Solved

Mac OS X / Unix / networking Expert advice sought, possible malware operating on work laptops

Posted on 2011-09-27
3
394 Views
Last Modified: 2012-05-12
I would appreciate hearing a specific, step-by-step process by which one can determine with confidence if a Mac OS X machine has been compromised, in particular by phishing, keystroke logging, or related practices.

Please reply without concern for lay understanding.  I truly want an expert second opinion on this matter. I have programmers and network professionals who work for me, and who can implement as complicated a plan/solution as you might devise. This site is being used for that expert second opinion, for possible "thinking outside the box".

(Hence, no answers questioning reasons for the making the query, suggesting reinstallation of system software, or simply encouraging installation of Little Snitch or similar monitoring, are desired. Monitoring toward a specific end, as a step in a plan is welcome; sledge hammer solutions and monitoring activities as open-ended exploratory activities are unhelpful.)

Thank you in advance for your effort on this.  Prof D
0
Comment
Question by:LeProf_No1
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
3 Comments
 
LVL 19

Accepted Solution

by:
Kash earned 500 total points
ID: 36715992
Hello,
 what kind of possible malware you suspect is running on your network. If you think a machine has been compromised you can check on ACTIVITY MONITOR to see if any suspect program is running in the background. that is the first check you can do.

you can also check for open ports on machine if you think any ports are open which shouldn't be.

the firewall (built in) on the mac is very strong and if you turn it on, it will definitely block most of the programs and will raise alarm if some malicious activity occurs.

again, my answers are very generic as I am not sure what kind of info you are after but we can work towards it.
0
 

Assisted Solution

by:LeProf_No1
LeProf_No1 earned 0 total points
ID: 37008325
We did *not* accept this Comment as a solution, though the individual clearly made an attempt to assist us.

What was desired was a process to follow, in IT language, to unequivocally determine if a Mac OS X machine has been compromised, see original request (or to be told such was not possible, see comment offered on replying "No" to "Was this Comment Helpful?" query).

Specifically, Activity Monitor (AM) and equivalent unix procs are already in use, but clarification is needed as to what evidence is sought. Open ports was a helpful step/point, with the same limitation as the AM recommendation. The Mac firewall rec, while largely sound as a preventative, here would be closing the barn door after...

As "innocent" said, the answers, while well-meaning and appreciated -- especially as the ONLY answer offered by this expert service -- were too generic to be of help.
0
 

Author Closing Comment

by:LeProf_No1
ID: 37035291
We have discontinued use of this service, less than expert in this crucial area, and will use other means to arrive at the process we need.  LeProf_No1
0

Featured Post

Secure Your Active Directory - April 20, 2017

Active Directory plays a critical role in your company’s IT infrastructure and keeping it secure in today’s hacker-infested world is a must.
Microsoft published 300+ pages of guidance, but who has the time, money, and resources to implement? Register now to find an easier way.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

This article describes in detail how to set up the iPad in the Enterprise using iPCU aka iPhone Configuration Utility.  This could also be used for the iPhone although I have not detailed out any differences. Preparation as an iPad Administrator:…
In this article we discuss how to recover the missing Outlook 2011 for Mac data like Emails and Contacts manually.
Users will learn how resize a batch of photos from a single command in Photoshop via Photoshop's Image Processor. Open up an Image you'd like to resize in Adobe Photoshop: Adjust the image size according to your preferences. Image > Adjustments > …
Users will learn how to set proper sequence settings, scale images, paste attributes, add transitions, fades, and music. Open up Final Cut Pro 7 and Create a new Project: Set the Sequence Settings. a) Click File > Easy Setup > Format > Apple ProRe…

726 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question