|Paid content will be excluded from the download.
| Matches : 23631
|Disable iTunes Music Sharing
When iTunes Music Sharing is enabled, the computer starts a network listening service that shares the contents of the user's music collection with other users in the same subnet. Unnecessary network services should always be disabled because they increase the attack surface of the system. Disabling iTunes Music Sharing mitigates this risk.
Automatically lock the account until the locked accoutn is released
By limiting the number of failed login attempts, the risk of unauthorized system access via user password guessing, otherwise known as brute forcing, is reduced. Limits are imposed by locking the account. Setting a lockout expiration of 15 minutes is an effective deterrent against brute forcing that also makes allowances for legi ...
Disable NFS Services if Not in Use
If the system does not require access to NFS (Network File System) file shares or is not acting as an NFS server, then support for NFS is non-essential and NFS services must be disabled. NFS is a network file system protocol supported by Unix-like operating systems. Enabling any service increases the attack surface for an intruder. By disabling unnecessary servi ...
Disable File Sharing Services
File Sharing is non-essential and must be disabled. Enabling any service increases the attack surface for an intruder. By disabling unnecessary services, the attack surface is minimized.
Disable Screen Sharing
The Screen Sharing feature allows remote users to view or control the desktop of the current user. A malicious user can take advantage of Screen Sharing to gain full access to the system remotely, either with stolen credentials or by guessing the username and password. Disabling Screen Sharing mitigates this risk.
Disable the Finger Service
The finger service has had several security vulnerabilities in the past and is not a necessary service. It is disabled by default; enabling it would increase the attack surface of the system.
Disable the Insecure SSH Version (privileged accounts)
The SSH Version should be explicity set to Version 2. Version 2 supports strong crypto and was rewritten from scratch to resolve several weaknesses in Version 1 that make it extremely vulnerable to attackers. The weaker crypto in Version 1 is potentially susceptible to certain forms of replay attacks. The system default is to only enable Vers ...
Disable the Insecure SSH Version (Non privileged accounts)
The SSH Version should be explicity set to Version 2. Version 2 supports strong crypto and was rewritten from scratch to resolve several weaknesses in Version 1 that make it extremely vulnerable to attackers. The weaker crypto in Version 1 is potentially susceptible to certain forms of replay attacks. The system default is to only enable ...
Disable the Prompt for Apple ID and iCloud
The prompt for Apple ID and iCloud must be disabled, as it might mislead new users into creating unwanted Apple IDs and iCloud storage accounts upon their first login.
Disable Wi-Fi if Not Required
The kernel extension for Wi-Fi network devices such as Airport must be removed to ensure that users will not be able to reactivate wireless networking at a later time. System updates will sometimes replace deleted kernel extensions. Administrator users may need to periodically check to ensure that the file remains deleted. Alternately, the wireless card hardware may ...
Pages:      Start    1    2    3    4    5    6    7    8    9    10    11    12    13    14    ..   2363
© 2013 SecPod Technologies