MIt der folgenden Funktion besteht die Möglichkeit die Sharing-Services zu auditieren.

SUMMARY_FILE=${HW_UUID}_${DATE}.txt

SECTION9 ()
{
local file1=/private/var/db/dslocal/nodes/Default/groups/com.apple.access_remote_ae.plist
local file1_exists=0

local entry1=defaults read /Users/${username}/Library/ByHost/com.apple.Bluetooth.$HW_UUID.plist | grep "PrefKeyServicesEnabled" | wc -l

echo "\n" >>${SUMMARY_FILE}
echo "\t reading settings for - Disable Bluetooth file sharing" | tee -a ${SUMMARY_FILE}
for username in $(dscl . list /Users UniqueID | awk '$2 > 500 { print $1 }'); do
if [[ $(defaults read /Users/${username}/Library/Preferences/com.apple.Safari.plist | wc -l) != 0 ]]; then
if [ ${entry1} != "0" ]; then
defaults read /Users/${username}/Library/ByHost/com.apple.Bluetooth.$HW_UUID.plist | grep "PrefKeyServicesEnabled" | tee -a ${SUMMARY_FILE}
echo "\n" >>${SUMMARY_FILE}
else
echo "entry PrefKeyServicesEnabled is not present for account ${username}" | tee -a ${SUMMARY_FILE}
echo "\n" >>${SUMMARY_FILE}
fi
else
echo "file /Users/${username}/Library/ByHost/com.apple.Bluetooth.$HW_UUID.plist is not present for account ${username}" | tee -a ${SUMMARY_FILE}
echo "\n" >>${SUMMARY_FILE}
fi
done
###


echo "\n" >>${SUMMARY_FILE}
echo "\t reading settings for - Disable printer sharing" | tee -a ${SUMMARY_FILE}
cupsctl | grep _share_printers | tee -a ${SUMMARY_FILE}
###


echo "\n" >>${SUMMARY_FILE}
echo "\t reading settings for - Disable remote login" | tee -a ${SUMMARY_FILE}
systemsetup -getremotelogin | tee -a ${SUMMARY_FILE}
###


echo "\n" >>${SUMMARY_FILE}
echo "\t reading settings for - Disable remote Apple events" | tee -a ${SUMMARY_FILE}
systemsetup -getremoteappleevents | tee -a ${SUMMARY_FILE}
###


echo "\n" >>${SUMMARY_FILE}
echo "\t reading settings for - Disable remote Apple events for specific users" | tee -a ${SUMMARY_FILE}
echo "\n" >>${SUMMARY_FILE}
echo "\t reading settings for - Disable automatic login" | tee -a ${SUMMARY_FILE}
if [ -e "${file1}" ]; then file1_exists=1; fi
if [ ${file1_exists} == "1" ]; then
defaults read /private/var/db/dslocal/nodes/Default/groups/com.apple.access_remote_ae.plist | grep "users" | tee -a ${SUMMARY_FILE}
else
echo "${file1} is not present" | tee -a ${SUMMARY_FILE}
fi
###

}
###

##
# section 9
##
GEN_SUMMARY_SEPARATOR
echo " M 2.478 Planung des sicheren Einsatzes von Mac OS X" | tee -a ${SUMMARY_FILE}
echo " M 2.479 Planung der Sicherheitsrichtlinien von Mac OS X" | tee -a ${SUMMARY_FILE}
echo " M 4.371 Konfiguration von Mac OS X Clients" | tee -a ${SUMMARY_FILE}
echo " M 5.165 Deaktivieren nicht benötigter Mac OS X-Netzdienste" | tee -a ${SUMMARY_FILE}
echo " M 5.167 Sicherheit beim Fernzugriff unter Mac OS X" | tee -a ${SUMMARY_FILE}
echo " J.9. Sharing Services" | tee -a ${SUMMARY_FILE}
SECTION9

Zum Seitenanfang