cknowledgments Syngress would like to acknowledge the following people for their kindness and sup port in making this book possible. Syngress books are now distributed in the United States and Canada by O'Reilly Media, Inc. The enthusiasm and work ethic at O'Reilly are incredible, and we would like to thank everyone there for their time and efforts to bring Syngress books to market: Tim O'Reilly, Laura Baldwin, Mark Brokering, Mike Leonard, Donna Selenko, Bonnie Sheehan, Cindy Davis, Grant Kikkert, Opol Matsutaro, Steve Hazelwood, Mark Wilson, Rick Brown, Tim Hinton, Kyle Hart, Sara Winge, Peter Pardo, Leslie Crandell, Regina Aggio Wilkinson, Pascal Honscher, Preston Paull, Susan Thompson, Bruce Stewart, Laura Schmier, Sue Willing, Mark Jacobsen, Betsy Waliszewski, Kathryn Barrett, John Chodacki, Rob Bullington, Kerry Beck, and Karen Montgomery. The incredibly hardworking team at Elsevier Science, including Jonathan Bunkell, Ian Seager, Duncan Enright, David Burton, Rosanna Ramacciotti, Robert Fairbrother, Miguel Sanchez, Klaus Beran, Emma Wyatt, Chris Hossack, Krista Leppiko, Marcel Koppes,Judy Chappell, Radek Janousek, and Chris Reinders for making certain that our vision remains worldwide in scope. David Buckland, Marie Chieng, Lucy Chong, Leslie Lim, Audrey Gan, Pang Ai Hua, Joseph Chan, and Siti Zuraidah Ahmad of STP Distributors for the enthusiasm with which they receive our books. David Scott, Tricia Wilden, Marilla Burgess, Annette Scott, Andrew Swaffer, Stephen O'Donoghue, Bee Lowe, Mark Langley, and Anyo Geddes ofWoodslane for distributing our books throughout Australia, New Zealand, Papua New Guinea, Fiji,Tonga, Solomon Islands, and the Cook Islands. V "echnical Editor and Contributing Author v^j Bruce Potter is a Senior Associate at Booz Allen Hamilton. Prior to working at Booz Allen Hamilton, Bruce served as a software security consultant for Cigital in Dulles, VA. Bruce is the founder of the Shmoo Group of security professionals. His areas of expertise include wireless security, large-scale network architectures, smart- cards, and promotion of secure software engineering prac tices. Bruce coauthored the books 802.11 Security and Mac OS X Security. He was trained in computer science at the University of Alaska, Fairbanks. First and foremost I would like to thank my family for putting up with me and my time constraints due to the many projects I am dealing with. Vd also like to thank The Shmoo Group for all the guidance and wisdom they have imparted on me over the years. Finally, a big thank-you goes to Syngress, for giving me the opportunity to work on an interesting enjoyable project. Bruce wrote Chapter 7. ontributing Authors Johnny Long is a "clean-living" family guy who just so happens to like hacking stuff. Recently, Johnny has enjoyed writing stuff and presenting stuff at conferences, which has served as yet another diversion to a serious (and bill- paying) job as a professional hacker and security researcher for Computer Sciences Corporation. Johnny enjoys spending time with his family, pushing all the shiny but tons on them thar new-fangled Mac computers, and making much- VII "echnical Editor and Contributing Author v^j Bruce Potter is a Senior Associate at Booz Allen Hamilton. Prior to working at Booz Allen Hamilton, Bruce served as a software security consultant for Cigital in Dulles, VA. Bruce is the founder of the Shmoo Group of security professionals. His areas of expertise include wireless security, large-scale network architectures, smart- cards, and promotion of secure software engineering prac tices. Bruce coauthored the books 802.11 Security and Mac OS X Security. He was trained in computer science at the University of Alaska, Fairbanks. First and foremost I would like to thank my family for putting up with me and my time constraints due to the many projects I am dealing with. Vd also like to thank The Shmoo Group for all the guidance and wisdom they have imparted on me over the years. Finally, a big thank-you goes to Syngress, for giving me the opportunity to work on an interesting enjoyable project. Bruce wrote Chapter 7. ontributing Authors Johnny Long is a "clean-living" family guy who just so happens to like hacking stuff. Recently, Johnny has enjoyed writing stuff and presenting stuff at conferences, which has served as yet another diversion to a serious (and bill- paying) job as a professional hacker and security researcher for Computer Sciences Corporation. Johnny enjoys spending time with his family, pushing all the shiny but tons on them thar new-fangled Mac computers, and making much- VII too-serious security types either look at him funny or start laughing uncontrollably. Johnny has written or contributed to several books, including Google Hacking for Penetration Tester9 from Syngress Publishing, which has secured rave reviews and has lots of pictures. Johnny can be reached through his website, http: / /j ohnny.ihackstuff. com Thanks first to Christ without whom I am nothing. To Jen, Makenna, Trevor and Declan, my love always. Thanks to Bruce Potter for the opportu nity to chime in on this one, and to my fellow co-authors. I hold you all in the highest regard. Thanks to Anthony K,Al E, Ryan C, Thane E, and Gilbert Vfor introducing me to the Mac. Thanks to Jaime Quigley, Andrew Williams and all of Syngress. I canyt thank you enough. Thanks to Jason Arnold (Nexus!) for hosting me, and all the mods onJIHSfor your help and support. Shouts to Nathan B, Sujay S, Stephen S, James Foster, Jenny Yang, SecurityTribe, the Shmoo Group, Sensepost, Blackhat, Defcon, Neal Stephenson (Baroque), Stephen King (On Writing), Ted Dekker (Thr3e), P.O.D., Pillar, Project86, Shadowvex,Yoshinori Sunahara. 'Tm sealing the fate of my selfish existence / Pushing on with life from death, no questions left / Tm giving my life, no lessy) from A Toast To My former Self by Project8 6 Johnny wrote Chapter 2 and Chapter 5. He also contributed to the technical editing of this book. Ken Caruso is a Senior Systems Engineer for Serials Solutions a Pro Quest company Serials Solutions empowers librarians and enables their patrons by helping them get the most value out of their electronic serials. Ken plays a key role in the design and engineering of mission critical customer facing systems and networks. Previous to this Ken has worked at Alteon, a • Boeing Company, Elevenwireless, and Digital Equipment Corporation. Ken's expertises include wireless networking, digital security, design and implementation of mission critical systems. Outside of the corporate sector Ken is co-founder of Seattlewireless.net one of the first community wireless networking projects in the U.S. Ken studied Computer Science at Daniel Webster College and is a member of The Shmoo Group of Security Professionals. Ken has been invited to speak at many technology and security events including but not limited to Defcon, San Diego Telecom Council, Society of Broadcast Engineers, and CPSR: Shaping the Network Society. Ken would like to acknowledge the great support he has always received from friends and family as well the unflagging patience of his editor at Syngress. Ken wrote Chapter 3. Chris Hurley (Roamer) is a Senior Penetration Tester working in the Washington, DC area. He is the founder of the Worldwide WarDrive, a four-year effort by INFOSEC professionals and hobbyists to generate awareness of the insecurities associated with wireless networks and is the lead organizer of the DEF CON WarDriving Contest. Although he primarily focuses on penetration testing these days, Chris also has extensive experience performing vulnera bility assessments, forensics, and incident response. Chris has spoken at several security conferences and published numerous whitepapers on a wide range of INFOSEC topics. Chris is the lead author of WarDriving: Drive, Detect, Defend (Syngress, ISBN: 1-931836-03-5), and a contributor to Aggressive Network Self-Defense (Syngress, ISBN: 1-931836-20-5) and InfoSec Career Hacking (Syngress, ISBN: 1- 59749-011-3). Chris holds a bachelor's degree in computer science. He lives in Maryland with his wife Jennifer and their daughter Ashley. Chris wrote Chapter 4. Tom Owad is a Macintosh consultant in south-central PA and the D.C. area and vice president of Keystone MacCentral. He serves on the board of directors of the Apple I Owners Club, where he is also webmaster and IX archivist. Tom is owner and Webmaster of Applefritter, a Macintosh community of artists and engineers. Applefritter provides its mem bers with discussion boards for the exchange of ideas and hosts countless member-contributed hardware hacks and other projects. Tom holds a BA in computer science and international affairs from Lafayette College, PA. Tom is the author of the Syngress title, Apple I Replica Creation: Back to the Garage (ISBN: 1-931836-40-X). Tom wrote Chapter 7. He is also the foreword contributor. Preston Norvell is a computer and networking geek. He has been fortunate to work as an administrator, engineer and consultant, and currently works as a network architect for a satellite communications company in the small town of Alaska, USA. He has pulled Ethernet cable through sewage melted by body heat, written the bill software for a utility, co-written a book on Mac OS X Security, designed and deployed systems and networks in places small and large, ported Open Source software to Mac OS X, and many other rather silly fun things. In his off time he tinkers with computers and networks, thinks about collections databases for museums, purchases entirely too many DVD's, wastes too much time, cooks for friends when he can, enjoys a spot of tea now and again, and continues to add to the lived-in look of his dwelling at a reasonable pace. He also plans to take over the world with a vast army of mind-controlled, monkey- piloted robot minions. I would like to thank Bruce and the folks at Syngress for the opportu nity to tag along on this project, as well as their patience and guidance. Apologies to my friends and co-workers for my absences and the late morn ings with tired eyes and many thanks for their patience and support. Thanks also to Hershey for Good & Plenty's, Republic of Tea for Blackberry Sage and a little place in Chinatown for their white tea and lapsang sou chong. And thanks much to the social insects all. Preston wrote Chapter 1. He also contributed to the technical editing of this book. x Foreword "The computer for the rest of us" was never considered much of a hackers platform. The original Mac didn't even have arrow keys (or a control key, for that matter), forcing the user to stop what he was doing, take his hands off the keyboard, and use the mouse. The Mac's case was sealed so tight, a special tool known as the "Mac cracker" was made to break it open. It was a closed machine, an information appliance. The expansionless design and sealed case of the Mac stood in stark contrast to the Apple II that came before it. With its rich graphical interface and ease of use, the Mac became the stan dard for graphic artists and other creative types. Custom icons and desktop pat terns soon abounded. The users that embraced the Macintosh for its simplicity began using ResEdit (Resource Editor) to modify system files and to person alize their machines. The Mac developed a fanatical following, and you could rest assured that each fanatic s system was unique, with the icons, menus, pro gram launchers, windows, sounds, and keyboard shortcuts all scrutinized and perfected to meet his personal needs. My Color Classic even played Porky Pig's "That's all folks" each time it shut down (although the novelty wore off on that one pretty quick). Mac OS X was met with some trepidation. It broke every program and system modification, it didn't have a proper Apple menu—and what on earth was this "dock"? Jef Raskin, who gave the Mac its name, wrote of Mac OS X, "Apple has ignored for years all that has been learned about developing UIs. It's unprofessional, incompetent, and it's hurting users." Bruce Tognazzini, founder of the Apple Human Interface Group, even penned an article titled "Top 10 Reasons the Apple Dock Sucks." XXI xxii Foreword Mac OS X was an entirely different operating system. Most classic Mac OS applications were compatible, but only when operating inside a special run time environment. All system extensions and user interface modifications were permanently lost. For many users, these changes are what made the computer "theirs" and they replied heavily upon their customizations to efficiently get work done. The loss was tremendous. And it was worth it. Preemptive multitasking, symmetric multiprocessing, multithreading, and protected memory. Protected memory was the one I wanted most. At a 1998 keynote, Steve Jobs showed off a mere dialog box, to great applause. The dialog read: "The application Bomb has unexpectedly quit.You do not need to restart your computer." I take it for granted on Mac OS X, but as I write this, I'm recalling occasions when Internet Explorer brought my entire system down multiple times in a single day. Mac OS X promised to combine the power and stability of Unix with the ease of use of Macintosh. I was cautiously optimistic with early releases (I've been using Mac OS X since Developer Release 4). Protected memory doesn't do much good when all your apps are running in the Classic Environment, and the user interface did indeed leave a lot to be desired. But with each revision, Mac OS X has improved dramatically. With Mac OS 10.4 Tiger, I no longer even have the Classic Environment installed, the user interface has improved to a degree that in many ways I far prefer it to that of Mac OS 9. Mac OS X has succeeded in combining the best of Unix with the best of the Macintosh. The Macintosh has become "the computer for everybody." For novices, it remains the easiest computer there is. For enthusiasts, as in the old days, there is a vast array of third-party applications, utilities, and customizations, to tweak and improve the way the OS works. For hackers and programmers, there's the command line and the BSD Unix compatibility layer. All the power, all the tools, and all the geekery of Linux is present in Mac OS X. Shell scripts, XI1 apps, processes, kernel extensions... it's a unix plat form. It's even possible to forgo Apple's GUI altogether and run KDE. Why you'd want to is another matter. While its unix core is what has made Mac OS X a viable platform for hackers and programmers, it's the user interface that has made it popular. Apple's Terminal application is perpetually running on my PowerBook, but so is iTunes, iCal, and a slew of Dashboard Widgets. Foreword xxiii If Apple hadn't moved to Mac OS X, I would have two computers. A classic Macintosh would be home to my "business" work—my email, calendar, word processor, etc. The other would be a Linux box, which I would probably connect to via an ssh connection from my Mac. Here would be the toys, the programming tools, the shell scripts, and everything I couldn't do within the confines of the old Mac. Thanks to the elegance and sophistication of Mac OS X, this isn't necessary. I've got every program I want to run and every tool I need to use on a single 4.6 lbs, 12" PowerBook. —Tom Owad www. applefritter. com www.syngress.com Chapter 1 A Network Admin's Guide to Using Mac OS X Solutions in this chapter: •. Running 3 Headless Mac - • Adding Interfaces to a Mac • The Macintosh as a Router • Mac OS X as a RADIUS Server M Summary EI Solutions Fast Track S3 Frequently Asked Questions 1
Description: