System process crashes should not be reported. Use launchctl unload -w to unload the com.apple.ReportCrash.Root.plist file in the /System/Library/LaunchDaemons directory.
Enable or disable System panics report as appropriate. Use launchctl unload -w to unload the com.apple.ReportPanic.plist file in the /System/Library/LaunchAgents directory.
Security appliances and firewalls are not always IPv6 aware, meaning that IPv6 traffic is frequently unfiltered and unprotected. If it is not in use, it should be disabled.
If the system does not require access to NFS (Network File System) file shares or is not acting as an NFS server, then support for NFS is non-essential and NFS services must be disabled. NFS is a network file system protocol supported by Unix-like operating systems. Enabling any service increases the attack surface for an intruder. By disabling unnecessary services, the attack surface is minimized ...
File Sharing is non-essential and must be disabled. Enabling any service increases the attack surface for an intruder. By disabling unnecessary services, the attack surface is minimized.
The Screen Sharing feature allows remote users to view or control the desktop of the current user. A malicious user can take advantage of Screen Sharing to gain full access to the system remotely, either with stolen credentials or by guessing the username and password. Disabling Screen Sharing mitigates this risk.
The finger service has had several security vulnerabilities in the past and is not a necessary service. It is disabled by default; enabling it would increase the attack surface of the system.
The telnet service must be disabled, as it sends all data, including the user's password, in a clear text form that can be easily intercepted and read. Passwords need to be protected at all times and encryption is the standard method for protecting passwords. If passwords are not encrypted, they can be plainly read (i.e., clear text) and easily compromised. Disabling telnet is one way to mitigate ...
The telnet service must be disabled, as it sends all data, including the user's password, in a clear text form that can be easily intercepted and read. Passwords need to be protected at all times and encryption is the standard method for protecting passwords. If passwords are not encrypted, they can be plainly read (i.e., clear text) and easily compromised. Disabling telnet is one way to mitigate ...
The telnet service must be disabled, as it sends all data, including the user's password, in a clear text form that can be easily intercepted and read. Passwords need to be protected at all times and encryption is the standard method for protecting passwords. If passwords are not encrypted, they can be plainly read (i.e., clear text) and easily compromised. Disabling telnet is one way to mitigate ...