich, Ph.D.
SANS Technology Institute

7 comment(s)
Diary Archives