I need help locking down OSX..

Discussion in 'General Mac Discussion' started by Falleron, Oct 9, 2003.

  1. macrumors 68000

    Falleron

    Joined:
    Nov 22, 2001
    Location:
    UK
    #1
    Ok, I want to install OSX on a number of machines. They need to be secure. How do I stop people bringing along an OSX cd + resetting the password?

    Thanks
     
  2. macrumors 604

    iJon

    Joined:
    Feb 7, 2002
    #2
    download (possibly on the cd as well) apple's firmware password. it will set a password in the firmware and if anyone trys to access another method of booting whether it being another hard drive or cd, it will ask for a password.

    iJon
     
  3. Moderator emeritus

    SilentPanda

    Joined:
    Oct 8, 2002
    Location:
    The Bamboo Forest
    #3
  4. thread starter macrumors 68000

    Falleron

    Joined:
    Nov 22, 2001
    Location:
    UK
    #4
    Cheers. Does anyone else have any pearls of wisdom??
     
  5. macrumors 6502a

    LimeLite

    Joined:
    Mar 20, 2003
    Location:
    Los Angeles, Ca
    #5
    You could remove your optical drive. That way no one could boot from the CD! :D
    I'm kidding, of course.
     
  6. thread starter macrumors 68000

    Falleron

    Joined:
    Nov 22, 2001
    Location:
    UK
    #6
    Looked into that option!!
     
  7. Moderator emeritus

    Rower_CPU

    Joined:
    Oct 5, 2001
    Location:
    San Diego, CA
    #7
    Another vote for macosxlabs.org from me. Great site.
     
  8. macrumors 603

    rainman::|:|

    Joined:
    Feb 2, 2002
    Location:
    iowa
    #8
    kill everyone on earth with an OS X CD?

    go firmware password. simple, works.

    pnw
     
  9. macrumors 65816

    yamabushi

    Joined:
    Oct 6, 2003
    #9
    While MacOSX is in general more secure than most versions of Windows, it does not yet have a level of security equal to specialized secure versions of UNIX. OSX is about as secure as it gets for the consumer market, though. Just be aware of the fact that your system will not be 100% secure no matter what you do. Getting a little paranoid and building in extra layers of security isn't a bad idea. Make sure to check the clients for unauthorised apps and activity often.

    I have administered both Windows and Mac open labs. I have often been surprised at the level of skill and determination demonstrated by 1% of users. In my case, protection of the data stored on most of the computers was not critical, which made things much easier. Critical data was placed on a fileserver in a physically secured location. Nevertheless, unauthorised usage was a problem. We had a number of talented hackers at the school I was working at that liked to cause mischief, especially with the OS7-OS9 computers. On the OS8 machines I usually installed a clean disk image daily since they were the most popular targets. As soon as OSX came along things got easier after the transition, but still not perfect.
     
  10. thread starter macrumors 68000

    Falleron

    Joined:
    Nov 22, 2001
    Location:
    UK
    #10
    Thanks everyone for the help.
     

Share This Page