Active Directory (45)
Articles and Books (92)
Final Cut Server (44)
Home Automation (12)
Mac OS X (852)
Mac OS X Server (672)
Mac Security (410)
Mass Deployment (329)
Microsoft Exchange Server (48)
Network Infrastructure (72)
Network Printing (4)
On the Road (58)
public speaking (59)
Social Networking (32)
Time Machine (6)
Windows Server (97)
Windows XP (105)
Monthly Archives: December 2006
The following command can be used to recursively remove all ACLs from a tree of your folder hierarchy:
chmod -RN /path/to/directory
I originally posted this at http://www.318.com/TechJournal
Biometric systems measure the physical traits of users to offer a high level of security. As part of their nature biometric security requires users be present in order to log into the systems they protect. Biometric systems typically rely on the combination of a biometric trait and a password. They can also rely on the use of an access card, resulting in a situation where there are three forms of security present to access a system.
Biometrics measure physical traits such as hand geometry, retinal patterns, facial scans, fingerprints or voice patterns. The use of biometrics has a potential in a number of situations where security requirements are greater than the typical username and password combination. Fingerprint scans are relatively quick, taking approximately 2-3 seconds on average.
Biometric systems can be trained to work for multiple users. They can authorize different levels of access to systems. A fingerprint sensor can be used in conjunction with a Biometric plug-in for FileMaker database security. The Biometric plug-in does not work directly with or replace FileMakerâ€™s built-in password scheme. Instead it offers another layer of security directly within FileMaker
It is possible to fool a biometric system. No security system is truly foolproof. However, biometrics offer a new layer of security that would otherwise not be present. Requiring passwords in conjunction with a biometric trait such as a fingerprint is better than allowing authentication based solely on the biometric trait. By matching the password to the biometric trait the system becomes more secure than if it was using just one of the two security mechanisms.
Biometric systems arenâ€™t as expensive as they once were. For example, Puppy Suite for Mac OS X Fingerprint Identification Unit and authentication software bundle. Lightweight and small, the Puppy unit offers the ultimate in convenience with a new level of safekeeping. The Puppy ranges from $80 to $130. USB drives that provide biometric authentication are fairly inexpensive now as well, with at least 10 companies offering products.
While there are few other solid packages for Mac OS X, it is possible to purchase Windows-based biometric solutions for as low as $30. There is a biometric mouse called the BioMouse. IBM has perhaps gone as far with their laptops as any other company in biometric product offerings with a laptop that does not boot without the use of a fingerprint from an authorized user.
Biometrics is going to become an integral component of security. As the price of biometric solutions comes down the product offerings are becoming more numerous. While most biometrics are not foolproof, they do offer an additional layer of security in an emergently insecure world where Information Technology is concerned.
I walked into my office and caught people playing Dungeons and Dragons. It brought a smile to my face. I haven’t played since I was in the 8th grade (or 7th) but I remember those days fondly, with Rob, Jason, Steve, etc. And seeing that my office is as geeky as it should made me very happy. It was on a Saturday, btw, so they weren’t playing D&D instead of working. :)
It occurred to me that I’ve been talking about Xsan for awhile but I didn’t start with the key element of what makes an Xsan an Xsan. It’s metadata. Metadata is typically the extended attributes of a file (eg – with iTunes it is the artist, keywords, how much you like or dislike the song, etc). With Xsan metadata is information about where all of your files are stored, or if they’re broken into many parts (and most are) then it’s the information needed to find those parts across the various LUNs, Storage Pools, Blocks and Stripes that they sit on and how to then put those parts back together. This is done using what amounts to a catalog of iNode information and where each of those iNodes points. The metadata for a given file system is actually stored on a (preferably dedicated) LUN and does not reside on a metadata controller. Metadata controllers interpret the metadata and therefore allow hosts to mount a volume and access data within the volume without latency to try and figure out where everything is.
A typical Metadata LUN will be a mirror. The reason for this is that mirrors rebuild quickly. Space is typically not a concern as 1GB is good for about a million files in most cases.
Command-Spacebar can be used to invoke the spotlight box. Then type the name for an application and hit enter. This will open the app.
You can add data to the /Library/Application Support/LANDesk/data/ldscan.core.data.plist file, which affords a little extensibility. Nice.
Need mail archival for Mac OS X Server? Love Open Source? Check out Mail Archiva at http://www.mailarchiva.com
So arp can display the table for name to Ethernet address resolution. That’s pretty easy, just run arp with a -a flag and it will show you all the other systems in your arp table. the table is managed dynamically. But what if you wanted to set one in there statically. Well, you could use the arp with a -s flag followed by the host name and then the ethernet address you want to assign for that host name. If you point a host name to an invalid address then you’ve poisoned your arp cache.