security for file sharing via TCP/IP and other Macintosh securityissues

Hi all -

I have a Mac in my office (running OS 9) to which I connect from home by
File Sharing via TCP/IP. Recently another computer in the building was
hacked remotely and a bunch of files were erased. I am now concerned about
mine; is there any sort of software package that can be applied over the
file sharing to give a higher degree of security? And, is there any known
way to access a Mac on the internet if the file sharing is turned off?
On a related issue, to monitor access to the Mac "in person" (people
using the machine from the console, is there any good software which can act
like a password protected screen saver, except that it 1) has several
possible passwords (so I can assign individual passwords to valid users, and
2) records the password and the date/time it's entered (so I can tell who is
using it when)?

I would greatly appreciate any suggestions (please cc: to
if possible). Thanks!

Mike

Mike Levin

In article <BB27CB73.1067D%>,
Mike Levin <> wrote:


> On a related issue, to monitor access to the Mac "in person" (people
> using the machine from the console, is there any good software which can act
> like a password protected screen saver, except that it 1) has several
> possible passwords (so I can assign individual passwords to valid users, and
> 2) records the password and the date/time it's entered (so I can tell who is
> using it when)?

Is there a reason not to upgrade to Mac OSX?
It would give you some tools.

As for 2) it's not a good idea to record passwords, because this file
can be read by an intruder, therby getting many passwords.

If you need a record, just record accounts and attemps, but no passwords.
Or, if you need passwords, print them on a printer physically (they
cannot be read remotely).

Marc

--
Marc Heusser - Zurich, Switzerland
Coaching - Consulting - Counselling - Psychotherapy
http://www.heusser.com
remove the obvious CHEERS and MERCIAL... from the reply address
to reply via e-mail

Mike Levin <> wrote in message news:<BB27CB73.1067D%>...
> Hi all -
>
> I have a Mac in my office (running OS 9) to which I connect from home by
> File Sharing via TCP/IP. Recently another computer in the building was
> hacked remotely and a bunch of files were erased.

Was this a Windows computer?

> I am now concerned about
> mine; is there any sort of software package that can be applied over the
> file sharing to give a higher degree of security? And, is there any known
> way to access a Mac on the internet if the file sharing is turned off?

> On a related issue, to monitor access to the Mac "in person" (people
> using the machine from the console, is there any good software which can act
> like a password protected screen saver, except that it 1) has several
> possible passwords (so I can assign individual passwords to valid users, and
> 2) records the password and the date/time it's entered (so I can tell who is
> using it when)?

See these software products:

http://docs.info.apple.com/article.html?artnum=31310

Note: At Ease is no longer under development and is not available for
purchase.

Multiple Users and Macintosh Manager have replaced much of the
functionality of At Ease (basic) and At Ease for Workgroups
respectively. Multiple Users is part of Mac OS 9, and Macintosh
Manager is available for AppleShare IP 6.x Servers and Mac OS X
Server. Macintosh Manager 1.3 works with Mac OS 7.6.1 through Mac OS
9.x client computers.

For more information on Macintosh Manager, please refer to the
following articles:

Article 75333: Macintosh Manager 1.3: Read Me

Article 60089: Mac OS X Server: Macintosh Manager Theory of Operation

I recommend upgrading to MacOS X if your environment allows it.

Robert

in article , Robert at
wrote on 7/2/03 1:45 PM:

>> I have a Mac in my office (running OS 9) to which I connect from home by
>> File Sharing via TCP/IP. Recently another computer in the building was
>> hacked remotely and a bunch of files were erased.
>
> Was this a Windows computer?

Nope - another Mac.

>> I am now concerned about
>> mine; is there any sort of software package that can be applied over the
>> file sharing to give a higher degree of security? And, is there any known
>> way to access a Mac on the internet if the file sharing is turned off?
>
>> On a related issue, to monitor access to the Mac "in person" (people
>> using the machine from the console, is there any good software which can act
>> like a password protected screen saver, except that it 1) has several
>> possible passwords (so I can assign individual passwords to valid users, and
>> 2) records the password and the date/time it's entered (so I can tell who is
>> using it when)?
>
> See these software products:
>
> http://docs.info.apple.com/article.html?artnum=31310
>
> Note: At Ease is no longer under development and is not available for
> purchase.
>
> Multiple Users and Macintosh Manager have replaced much of the
> functionality of At Ease (basic) and At Ease for Workgroups
> respectively. Multiple Users is part of Mac OS 9, and Macintosh
> Manager is available for AppleShare IP 6.x Servers and Mac OS X
> Server. Macintosh Manager 1.3 works with Mac OS 7.6.1 through Mac OS
> 9.x client computers.
>
> For more information on Macintosh Manager, please refer to the
> following articles:
>
> Article 75333: Macintosh Manager 1.3: Read Me
>
> Article 60089: Mac OS X Server: Macintosh Manager Theory of Operation
>
> I recommend upgrading to MacOS X if your environment allows it.

Thank you for the pointers to info - I'll check them out. As for OSX, I'd
love to - I used to admin Unix boxes and this would certainly make me more
useful with respect to security; but we are a biology lab with some exotic
hardware stuck onto these machines. None of it will work (yet, anyways) with
OS X...

Mike

in article marc.heusser-, Marc Heusser
at lid wrote on 7/2/03
2:09 AM:


>> On a related issue, to monitor access to the Mac "in person" (people
>> using the machine from the console, is there any good software which can act
>> like a password protected screen saver, except that it 1) has several
>> possible passwords (so I can assign individual passwords to valid users, and
>> 2) records the password and the date/time it's entered (so I can tell who is
>> using it when)?

> Is there a reason not to upgrade to Mac OSX?
> It would give you some tools.
>
> As for 2) it's not a good idea to record passwords, because this file
> can be read by an intruder, therby getting many passwords.
>
> If you need a record, just record accounts and attemps, but no passwords.
> Or, if you need passwords, print them on a printer physically (they
> cannot be read remotely).

Good ideas! Thanks. As for OSX, I'd love to - I used to admin Unix boxes and
this would certainly make me more useful with respect to security; but we
are a biology lab with some exotic hardware stuck onto these machines. None
of it will work (yet, anyways) with OS X...

Mike