Monthly Archives: August 2007


Xsan: Video Formats and Bandwidth

As many environments will use multiple formats it is important to define the required bandwidth for various formats.  By lowering or increasing your format you will have the capacity to have more or less streams concurrently running against your SAN respectively:

Standard Definition

MiniDV, DVCAM, and DVCPRO – 3.6MBps

DVCPRO 50 – 7.7MBps

Uncompressed SD (8-bit) – 20MBps

Uncompressed SD (10-bit) – 27MBps

Compressed High Definition

DVCPRO HD – 5.8MBps to 14MBps

Apple ProRes 422 – 5.25 to 27.5 MBps

Redcode RAW (24fps) – 28 MBps

Uncompressed High Definition

720p 24fps – 46MBps

720p 30fps – 50MBps

720p 60fps – 100MBps

1080 24p (8-bit) – 98MBps

1080i (8-bit) – 120MBps

1080 24p (10-b it) – 110MBps

1080i (10-bit) – 165MBps

Redcode 4k – 324 MBps – 1GBps

Mac OS X Mac OS X Server

Mac OS X: Setting a Software Update Server without Open Directory

Setting up a Software Update Server if you are using Open Directory is a fairly simple task.  Just open Workgroup Manager, connect to an OD server or the appropriate Directory Service and then click on the computer or computer group you would like to edit the software update information for and then click on Preferences.  Then click on Software Update and type in the appropriate URL.  But what if the system is not managed using Open Directory.  Well, that’s when you would use ARD to send out the following command or run it on your GM at imaging time:

defaults write /Library/Preferences/ CatalogURL “http://server:8088/”;

Mac OS X Mac OS X Server Mac Security

SANS Course on Mac OS X Security

I originally posted this at

The SANS Institute recently released a course by Charles Edge (er, me) on Mac OS X Security Fundamentals. The course is described in the following manner:

“SANS is the leader in Information Security. This course on securing Mac OS X is the fastest way and most comprehensive way to get up to speed on applying the principals of the information security industry to the Mac. Written and taught by one of the security veterans of the Mac community, this course covers how real world security concepts are applied to the Mac with real world examples from the Mac community. The course offers a balanced mixture of technical issues making it appealing to attendees needing to understand how to effectively secure a Mac.

We begin by reviewing existing Mac exploits and then move on to covering the basic concepts and challenges of securing a Mac. Next, we review the standard security measures that should always be employed and the usability implications of each. We cover forensics, intrusion detection, firewalls, web browsers, mail programs, network infrastructure, preferences, system policies, command line tools, encryption, hardware and OS X Server. Through the course you will find thorough coverage of defense in-depth on the Mac platform.

If you’re a newcomer to the field of information security but a long time user of the Mac or a newcomer to the Mac but a long time information security expert then this is the course for you. You will develop skills that will help you to bridge the gap between the Mac administrators and the security administrators in most organizations. You will also learn the ins and outs of keeping your data private.

This is an ideal course for anyone charged with securing Mac systems. From securing a desktop to the high availability options available on the platform, this course is going to be a whirlwind overview of the Mac that will leave you ready to move to the next level!”

For more information on the course, see the following link:


Pork Barrel Spending

I no longer want to hear that any politician is for or against something based on how they voted on a specific bill.  Why?  Because all of the bills have far too many little (or big) things attached to them that could be looked at as having nothing to do with the bill…

Mac OS X Mac OS X Server

Mac OS X: Changing to a Custom Search Path with dscl

The Search Path in Mac OS X client can be used to define where your system can search for directory services information, whether local or shared.  To set the search path manually you will first need to switch from LSPSearchPath to CSPSearchPath for your Search Policy.  To do so use the following command:

sudo dscl /Search -change / SearchPolicy dsAttrTypeStandard:LSPSearchPath dsAttrTypeStandard:CSPSearchPath

If you were to want to switch back to a local policy you would just run the following command:

sudo dscl /Search -change / SearchPolicy dsAttrTypeStandard:CSPSearchPath dsAttrTypeStandard:LSPSearchPath

Mac OS X Windows XP

Using Trash for Storage

I’m not sure why this keeps coming up, but you don’t want to use your trash (whether for Entourage, Outlook, Mac OS X or the Recycle Bin in Windows) as a place to store files, emails or anything else you’d be bummed out about loosing.  Keep in mind that trash can be taken away at any given moment…


On the Road: Logan

Note to self: E1B.  That’s the terminal and gate you want.  No waiting, no lines, no nothing.  Perfect.  If you’re flying out of Logan E1 is where you want to come out of.  Only 3 gates down there and they have their own security checkpoint!!!

Mac OS X Mac OS X Server

Updating Firmware on Servers

I’m often asked what I think of upgrading the firmware on servers and storage.  My answer there, if it’s a production box and it isn’t broken then don’t fix it…  What if you’re upgrading the firmware on a RAID or RAID card and the device becomes unresponsive?  There’s usually a reason to upgrade, but if you are not experiencing problems then why risk a potential outage if you do not need to?

Mass Deployment Windows XP

Windows XP: Remove 15 Second Pause During Mass Deploy

After text-mode or GUI-mode Setup completes, a message states that the computer will reboot in 15 seconds. You can edit the WaitforReboot value in the[Unattended] section of your Sysprep.inf (or add the following line to the [Unattended] section:

BTW, this only workes if your UnattendedMode is set to FullUnattended
Mac OS X Server

Mac OS X Server: Another MCX

So the the last article talked about an Apple-based preference.  But then I thought it might make sense to talk about pushing out one that’s non-Apple.  Let’s look at the Name in the Settings from Microsoft Office.  For this, Click on the + sign in Workgroup Manager, then browse to a user account -> Library -> Preferences -> Microsoft -> Office 2008 -> Microsoft Office 2008 Settings.plist.  Then change Manage imported preferences to Always.  Now double-click on Microsoft Office 2008 Settings and open up that disclosure triangle for Always.  Change the string for the 1000 value to be what you want the name to be.  Then save and test.  Fun stuff, right?