In this chapter, we present concepts we will use extensively in Chapters 8, 9, and 10, which deal with securing Internet services. Although the material in this chapter is not particularly technical, you should read it before going on to the next three chapters. Even if you never intend to provide your own Internet services, these four chapters will give you a good understanding of Internet services that can run on your Mac, the risks they pose, and how to minimize those risks.

Using Versus Providing Internet Services

As an end user, you typically use Internet services, not provide them. When you get your e-mail or browse the Web, you are using Internet services. When you check or send your e-mail, for example, your e-mail program communicates with a computer at your ISP, which is running mail server software. Your ISP is providing the Internet service called e-mail, and you are using it.

The Mac OS originally did not come with the capability of providing built-in Internet services. If you wanted to run your own Web site, for example, you had to buy special Web-server software and run it on your machine or pay a Web-hosting service to host your Web site. Starting with Mac OS 8, however, the Mac OS came with a Web server, allowing Mac users to provide Web service. Over time, Apple built several Internet services into the Mac OS. We'll describe these services in Chapters 8 and 9.

Providing Internet services creates much more risk than just using them does. Fortunately, most Mac users have no need or desire to provide Internet services, so you may not have this source of vulnerability. And if you do need a Web site, many ISPs provide free personal Web sites with their Internet accounts. The ISP takes on the risks associated with running Web-server software; all you have to do is upload your pages and graphics.

In general, think carefully before enabling a built-in Internet service on your Macintosh. Securitywise, you're better off avoiding it.

Even if you don't want to provide Internet services, you should still read Chapters 8, 9, and 10 so that you know how various services get turned on and will be aware if they do get turned on, either accidentally or maliciously. If you decide that you need to provide an Internet service, Chapters 8, 9, and 10 will help you do so safely.

Levels of Security

You can use four general methods to reduce the risk associated with providing an Internet service. These methods are mutually exclusive; you choose one method for a particular service. From most secure (and most drastic) to least secure, the methods are:

• Delete the service from your hard disk. If the software doesn't exist on your disk, it can't pose any risk to you. Deleting a service makes sense if you don't need it now and are sure that you never will.
• Disable the service via the Extensions Manager. Many built-in services are implemented through system extensions and control panels, which are like mini-applications that load into memory when the machine is started and stay there. If you use the Extensions Manager (Figure 7.1) to disable a service's extensions and control panels, the service won't be loaded into memory the next time your machine starts. If the service isn't in memory, it can't be turned on and can't pose a risk. If you don't need the service now but think you might in the future, this method is the best option. Open the Extensions Manager Control Panel, locate the appropriate control panel or extension, and uncheck the checkbox next to it.



Figure 7.1 Extensions Manager Control Panel.

• Turn off the service. If you want to keep a service on standby, disabling it via the Extensions Manager may be awkward, because doing so requires restarting your machine. You can use the service's controls to turn it off, however. Unless the service gets turned on accidentally, it will pose no direct risk.
• Turn on the service, and be careful. If you must provide an Internet service, do so carefully, following the guidelines presented in Chapters 8, 9 and 10.



Figure 7.2 File Sharing control Panel, Users & Groups tab.

A general principle regarding the security of Internet services will appear again and again in this book: Take extra security measures, even if they seem to be redundant.

Suppose that a service is running, and you decide to secure it by turning it off. Although turning a service off means that no one can access it, someone who turns it on accidentally or maliciously--usually, with a single mouse click--will make your machine vulnerable again. Most services have several security features. If you use all available security features, many steps will be required to cause significant risk to your machine, making it less likely to happen by accident and more difficult to do maliciously. The more roadblocks you put between yourself and risk, the safer your machine will be.



Figure 7.3 The Users & Groups Identity window.



Figure 7.4 The Users & Sharing window.

AppleTalk and TCP/IP

Another general security principle involves AppleTalk and TCP/IP. If a service works over both AppleTalk and TCP/IP, and using the service over AppleTalk is sufficient for your purposes, you should disable its TCP/IP capabilities. Because AppleTalk is not routed over the Internet, using it instead of TCP/IP significantly reduces the risk of unauthorized access to the service. Note that although AppleTalk normally is not routed over the Internet, on misconfigured cable-modem systems, it can be routed to many users on your local part of the system. As a result, unknown users can access your AppleTalk services, such as File Sharing and Program Linking. You should never assume that AppleTalk poses no risk. Secure each service as though AppleTalk poses the same risks as the Internet.

Users & Groups

Many of the services described in this part of the book have user names and passwords as part of their security features. In particular, many services use the user names and passwords defined in the Users & Groups tab of the File Sharing Control Panel (Figure 7.2). Various services enhance security by requiring clients to enter a user name and password before they access the service. File Sharing also uses groups, which define a set of user names. Folders can be shared with a single user or a group.

You define new users and groups by clicking the appropriate buttons, and you edit them by double-clicking their names in the list. Each user entry has three windows, which you open through the Show pop-up menu in the user entry window (Figure 7.3). Figures 7.3 and 7.4 show the two windows that are most commonly used.

You use the Identity window to define the user name and password. Although we said in Chapter 4 that longer passwords are better, Mac OS 9 limits you to 8 characters. While not a serious problem, the limit does prevent you from choosing really long passwords. Mac OS X does not have this limitation. You use the Sharing window to allow the user to connect to different types of services (discussed in Chapter 8) as the need arises. We describe a third window, Remote Access, in Chapter 9.

We discuss the use of users and groups in sharing folders in Chapter 8.