Regular marked price: $59.95Discount Price: $37.76
Cost Savings: $22.19 (37%)Price fluctuation possible.
How soon does it ship: Normal ship time within one day
Type of bind: Kindle Edition
Dewey Decimal Number: 005
Format: Kindle Book
Label: Syngress
Manufacturer: Syngress
Quantity: 1
Page Count: 400
Printing Date: April 25, 2008
Publishing house: Syngress
Sale Popularity Level: 63834
Studio: Syngress
Other books you might be interested in perusing:
Editor's Notes and Comments:
Product Description:
Threats to Macintosh's OS X operating system are increasing in sophistication and number. Whether it is the exploitation of an increasing number of holes, use of rootkits for post compromise concealment or distributed denial of service, knowing how the system is vulnerable and how to defend it is critical to computer security. This book brings all this information together, providing a solid basis to help you succeed in protecting your organization from risk.
* Cuts through the hype with a serious discusion of the security
vulnerabilities of the Mac OS X operating system
* Reveals techniques by which OS X can be 'owned'
* Details procedures to defeat these techniques
* Offers a sober look at emerging threats and trends
User popularity level:
Rated by buyers 
-
I ordered this one too fast, few days later very first reviews were available and like them I can't recommend this book. too fragmented information without structure, looses the focus of other books covering same topics, its more a bunch of stories and scenarios around apple macs in history
Rated by buyers 
-
OS X Exploits and Defense suffers from a number of problems. The organization is totally random. Each author's chapters are unrelated to the others, and there's no real progression. The description of the book seems to be more advanced, targeted at people who write exploits and do system level hardening, but the actual content is mostly beginner-oriented. The writing is poor and in need of some good editing and proofreading.
Here's a description of the very first 5 chapters.
Chapter 1:
Macintosh OS X Boot Process and Forensic Software.
2 pages of introduction. 2 pages of describing the boot process, which mainly consists of "There is this thing called EFI and xnu, and here are some keys that you can press during boot to do stuff". It mentions that you can boot off a CD to reset the password, but doesn't mention setting a firmware password. 10 pages describing third party forensic software, which didn't really seem to have any relation to booting, so why are they in the same chapter?
Chapter 2: Past and current threats
A few pages on how some people think OS 9 was invincible, but it really isn't. A few pages on how buffer overflows are exploitable on OS 9, and demonstrating an overflow (but not an exploit) in Eudora for OS 9. First, who cares about OS 9? Second, of course buffer overflows are exploitable on OS 9. Why would anyone devote any time to this?
The chapter moves on to OS X, which is a lot more interesting. It describes some old vulnerabilities. Then there are sections on Unicode exploits, exploiting PowerPC binaries on Intel, and exploiting Wine-based Windows applications. All are interesting and relatively novel, although they are light on explanation and heavy on uncommented gdb output. There is some discusion of tricks that malware can use to hide itself, and some discusion of exploit techniques. Aside from the OS 9 content, this whole chapter was good.
Chapter 3: Malicious Macs: Malware and the Mac
It describes different types of malware, and specific instances of malware that have been targeted at old versions of Mac OS, as well as Mac OS X. It devotes a lot of time to arguing that malware can affect Mac OS X, and has. Which is true, but to any security-minded reader that should already be obvious, so I don't know what the point is. We all know idiot Mac users who think they're invincible, but they don't read books like this.
Chapter 4: Malware detection and the Mac
There's some discusion of whether or not anti-malware software is needed on the Mac, a brief discusion of malware detection techniques, and an overview of some available anti-malware software. All of this is fine, but it's at a low technical level suitable for an end user trying to decide what anti-virus program to buy. It doesn't fit with the book's marketed demographic.
Chapter 5: Mac OS X for Pen Testers
This chapter covers:
Running Terminal, running perl, installing and using CPAN, X11, compiling open source programs, an overview of open source security programs. There's a 6 page section on how to build Wireshark. The intended audience for this is again at a very rudimentary skill level.
This book's main problem is that it lacks focus, which might have something to do with the fact that it has 5 authors. It's all over the place in terms of the topics, and the intended audience. I think there are some people who might like any given chapter, but few who would want to read the whole thing. And there is very little content in the book that is novel, that you couldn't find just by Googling. I have higher hopes for "The Mac Hacker's Handbook" by Charles Miller and Dino Dai Zovi, which hasn't been released yet, so we'll see.
Find other books like this one:
