Securing Mac OS X Tiger

Stephen de Vries writes "Mac OS X is one of the most secure default installations of any OS. But it is still possible to lock the OS down further, in order to meet corporate security guidelines or to securely use network services. Corsaire has released a guide to Securing Mac OS X Tiger (long pdf) which addresses the new security features introduced through Tiger and presents some security good practice guidelines."

Does default matter?

[Poromenos1]

If you're going for corporate security, you're probably going to look at every aspect you need to lock down. Security by default matters for 90% of desktop users, but don't you disable services/add firewalls as soon as you set up your OS?

Easy as any O/S to secure...

[Nick+Driver]

Without even R'ing the FA, I can tell you that truly securing the Mac OS is just as easy as truly securing any other OS.

1) Unplug it from any network.
2) Strictly control whoever gets physical access.
3) ???
4) Security!

Seriously... after watching some dipshit try over 4,000 times within the span of a couple hours to attempt buffer overflows on every listening port on my honeypot last Friday afternoon, before I finally blacklisted his entire class C from my router, I've come to the same conclusion that the DoD has... that NO computer connected to the Internet can be made secure... period... that you should only connect disposeable devices to the public Internet.

I even wonder if I'm not the bigger dipshit for sitting there watching this idiot half the afternoon, throwing the kitchen sink at my poor machine in vain, before pulling the plug on him and banishing his whole netblock.