I noticed the other day that my XProtect file had been updated for the first time in quite a while. The reason this caught my eye is because prior to this update, the last one was back in October of 2013, and I hadn’t heard of any new threat. So I decided to do some digging. Continue reading
OS X Server comes with FreeRADIUS pre-installed, but does not have any GUI interface for enabling or configuring it. This guide will walk you through, step-by-step, how to enable, configure, and test your RADIUS server. I’ll probably follow up with a separate guide on configuring various devices to work with the FreeRADIUS server you will be configuring here. Continue reading
A friend recently reported a problem where he was getting update notifications from the Mac App Store (MAS) for programs he did not have installed, under an AppleID that was not his. Since these programs were not installed, he had no way to remove them, and since it was not his AppleID, he had no way to update them. As such, it seemed he was going to be stuck getting these update notifications forever. Luckily, with a little know-how and a lot of persistence, we were able to track down the cause of this and resolve it.
Given the content of this Blog, and the type of information someone on it would be looking for, I figured I would cover one lesser known vulnerability that SysAdmins often open themselves up to without thinking. This is not a high tech attack vector, but it is an easy one. This attack can occur if you copy/paste commands from a website directly into terminal. I will first show you an example of what happens, then explain how it is happening and how to protect yourself.
This post is going to be a little bit different than most of my others. It is going to cover the very basic process of analyzing strange network traffic and figuring out what is causing it. I’ll give some background on what I noticed and what our setup was. At the end of this post, I’ll also explain the exact cause of the problem and how to resolve it, in the hopes that I can save someone else some investigation time. Continue reading