Solved

Mac OS X / Unix / networking Expert advice sought, possible malware operating on work laptops

Posted on 2011-09-27
3
392 Views
Last Modified: 2012-05-12
I would appreciate hearing a specific, step-by-step process by which one can determine with confidence if a Mac OS X machine has been compromised, in particular by phishing, keystroke logging, or related practices.

Please reply without concern for lay understanding.  I truly want an expert second opinion on this matter. I have programmers and network professionals who work for me, and who can implement as complicated a plan/solution as you might devise. This site is being used for that expert second opinion, for possible "thinking outside the box".

(Hence, no answers questioning reasons for the making the query, suggesting reinstallation of system software, or simply encouraging installation of Little Snitch or similar monitoring, are desired. Monitoring toward a specific end, as a step in a plan is welcome; sledge hammer solutions and monitoring activities as open-ended exploratory activities are unhelpful.)

Thank you in advance for your effort on this.  Prof D
0
Comment
Question by:LeProf_No1
  • 2
3 Comments
 
LVL 19

Accepted Solution

by:
Kash earned 500 total points
ID: 36715992
Hello,
 what kind of possible malware you suspect is running on your network. If you think a machine has been compromised you can check on ACTIVITY MONITOR to see if any suspect program is running in the background. that is the first check you can do.

you can also check for open ports on machine if you think any ports are open which shouldn't be.

the firewall (built in) on the mac is very strong and if you turn it on, it will definitely block most of the programs and will raise alarm if some malicious activity occurs.

again, my answers are very generic as I am not sure what kind of info you are after but we can work towards it.
0
 

Assisted Solution

by:LeProf_No1
LeProf_No1 earned 0 total points
ID: 37008325
We did *not* accept this Comment as a solution, though the individual clearly made an attempt to assist us.

What was desired was a process to follow, in IT language, to unequivocally determine if a Mac OS X machine has been compromised, see original request (or to be told such was not possible, see comment offered on replying "No" to "Was this Comment Helpful?" query).

Specifically, Activity Monitor (AM) and equivalent unix procs are already in use, but clarification is needed as to what evidence is sought. Open ports was a helpful step/point, with the same limitation as the AM recommendation. The Mac firewall rec, while largely sound as a preventative, here would be closing the barn door after...

As "innocent" said, the answers, while well-meaning and appreciated -- especially as the ONLY answer offered by this expert service -- were too generic to be of help.
0
 

Author Closing Comment

by:LeProf_No1
ID: 37035291
We have discontinued use of this service, less than expert in this crucial area, and will use other means to arrive at the process we need.  LeProf_No1
0

Featured Post

Networking for the Cloud Era

Join Microsoft and Riverbed for a discussion and demonstration of enhancements to SteelConnect:
-One-click orchestration and cloud connectivity in Azure environments
-Tight integration of SD-WAN and WAN optimization capabilities
-Scalability and resiliency equal to a data center

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

There is a security feature on iOS devices that is nearly impenetrable when it has been activated.  This article will provide some possible solutions as well as necessary steps to take to ensure you do not end up with a locked device.
Set up iPhone and iPad email signatures to always send in high-quality HTML with this step-by step guide.
Users will learn how to set proper sequence settings, scale images, paste attributes, add transitions, fades, and music. Open up Final Cut Pro 7 and Create a new Project: Set the Sequence Settings. a) Click File > Easy Setup > Format > Apple ProRe…
This Micro Tutorial hows how you can integrate  Mac OSX to a Windows Active Directory Domain. Apple has made it easy to allow users to bind their macs to a windows domain with relative ease. The following video show how to bind OSX Mavericks to …

792 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question