is OSX server secure?

Hi all,

Since Mac OS tend to be more immune to hackers and viruses than other OS's out there, is the Mac Server OS also secure? Have any of you expereienced a more stable and secure web site hosting now that you've chosen Mac?

Based on your expereinces, how does it compare to Linux or other Unix related OS's? Is the Mac server OS easy to manage and maintain? Is it easy to host a web site without the constant worry of hackers?

-Ben

I'll rephrase my question:

What are the 5 biggest problems with being a system administrator for a Mac server that's hosting a database-driven web site?

Only 5 problems?! Man, I can think of thousands! Let's see....

1. MAC is dumb.
2. No one uses MAC.
3. You can't play the latest DOOM on MAC.
4. There is no IIS server on MAC.
5. There is no Frontpage on MAC.

Need more?

HA HA HA!!!!!!! :D

:)

Yes, it is rated one of the most secure platforms by the US Gov.

Re: is OSX server secure?

In my opinion, Linux is the Windoze of the Unix-like OS's. It is the least secure out-of-the-box and requires the most attention (i.e. constantly requires security updates to keep secure). Linux can be made secure by a competent Unix Admin, but a competent Unix Admin probably wouldn't choose Linux in the first place. It has been said that Linux is for people who hate Windoze, but BSD is for those who love Unix.

Of the BSD's, OpenBSD is probably the most secure out-of-the-box. MacOS X is second, in my opinion, because of these three facts: 1) Apple takes security seriously, 2) Security updates can easily be made easy via Software Update, and 3) There are only two flavors of the OS from a single vendor.

Yes.

Security is a process. Any OS, even the most secure OS, can be rendered vulnerable by an inexperienced or sloppy Admin. If you want to run a secure web server, you must understand the security implications of every decision you make. Installing a CGI or turning on a feature can potentially open the door to hackers. Following instructions you find on the web to enable this or install that can do the same.

All in all, MacOS X Server is one of the better options for Admins who won't or can't spend a lot of time learning about security issues. Because of its ease of use, and Apple generally respecting security, MacOS X Server probably is the best choice for this kind of casual Admin. But understand that an Admin who understands security and operating an OpenBSD box is probably running a much tighter ship. There is no magic substitute for understanding and making a habit of good security practices, no matter the flavor of Unix used. Even Linux can be made secure in the right hands, and even OpenBSD can be made insecure in the wrong hands. So YMMV.

We have two X-Serves running 10.3.7 and I'll put it to you this way:

I opened "Server Admin" and logged in from MY computer, checked a couple of boxes, put in the appropriate directory, and webDAV was up and running.

I never touched the httpd file and never had to mod anything.

w00t

that doesn't really answer his "how secure is it?" question, though, does it?