Apple 10.6 updates from Apple 10.5 Software Update Server

admin — Fri, 21 May 2010 09:00:02 +0000

Your running a 10.5 server with (SUS) software update services and you’ve got 10.6 clients on your network. You want to patch your 10.6 clients but they won’t with 10.5 SUS. The Apple solution is to upgrade the server to 10.6 so it can serve 10.6 updates. An alternative solution is to hack the 10.5 SUS. This hack has been taken from a thread from Jan Uschok on the Apple Support Discussion page: http://discussions.apple.com/thread.jspa?threadID=2169042&tstart=15

1: Stop SUS

2: Download http://swscan.apple.com/content/meta/mirror-config-1.plist and copy it to /usr/share/swupd/html/content/meta/mirror-config-1.plist

3: Change it to look like this:

PrimaryCatalog
http://swscan.apple.com/content/catalogs/index.sucatalog
CatalogsList

http://swscan.apple.com/content/catalogs/index.sucatalog
http://swscan.apple.com/content/catalogs/others/index-leopard.merged-1.sucatalog
http://swscan.apple.com/content/catalogs/others/index-leopard-snowleopard.merged-1.sucatalog

4: Edit /etc/swupd/swupd.plist and change the metaIndexURL entry to look like this:

metaIndexURL
http://myserver.com:8088/content/meta/mirror-config-1.plist
portToUse

5: Start SUS and wait for it to download the catalog files and to generate the local versions thereof.

6: Once it has generated the local catalog files add some symlinks like this:

cd /usr/share/swupd/html
ln -s /usr/share/swupd/html/content/catalogs/index.sucatalog .
ln -s /usr/share/swupd/html/content/catalogs/others/index-leopard.merged-1.sucatalog .
ln -s /usr/share/swupd/html/content/catalogs/others/index-leopard-snowleopard.merged-1.sucatalog .

7: Just in case restart SUS

8: Wait for SUS to download all the updates

9: On your 10.6 client go in the Finder to /Library/Preferences and open com.apple.SoftwareUpdate.plist. Change the CatalogURL entry to point to http://myserver.com:8088/index-leopard-snowleopard.merged-1.sucatalog

10: Launch Software Update on your 10.6 client and be happy

It should behave like a 10.6 server now as it is serving the catalog files according to the 10.6 server documentation as described on page 89 here: http://images.apple.com/server/macosx/docs/System_Imaging_and_SW_Update_Admin_v10.6.pdf

Mac Security Report 2009

admin — Tue, 26 Jan 2010 13:16:48 +0000

Macintosh Security Company Intego, the developers of VirusBarrier have released a report on Mac and iPhone security for 2009.

The report focuses on various Trojan horse attacks, malware found in Torrent application downloads, attacks on jailbroken iPhones, Mac OS X vulnerabilities and third party vulnerabilities.

The following excerpt is taken from the report: -

Many of these operating system vulnerabilities pave the way for unseen malware attacks. Some of them are such that merely visiting a booby-trapped web page can compromise a Mac. This underscores the importance of security software that protects not only from malware but also from web threats and the many other kinds of menaces that target Macs. It also highlights the need to keep software up-to-date. Both for Mac OS X and for third-party software, users should make sure that they have the latest versions of their software, since some programs—such as Adobe Reader, commonly used to view PDF files—are easy to attack with known exploits circulating in the wild.

The report is available from http://blog.intego.com/2010/01/25/the-year-in-mac-security-2009/

The Cool-ade Blog: Mac-Windows, Information Security and Technology. » Security

Apple 10.6 updates from Apple 10.5 Software Update Server

Mac Security Report 2009