Thoughtful, detailed coverage of the Mac, iPhone, and iPad, plus the best-selling Take Control ebooks.

 

 

Pick an apple! 
Become a TidBITS member!
 

 

TidBITS Watchlist
 
Customize Open/Save Dialog Sidebars

You can customize the sidebar in an Open/Save dialog the same way you can in a Finder window: you can reorder the position of items, drag them off into puff-of-smoke oblivion, and even drag a folder from the dialog's list into the sidebar.

Visit MacTipster blog


Link to this tip

Submitted by
Sharon Zardetto

Share your own tip! | Search TipBITS

 

 

Published in TidBITS 261.
Subscribe to our weekly email edition.

 

 
30 Jan 1995 | Print Printer-Friendly Version of This Article

Keep Your Doors Locked

by Geoff Duncan Send Email to Author

Send Article to a Friend

The Computer Incident Advisory Capability office (CIAC) issued a notice 23-Jan-95 on two techniques currently being used to compromise the security of Internet hosts: spoofing and hijacking (or tapping). Although neither of these techniques is particularly new, apparently incidence of their use has increased sharply.

The first method, spoofing, involves an attacker "impersonating" a local machine by altering his or her packets to appear as if they originated at a local machine. This in itself is not inherently a threat; however, many local networks are configured so they implicitly "trust" packets arriving from particular hosts (say an administrator's workstation) and do not require authentication on requests from those machines. If intruders successfully impersonate a trusted machine on a network, they could potentially acquire full access to files, mail, accounts, or anything else on that network. The recommended workaround is to configure network routers to block any packet entering from outside and claiming to be from the local domain.

Hijacking, or tapping, involves using a tool called tap to take over existing login sessions on a system. A user or intruder with root access can use tap to execute commands exactly as if they had been typed by the owner of that login session. If that user had connected to a remote system within that session, no authentication would be required to gain access to that remote system. Users of a hijacked session may notice commands appearing as they're typed by the intruder, screens suddenly clearing, or other unusual events. Contrary to net rumors, it appears that the tap tool is available only for SunOS 4.1.x systems.

These threats do not have an enormous direct impact on Macintosh users, although they could have an affect on systems you connect to with your Macintosh, particularly in corporate, educational, or government sites. Check with your system administrator if you think this information may apply to you or your site. CIAC notices, various software, details on mailing lists and other information are available at:

ftp://ciac.llnl.gov/pub/ciac/

Information from:
CIAC <ciac@llnl.gov>
Pythaeus

 

CrashPlan is easy, secure backup that works everywhere. Back up
to your own drives, computers, and online with unlimited storage.
With unlimited online backup, this is one resolution you can keep.
Back Up Your Life Today! <http://crashplan.com/ref/tidbits.html>