h4k.com

Little Snitch is a host-based firewall for OS X that allows granular control of both in and outbound network connections. It has an intuitive and easy to use interface that pops up notifications when any application attempts to connect out to the Internet. Setting rules to temporarily or permanently allow or deny connections can be done with a single click. Little Snitch is a closed-source application that costs $29.95 but the demo version can be downloaded and ran for free. One completely free firewall alternative to Little Snitch called GlowWorm (version 1.5.2) is not recommended because it causes OS X 10.5.4 to crash upon rebooting and requires loading in to single user mode to disable the application.

http://www.obdev.at/products/littlesnitch/index.html

Installing Apple Open Firmware adds an additional layer of protection to an Apple computer by requiring a password to be entered before accessing one of the many potentially compromising start-up options This password can be removed by anyone with physical access to the computer by resetting a section of memory called the PRAM.

1) Change the amount of memory in the computer by adding or removing a stick of memory.
2) Turn the computer on.
3) Hold down Command, Option, ‘p’, and ‘r’ at the same time until the computer beeps and reboots three times. The password has now been removed.

To prevent this attack the Apple computer needs to have access to the memory physically locked and secured.

Open Firmware password protection for OS X prevents the computer from booting to alternative media, resetting parts of the memory, and using any of the many different startup options such as booting into single-user mode or safe boot mode unless the password is known. This helps increase security by preventing the current operating system from being bypassed at boot time or booting the computer into single-user mode gaining full access without any passwords (press Command and ’s’ during startup). Open Firmware requires that the password is entered to use the Startup Manager, which is accessed by pressing the Option key during startup.

Official Apple Open Firmware article with more details about the application here: http://support.apple.com/kb/HT1352

Install Open Firmware on OS X 10.5:

1. Insert the OS X 10.5 Disk 1
2. Click on the desktop or a finder window
3. Press Shift+Apple Key+g to open the “Go to Folder” window
4. Type or copy and paste in to the window: /Volumes/Mac OS X Install Disk 1/Applications/Utilities/
5. Click Go then drag and drop the Firmware Password Utility icon in to the Applications directory
6. Double click on the Firmware Password Utility icon in the Applications directory click Change then enter in a password.

Installation should be the same for OS X 10.4. Users of OS X 10.3 and below need to download the application from apple.com but should also upgrade OS X to the latest version for the additional security enhancements.

OS X has many options that can be used when the system is turned on. Start holding the keys down when the computer turns on, about the same time the startup noise occurs. Hold the keys until the progress indicator appears. The following commands can be used to help troubleshoot or upgrade an Apple computer.

• Press X during startup – Force Mac OS X startup
• Press Option-Command-Shift-Delete during startup – Bypass primary startup volume and seek a different startup volume (such as a CD or external disk)
• Press C during startup – Start up from a CD that has a system folder
• Press N during startup – Attempt to start up from a compatible network server (NetBoot)
• Press T during startup – Start up in FireWire Target Disk mode
• Press Shift during startup – Start up in Safe Boot mode and temporarily disable login items and non-essential kernel extension files (Mac OS X 10.2 and later)
• Press Command-V during startup – Start up in Verbose mode
• Press Command-S during startup – Start up in Single-User mode

OS X keyboard shortcuts for once the operating system has been loaded can be found here:
http://docs.info.apple.com/article.html?artnum=75459

Media codecs are used to decipher and display media streams and files. With the following applications you can expand the capabilities of Quicktime in OS X to view and listen to all of the major (and even some minor) types of media files on the Internet.

Perian – referred to as the swiss-army knife of Quicktime.
http://perian.org/

Windows Media Components for Quicktime – needed to play video and audio that has been created using Microsofts proprietary codec.
http://www.microsoft.com/…/wmcomponents.mspx

VLC – a more powerful, open source alternative to Quicktime. Also available for Linux and Windows.
http://www.videolan.org/

The SSH protocol can be used to securely connect to a remote computer. SSH access can be enabled in OS X by going to Preferences –> Sharing –> checking Remote Login On.

There are many client applications that can be used to connect to a computer running SSH (see here). When connecting to a computer over SSH a secure client application should ask to verify the key. The key is used to verify that the machine being connected to is the intended one. The OS X SSH key can be displayed by using the Terminal, which is located under Applications –> Utilities. After opening Terminal type:

ssh-keygen -l -f /etc/ssh_host_rsa_key

The key will be displayed as 16 hexadecimal characters separated by colons. If the string displayed by the SSH client does not match the one displayed in Terminal then it is likely there is a man-in-the-middle attack occurring and the connection should be terminated.