Cracking OS X Passwords is far easier than you might have thought. But how often does a system administrator really need to do something like this?
It’s interesting how most papers on the subject state that’s it is useful knowledge for Sysadmins to know how to crack passwords; come on, let’s be honest a Systems Administrator will most likely reset the password or if he can’t he will simply reinstall the Operating System. I’ve worked as a Sysadmin for several years and not once I had to “crack†a password.
Nonetheless, while not exactly the most necessary piece of information around, know that it is available in the event that you need it. Or, if you just desire to play around then you now know that capability exists.
Just because there is no abundance of security exploits available for Mac OS X does not negate the value of running a host based firewall. Doing so is another precautionary measure in the event that a vulnerability does surface some time in the future. OS X comes with a built-in firewall, much like Windows XP Service Pack 2, that will aid in securing the workstation from malicious attacks.
OS X’s built-in firewall lacks the flash and sizzle of other firewall applications. It has no multi-colored gauges breaking down network traffic by type, and no alerts, beeps, or buzzes to warn of impending danger. But it’s there if you want it, running silently in the background and monitoring incoming traffic for potential danger.
The only “problem” with the OS X firewall is that by default it only pays strict attention to incoming packets. To have the firewall handle outbound connections you must get down and dirty with the command-line. In the event that you are infected with malicious code that attempts to make outbound connections originating from your Mac then, by default, you are out of luck.
The use of the built-in firewall to block malicious inbound packets is a good beginning. Hopefully Apple will take the outbound connection issue in to consideration and improve upon their already decent offering.