Monthly Archives: November 2006

Football

Rivalry week

15-12, Georgia over Tech.  We did it and move to 8-4 regular season.  Someone’s going bowling and it might just be the Bulldogs!

Mac OS X Mac Security

Mac OS X: Forensics

It’s old but it’s good:

http://www.afp548.com/Articles/security/postmortem.html

Mac OS X Mac OS X Server Mass Deployment

Launch Safari with Tabs

Safari, and the resulting tabbed browsing, can revolutionize the way you work with the web.  If you would like to keep the tabs in your browser, even if you don’t have a second tab (ie – if you’d like to test the size or look of your environment) then you can have the browser open with a single tab by default.  com.apple.Safari.plist has a number of settings that aren’t exposed in the graphical interface of Safari.  The AlwaysShowTabBar key can be used to set this behavior.  For example:

defaults write com.apple.Safari AlwaysShowTabBar -bool YES

You can undo this with:

defaults write com.apple.Safari AlwaysShowTabBar -bool NO

Football

Bulldog BYE

No game today.  So must watch the other teams/conferences.  Sad.  From 5-0 to a bad downward spiral.  But there’s always next season.

Consulting

Testing Restores on Backups

We’ve attended plenty of events that preach the importance of backup, but rarely is it approached from what is essentially at the heart of data protection – data recovery. For example, did you know that DLT tapes (still the media of choice across the board) are designed to be overwritten only 5 times? According to our valued partners at SonicWALL, Inc., administrators report that they use DLT tapes an average of 12 times. Also, something like 73% of the backed up data surveyed, was unrecoverable!!! Point being, a backup is only as secure as its recovery plan.

The recommendation here is to run periodic recovery drills to test the viability of the data protection scheme. Taking SonicWall’s lead, we here at 318, Inc. would like to begin a vigorous push with all our clients towards increasing the awareness of the importance of data recovery. Another tidbit: 93% of companies that had suffered a major loss of data, were out of business within one year. Far too many systems administrators’ careers have ended abruptly due to recovery-plan negligence and we’ve all seen it happen… nuff said.

A few more interesting points on the subject of data loss (if data loss can be considered interesting…):

The speed of recovery is as important as anything else. The example was given of when, during the early days of eBay, their servers were brought down under attack and, though their data was safely backed up, it took 2.5 days to recover it. Million$ lost in revenue! Administrators should design a plan that includes rapid recovery of the most recent and most critical data, allowing the affected party(s) to resume their daily tasks while recovery of the older, less important files continue to restore.
People are, by far, the biggest challenge to security – eg. Passwords taped to monitor screens; using “password” as their password, etc. Only strict security company policies and education can combat this security leak. Even the most secure server in the world can be easily compromised by an employee walking through an airport with log-on credentials for that server, written with a Sharpie on the outside of their laptop case (it was an agent from the U.S. Homeland Security Department -true story – as the laptop came out of security’s X-ray scanner, it was mistakenly handed to the wrong person!).
Small to medium businesses are hit hardest by data loss. They usually have fewer resources to invest in protecting their data and are usually the ones least likely to appreciate the importance of a strong backup/recovery scheme.
Data protection is more important than ever now, considering that cyber-criminals are making approximately 6 times more money with far fewer expenditures than organized crime ever did, even in its hey day.
On the subject of data security, no discussion is complete without extensive planning for protecting the network that the data resides on. “Controlling the flow of data can be as difficult as herding cats.” For network security, 318, Inc. recommends the SonicWall TZ 170 firewall/router for most networks. We feel it’s important to understand some of the differences between using SonicWall’s firewall appliances and the limitations of other, “consumer level” products such as Linksys or D-link routers. From SonicWall.com:

SonicOS Standards, which ships on every SonicWALL TZ 170, includes:

Real-Time Gateway Anti-Virus, Anti-Spyware and Intrusion Prevention. The TZ 170 extends security from the network core to the perimeter by integrating support for SonicWALL’s Gateway Anti-Virus, Anti-Spyware and Intrusion Prevention Service, delivering real-time protection against the latest blended threats, including viruses, spyware, worms, Trojans, software vulnerabilities and other malicious code.
Powerful Content Filtering. The TZ 170 supports SonicWALL’s Content Filtering Service, providing an enterprise-class, scalable content filtering service that enhances productivity and security without requiring additional server or deployment costs.
Deep Packet Inspection Firewall. The TZ 170 features a configurable, high performance deep packet inspection firewall for extended protection to key Internet services such as Web, e-mail, file transfer, Windows services, and DNS.
WorkPort. The SonicWALL TZ 170 includes an optional port that can be configured as a WorkPort, creating an independent, isolated zone of trusted network security that protects corporate networks from malicious attacks that can occur when telecommuters share broadband Internet access with networked home computers.
Comprehensive Central Management Support. Every SonicWALL Internet security appliance can be managed using SonicWALL’s award-winning Global Management System, which provides network administrators with the tools for simplified configuration, enforcement and management of global security policies, VPN, and services, all from a central location.
More information about SonicWall’s products can be found at their website: http://www.sonicwall.com.

318, Inc. is a proud partner of SonicWall, and would appreciate the opportunity to perform a vulnerability assessment on your network in order to offer you some solid recommendations for protecting it.

Mac OS X Mac OS X Server Mac Security

SANS Mac OS X Security Checklist

A project I worked on with the SANS Institute:

https://www.sans.org/score/macosxchecklist.php

Football

Georgia/Auburn

Just when you thought you’d be 500 going into the end of the season you pull out a win against the War Eagles.  Georgia decisively beats Auburn 37-15.

Business Consulting Network Infrastructure On the Road

VoIP 101

I originally posted this at http://www.318.com/TechJournal

As the name implies, VoIP refers to voice or phone calls that traverse data networks using Internet Protocol (IP). This may mean that the calls are going over the Internet, or it may simply mean calls are traveling over privately managed data networks that are using IP to transport the calls from one location to the other.

This represents a fundamental change or shift in transportation and routing of traditional voice services work over analog wires.

With VoIP, the voice stream is broken down into data packets, compressed and sent to its destination using the Internet (as opposed to establishing a ‘permanent’ connection for the duration of the call), with routes traffic use depending on the most efficient paths given network congestion. Once received the packets are reassembled, decompressed, and converted back into a voice stream.

Digital format can be better controlled: we can compress it, route it, convert it to a better format, and so on. Digital signal is more noise tolerant than analog, but is also effected more by environment than Analog. VoIP applications require real-time errorless data streaming to support an interactive data voice exchange. This is obtained using Quality of Service (QoS). QoS helps ensure that packets aren’t lost, resulting in the loss of segments of voice traffic, or annoying clicks to users.

The bandwidth overhead for VoIP is far less than that of standard streaming audio. Today, every sound card allows 16 bit conversion from a band of 22050 Hz (for sampling you need a freq of 44100 Hz according to the Nyquist Principle) obtaining a throughput of 2 bytes * 44100 (samples per second) = 88200 Bytes/s, 176.4 kBytes/s for a stereo stream. Therefore, very good quality streaming audio requires 176.4 kBytes/s of bandwidth.

For VoIP, the throughput to send voice packets (176kBytes/s) . Digital data can be converted to a standard format that can be quickly transmitted, such as Pulse Code Modulation.

Pulse Code Modulation (PCM) is known to the IEEE as Standard ITU-T G.711 Voice bandwidth is measured at 4 kHz, so sampling bandwidth has to be 8 kHz (for Nyquist). Each sample is at 8 bits. Bandwidth requirements are 8000 Hz *8 bit or 64 kbit/s, as a typical digital phone line. Because of lower overhead and easier control over traffic, VoIP is cheaper in terms of bandwidth than using standard phone lines.

When using a standard phone line (PSTN), users pay a line manager company for the time used. The more time they talk, the more they pay. With VoIP Services, users can talk as long as they want with multiple people within their same VoIP network. For example, if a company has an office in Lansing, Michigan and an office in Los Angeles, California and use VoIP with their phone services then all calls between the Lansing and Los Angeles offices should be free.

Telephone companies use VoIP for a lot of long distance connectivity. They setup lines between two cities and are then able to transmit all calls between those two city’s free of charge with a much lower overhead than with PSTN lines. Vonage has entered the VoIP market, targeting residential services. By having sites in many of the major cities they are able to transmit calls between those cities free of charge.

Many companies also have sites in multiple cities as well. The availability of VoIP is now in a stable and mature stage and readily available from multiple vendors. Pricing has come down drastically over the past few years and VoIP solutions are now available for Small and Medium Sized business as well as the Enterprise.

Football

Wildcats Beat Bulldogs

I’m stunned.  We started the season 5-0 and in the past few weeks have dropped to 6-4.  Richt has got to get things under control.  Please, please, please don’t loose to tech.  :(

Mac OS X Server

CLI: Get and Set Mac OS X Server Serial

You can use the serversetup tool in /System/Library/ServerSetup/ to set the serial number for a Mac OS X Server.  Provided the ServerSetup directory is your working directory you can then use the serversetup tool to configure the serial number
./serversetup -setServerSerialNumber “XSVR-105-000-N-xxx-xxx-xxx-xxx-xxx-xxx-x|Charles Edge|318″
Once the serial number has been set you can then get the serial number using the following command no matter the working directory:
/System/Library/ServerSetup/ -getServerSerialNumber