Solved

Mac OS X / Unix / networking Expert advice sought, possible malware operating on work laptops

Posted on 2011-09-27
3
383 Views
Last Modified: 2012-05-12
I would appreciate hearing a specific, step-by-step process by which one can determine with confidence if a Mac OS X machine has been compromised, in particular by phishing, keystroke logging, or related practices.

Please reply without concern for lay understanding.  I truly want an expert second opinion on this matter. I have programmers and network professionals who work for me, and who can implement as complicated a plan/solution as you might devise. This site is being used for that expert second opinion, for possible "thinking outside the box".

(Hence, no answers questioning reasons for the making the query, suggesting reinstallation of system software, or simply encouraging installation of Little Snitch or similar monitoring, are desired. Monitoring toward a specific end, as a step in a plan is welcome; sledge hammer solutions and monitoring activities as open-ended exploratory activities are unhelpful.)

Thank you in advance for your effort on this.  Prof D
0
Comment
Question by:LeProf_No1
  • 2
3 Comments
 
LVL 19

Accepted Solution

by:
Kash earned 500 total points
Comment Utility
Hello,
 what kind of possible malware you suspect is running on your network. If you think a machine has been compromised you can check on ACTIVITY MONITOR to see if any suspect program is running in the background. that is the first check you can do.

you can also check for open ports on machine if you think any ports are open which shouldn't be.

the firewall (built in) on the mac is very strong and if you turn it on, it will definitely block most of the programs and will raise alarm if some malicious activity occurs.

again, my answers are very generic as I am not sure what kind of info you are after but we can work towards it.
0
 

Assisted Solution

by:LeProf_No1
LeProf_No1 earned 0 total points
Comment Utility
We did *not* accept this Comment as a solution, though the individual clearly made an attempt to assist us.

What was desired was a process to follow, in IT language, to unequivocally determine if a Mac OS X machine has been compromised, see original request (or to be told such was not possible, see comment offered on replying "No" to "Was this Comment Helpful?" query).

Specifically, Activity Monitor (AM) and equivalent unix procs are already in use, but clarification is needed as to what evidence is sought. Open ports was a helpful step/point, with the same limitation as the AM recommendation. The Mac firewall rec, while largely sound as a preventative, here would be closing the barn door after...

As "innocent" said, the answers, while well-meaning and appreciated -- especially as the ONLY answer offered by this expert service -- were too generic to be of help.
0
 

Author Closing Comment

by:LeProf_No1
Comment Utility
We have discontinued use of this service, less than expert in this crucial area, and will use other means to arrive at the process we need.  LeProf_No1
0

Featured Post

Enabling OSINT in Activity Based Intelligence

Activity based intelligence (ABI) requires access to all available sources of data. Recorded Future allows analysts to observe structured data on the open, deep, and dark web.

Join & Write a Comment

A common question or need, when setting-up a new Mac for someone would be to make all of the applications, installed, available from the dock. Many people often do not realize an application is installed unless it is in the dock. Creating a custo…
In this article we discuss how to recover the missing Outlook 2011 for Mac data like Emails and Contacts manually.
Users will learn how resize a batch of photos from a single command in Photoshop via Photoshop's Image Processor. Open up an Image you'd like to resize in Adobe Photoshop: Adjust the image size according to your preferences. Image > Adjustments > …
Users will learn how to set proper sequence settings, scale images, paste attributes, add transitions, fades, and music. Open up Final Cut Pro 7 and Create a new Project: Set the Sequence Settings. a) Click File > Easy Setup > Format > Apple ProRe…

763 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

12 Experts available now in Live!

Get 1:1 Help Now