Monthly Archives: June 2005

Articles and Books

What's a Podcast?

I originally posted this at http://www.318.com/TechJournal

iTunes Latest Buzz Tops One Million Downloads In First Two Days.

Podcasting is the latest evolutionary branch of the iPod. With Podcasting, anyone with an iPod can download and listen to books, editorials, unofficial museum walkthroughs, and a variety of other audio commentaries.

In it’s simplest from, Podcasting is simply an audio download from a website. Utilizing a few new web technologies, iTunes now can check the site for new content, and automatically download it into your iPod. Many industries have taken advantage of this technology to provide news services to their clients. For example, several software companies publish Podcasts informing clients of upcoming products, or company events. Many companies and people are creating unofficial talk radio stations, with topics ranging from tutorials and techniques to simple editorials voicing their opinions.

Three18 is well versed in Podcasting, and the underlying technologies. If you feel that your company could benefit from Podcasting, or you would like more information, feel free to contact any staff member.

Mac Security

Password Encryption

I originally posted this at http://www.318.com/TechJournal

Logging onto most network resources requires the use of a password. Before passwords are sent over networks they are encrypted. Many different variables and algorithms are used to encrypt passwords. The most common method of encrypting passwords before they are sent over a network uses the seconds and minutes fields of file modification time stamps to build variables.

The system doesn’t use the time stamp as a variable directly, but uses them to generate hashes. A hash is a number generated from a string of text. The hash is smaller than the text itself and is generated by a formula in such a way that it is extremely unlikely that some other text would produce the same hash value. Hash values are typically 160 bits in length.

To increase security, hashes are broken up into segments, known as a message digest. These segments are sent over the network in a stream, or the actual data being transferred between two systems. A hash is a one-way function so it will not produce the same message digest from two different inputs. Kerberos uses the date and time stamps of two systems as inputs, which is one reason it is important for systems communicating using Kerberos to keep their clocks in sync. All of this helps ensure the infeasibility of reversing encryption.

Although it is infeasible it is not impossible to break encryption schemes. The NTHash standard of security used by Windows employs a password encryption scheme that simply combines hashes. The NTHash method of password encryption has been exploited. OS X, as with UNIX and Linux, uses a 12-bit string of random numbers to create a more secure hash. This 12-bit string of characters is known as a salt. The use of a 12-bit salt requires brute force attempts to crack encryption will take 4,096 times longer by taking more resources.

Using nonstandard ASCII characters such as !, #, @, *, etc. helps to increase password security as does keeping as up-to-date as possible with security patches. Using Kerberos helps to keep the encryption process as secure as possible due to salted hashes. Another security improvement with Kerberos is that Kerberos creates a ticket upon successful authentication. This ticket is used to access resources across all the servers sharing a common information database such as Open Directory and Active Directory.

In a Kerberos environment passwords don’t have to be sent over the network each time a resource is being accessed. Reducing the frequency of password usage and handling passwords more effectively makes Kerberos a strong weapon in the Network Administrators arsenal. The use of LDAP databases such as Open Directory makes network management easier and more secure.

On the Road

On the Road: Montana

The sky here goes on for-friggin’-ever.  The people are nice and a big country, like back home.  I like it here.  Not a lot of Mac guys though…  Nor are there a boat-load of people for that matter…

Uncategorized

Myst & the APIs of Business

Microsoft Exchange Server

Exchange: Increase Maximum Database Size

Exchange has a maximum database size of 16GB.  You can temporarily increase this if you exceed it by editing the registry.  To do so, open a registry editor (Start -> Run regedit) and browse to this location:

HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesMSExchangeIS

Now, find the name of the server whose database you would like to increase the size of and click on it.  Then, click on either the folder that starts with Public- or Private- according to which you want to increase the size of.  Now add a Reg_DWORD with a name of:

Database Size Limit in GB

Now set the setting for the limit to 17GB (just type in 17) and reboot the server.

Xsan

Xsan: What is Fiber Channel

Fiber Channel is a technology for transmitting data between computer devices similar to SCSI but with networking components based on fiber optics. Fiber Channel is especially suited for attaching computer servers to shared storage devices and for interconnecting storage controllers and drives.  Apple uses Fiber Channel for Xsan, it’s storage virtualization platform.  All of the objects that make up a Fiber Channel network are referred to as the fabric.  These typically include HBAs (the card that goes in a machine), cabling, transceivers, a fiber channel switch and the fiber channel controllers on the storage.