So, I was just checking the NSA security guides for a number of operating systems on my network, notably Windows XP, and OS X 10.4. I can not believe what they have posted for both of these operating systems.
Apple Mac OS X “Tiger”
As part of a change in our development strategy for security guidance, the National Security Agency does not intend to publish separate security guides for the Macintosh OS X operating system beyond that which was produced by the vendor, beginning with Tiger, OS X version 10.4.x. The recommendations in Apple’s “Mac OS X Security Configuration For Version 10.4 or Later” and “Mac OS X Server Security Configuration For Version 10.4 or Later” track closely with the security level historically represented in the NSA guidelines. It is our belief that these guides establish the latest best practices for securing the products and recommend that traditional customers of our security recommendations use the Apple guides when securing Macintosh OS X 10.4.x and Macintosh OS X Server 10.4.x.
It’s pretty much the same of XP as well. Talk about ironic. I doubt that both of these vendors have the same security levels, and frankly I doubt that XP comes close to the OS X framework. But, that could just be my bias speaking… I’m going to go through the manuals and checkout which one requires the least amount of work to “secure”. Until then I will reserve any judgements…
