AppleMAC
      Back to home
      1. Knowledge Base
      2. Assessment Setup
      3. AppleMAC

      Authenticated Scanning Setup

      In order for our assessment team to complete a fully authenticated assessment if using our scanning appliance, we require some specific configuration to be completed.

      Security Accounts

      Cyber Tec Security will be completing an authenticated vulnerability assessment of your network and systems as detailed within this document using several different tools and techniques; whilst these tests are not designed to cause any issues or disruption, scanning can impact the performance of the network and systems being tested.

      During our testing, Cyber Tec Security will require a ScanAdmin account and potentially a ScanUser account, however we are able to complete some testing utilising your existing user account, so potentially we require only the ScanAdmin account.

      • ScanAdmin
        • This user must be a local admin of the machines we will be using and the network we are scanning.
      • ScanUser
        • This user must be a domain user / standard user of the systems and network we are scanning and testing. This user account should have a mailbox configured and ready for our use. (due to costs of cloud mailboxes, if you are happy for us to use your existing account for email testing we are happy to do so)

      Setup AppleMAC for Authenticated Scanning

      Why Add a User to the Sudoers File in Mac OS?

      Adding an account for Cyber Tec Security to an AppleMAC sudoers file, allows Cyber Tec Security to run certain commands with root privileges and complete our authenticated scanning.

      This account means, the Cyber Tec Security ScanAdmin account will be able to execute commands without getting permission denied errors or having to prefix a terminal commands with sudo.

      This is essential for our scanning and auditing, but it does pose a security risk, thus this is not something that should be left in place after Cyber Tec Security complete their assessment work.

      The sudoers file is located at /etc/sudoers but, unlike /etc/hosts and many other system configuration files, you do not want to point a general text editor at the file to modify it. Instead, you’ll want to use a specific command called ‘visudo’, which confirms proper syntax before saving the document.

      Important: Only advanced users who have a compelling reason to do so should ever modify the sudoers file, it may pose a security risk, or you may break something if you get this wrong.

      ADDING A USER TO SUDOERS IN MACOS

      See our guide on how to add a user to SUDO

      ENABLING SSH

      See our guide on how to enable SSH