Passing the test
Well it looks like the Mac security challenge set up at the University of Wisconsin was successful, even if it was “prematurely terminated” by the powers-that-be at the university. It seems the test itself was not officially authorized, and, ironically, could have resulted in compromised security or functionality of the university’s system. It’s true that asking the world to attack a system on your university’s network is quite literally asking for trouble.
Regardless, according to a posting from the person who initiated the test, no one was able to access the Macintosh-under-test at all.  The poster (via Macintouch) says he will post test results in the future, but, based on the post, it’s clear that the machine was subject to pretty significant attacks and did fine.  Moreover, as mentioned previously, the machine was set up in a way that was more “open” to attacks than machines that most of the Rest of Us would set up.  A few things we can learn from the test:
  1.  Good passwords, especially for high-risk services like SSH (Remote Login) are critical. Various dictionary attacks were tried against SSH in particular (see our book, chapter 4, “Managing Passwords”).
  2.  Be sure to use a personal firewall and enable its logging features.
  3.  Watch out for “social engineering” attacks against you and your Mac. In particular phishing schemes and attempts to get you to open attachments of any sort (see chapter 5, “Safe Surfing”, especially the sections “Safe E-mail” and “Phishing Schemes”).
Unfortunately the test didn’t really run for long enough to really “prove” anything, but it’s certainly a good piece of evidence in the overall Macintosh Internet security picture.
Friday, March 10, 2006