The book's examples do tend to lean towards Linux users, with all but a few of the packages failing to configure or compile on my Mac OS 10.3.9 powerbook (its probably not impossible to get them all working). That said, the packages and codes I did manage to club together opened my eyes.

For instance I'd never have thought SSH could be subject to brute force attempts. So you can imagine how glad I was that I'd recently reviewed the use of password authorization in my SSH logins. Especially when I saw how easily "guess who" found some of the weak passes I set up to test it.

I don't want to put OS X users off this book because there's plenty for them to take home. Most of the scans and sweeps and X window exploits (I say most, when I mean practically all) failed to make a dent in my OS X setup. And if you use snort, even better. All of the stealth nmap scans were snort-logged and identified. And as far as Postfix is concerned; it boots "RCPT-brutes" off the login (not before, if I'm not mistaken, increasing the time between attempts, so that my user.txt only got through roughly 8-10 tries before grinding the brute to a halt).

The only thing to raise an eyebrow was Hydra's ease with pop3 but then most of you will only have 110 open for local traffic.

In summary then, an eye opening but reassuring experience for this Mac OS X user. This book compensates Mac OS X users for the lack of portability with confirmation that most of the common exploits and weaknesses bounce off the hood.