U.S. flag   An official website of the United States government
Dot gov

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Https

Secure .gov websites use HTTPS
A lock (Dot gov) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.

National Checklist Program

National Checklist Program

NCP

  1. Checklist Repository

CIS Mac OSX 10.5 (Leopard) Benchmark Version v1.0.0 Checklist Details (Checklist Revisions)

Supporting Resources:

Target:

Target CPE Name
Apple Mac OS X 10.5 cpe:/o:apple:mac_os_x:10.5 (View CVEs)

Checklist Highlights

Checklist Name:
CIS Mac OSX 10.5 (Leopard) Benchmark
Checklist ID:
46
Version:
Version v1.0.0
Type:
Compliance
Review Status:
Final
Authority:
Third Party: Center for Internet Security (CIS)
Original Publication Date:
05/08/2008

Checklist Summary:

This CIS Benchmark document is designed to provide novice and above level users with clear guidance for securing Mac OS X Panther. The benchmark guides a user or administrator, from the point of installation (after updates), through the process of securing a Mac OS X workstation. This benchmark implements best practices and techniques through a combination of scripting and user interface security steps to achieve the strict end goal of a secure, functional end-user device (rather than a server).

Checklist Role:

  • Desktop Operating System

Known Issues:

Not provided.

Target Audience:

Not provided.

Target Operational Environment:

  • Managed

Testing Information:

Not provided.

Regulatory Compliance:

Not provided.

Comments/Warnings/Miscellaneous:

Not provided.

Disclaimer:

Differs for Public and Private consumers, please read disclaimer information from the CIS web site located at: http://www.cisecurity.org/sub_form.html

Product Support:

Not provided.

Point of Contact:

cis-feedback@cisecurity.org

Sponsor:

Not provided.

Licensing:

Differs for Public and Private consumers, please read licensing information from the CIS web site located at: http://www.cisecurity.org/sub_form.html

Change History: 

Version 1.02:August 18, 2005:

-Typos, punctuation, etcâ?¦ fixes

-Rewrote the login warning banner section to remove references to the BootPanel.pdf. Made a mention of the .nib file that can also be changed, but that such a change is outside the scope of the benchmark. Note that this removed a figure, so redid the TOC and TOF.

-Added some text to the UID 0 section.

-Removed references to â??CONFIGSERVERâ?? in /etc/hostconfig. I believe this was valid in 10.0 and/or 10.1, but I canâ??t find any references to it in Panther or Tiger.

-Added text to refer to VPNSERVER.


-Added reference for COREDUMPS (/etc/hostconfig) to the section that discusses coredumps.

Version 2.0: 2006-10-16

Dependency/Requirements:

URL Description

References:

Reference URL Description

NIST checklist record last modified on 07/21/2009