www.dambeck.ch

Martin one of are famous blog reader submitted an wish, … Would love to see kind of most useful mac os x apps. I know there are lots of other sites on the web taking care of it already, but hey guys its a growing community. Just a hint. Well keep up your great work. Martin.

The question is not so easy as it guess. Because Mac OS X leopard has many of the things I nee built-in. Let us start with some basic tools I Use.

VMware Fusion. is a virtual machine software product developed by VMware for Macintosh computers with Intel processors. Fusion allows Intel-based Macs to run x86 and x86-64 "guest" operating systems, such as Microsoft Windows, Linux, NetWare and Solaris as virtual machines simultaneously with Mac OS X as the "host" operating system using a combination of virtualization, emulation and dynamic recompilation. While similar in most respects to VMware Workstation.

Skype is a software application that allows users to make telephone calls over the Internet. Calls to other users of the service, and in some countries to free-of-charge numbers are free, while calls to other landlines and mobile phones can be made for a fee. Additional features include instant messaging, file transfer and video conferencing.

Keypass X  is a free open source password manager, which helps you to manage your passwords in a secure way. You can put all your passwords in one database, which is locked with one master key or a key file. So you only have to remember one single master password or select the key file to unlock the whole database. The databases are encrypted using the best and most secure encryption algorithms currently known (AES and Twofish)

Microsoft Office 2008, Word PowerPoint, Excel and Entourage. More or less the same bugi thing like on Windows.

LaTeX is based on the idea that authors should be able to focus on the content of what they are writing without being distracted by its visual presentation. In preparing a LaTeX document, the author specifies the logical structure using familiar concepts such as chapter, section, table, figure, etc., and lets the LaTeX system worry about the presentation of these structures. It therefore encourages the separation of layout from content while still allowing manual typesetting adjustments where needed.

Cyberduck is an open source FTP, SFTP, WebDAV, Mosso Cloud Files and Amazon S3 browser for the Mac. It features an easy to use interface with quickly accessible bookmarks. The outline view of the browser allows to browse large folder structures efficiently and you can quickly preview files with Quick Look. To edit files, a seamless integration with several external editors makes it easy to change content quickly. Both Amazon CloudFront and Cloud Files from Rackspace can be easily configured to distribute your content in the cloud. Many OS X core system technologies such as Spotlight, Bonjour and the Keychain are supported and a large number of translations makes you feel at home.

Freeciv is a multiplayer, turn-based strategy game for workstations and personal computers inspired by the commercial proprietary Sid Meier’s Civilization series. The game’s default settings are closest to Civilization II, both in gameplay and graphics (including the units and the isometric grid).

These are the Programs that make my 24 iMac to a Powerful blog machine. There is only one thing I am missing. On windows there is a free Software called Live Writer. Live writer make blogging very easy but I don’t find a Sirius alternative for Mac. If you know something pls don’t hesitated post a commend.

Regards Konrad

Remote software for free

Normally I’m not a big promoter of software. But this tool is amazing. Every, and I mean every IT Professional are having the same problem. Everybody in the world looks at you and sees the free helpdesk. Ok I must admit most of the time this is not a problem because helping is caring friendship. Helping over the phone is good because you don’t have to travel. But this is not easy for each occasion. There are a lot of good remote software programs for companies. But the use in private environments is not so as easy as it should be because you need port forwarding, special firewall rules etc. Looking around in the Internet I found a very exciting tool for remote support. It’s called TeamViewer.

http://www.teamviewer.com

The benefits of TeamViewer are:

•    It’s free for personal use.
•    No installation needed.
•    No firewall changes are required because remote clients create an outgoing connection to the team server.
•    It works on PC and Mac, even cross-platform, connect from Mac to windows is no problem.
•    It’s Fast and
•    It’s free for noncommercial use.

At least it’s the Holy Grail of remote software

Regards Konrad

This week a nice opportunity knocked on the door. As windows server administrator in large companies you cannot configure every day switches and routers from the basic. Normally some network guy will do the configuration of the cool Cisco staff for you. The configuration of Cisco is very easy when you know something about networks. The only problem is to know the commands. This week and in the next post we’ll do an easy basic configuration together. The lab is created in an old version of the boson NetSim. Witch is a Cisco IOS and a Cat OS Simulator. It is not the best tool, but it will do the job.

The lab hardware is composed of two personal workstations and two 3500 Cisco switches. The Cisco’s are connected together with two Gigabit Ethernet links. Each of the switches has  a PC attached to it.

So let’s start with the basic configuration.

I prefer putty for serial telnet and ssh connection to my network devices. But hyper term will also do a good job.
After the login the switch welcomes us with the shell prompt

Switch>

First thing we are entering is the enable mode, which gives us the opportunity to make basic configurations.

Switch>enable

the shell prompt now enters into the enable mode and the “Switch>” changes to “Switch#” first we are going to change the time of the switch.

Switch# clock set 20:09:01 3 Apr 2006

To test the settings “show clock” will show us the actual time. In the next step we are going to the configure terminal. This allows us to change network and settings on the device.

Switch#configure Terminal

The notice “enter configuration commands, one per Line. End with CNTL/Z and the shell prompt shows “Switch(config)#” to change the DNS Hostname of the switch the command is simple hostname. Just enter it.

Switch(config)#hostname MySwitch1

now the shell prompt changes to “MySwitch1(config)#” and we are able to continue with the setting of a password for the enable mode by entering

MySwitch1(config)#enable secret TopSecretPassword

After setting the password for the enable mode it would be wise to set an password for the Virtual Terminal (Telnet & SSH Access). We need 2 lines to do this, the first line is for setting the password and the second for the rights of the remote console. Some Admin’s think “vty 0 15” is to much rights for a remote console. I think “vty 0 15” is ok if the switch is on a remote location.

MySwitch1 (config)# password MySecretTerminalPassword
MySwitch1 (config)# line vty 0 15

The last thing we need to do is setting up a managed port. This port is only for the management. The port should not be used for clients. In most companies the port is set in the management vlan but we don’t do this in this post. This will be done by entering an Interface, disabling the switching on this port, setting the port state up, setting the IP and subnet mask and leaving the interface config.

MySwitch1(config)#interface fastethernet 1/1
MySwitch1(config-if)#no switchport
MySwitch1(config-if)#no shutdown
MySwitch1(config-if)#ip address 192.168.1.3 255.255.255.0
MySwitch1(config-if)#exit

One nice thing left do at the end of the basic configuration is setting a login banner. The banner is written to the console after the login. If the company has hundreds of devices it helps to keep the overview. And I like asci art.

MySwitch1(config)#banner motd ^
#########################################
#  if you cant make it good, at least make it look good!!!    #
#                                                             #
#            Name:              MySwitch1                     #
#            Location:          HQ, Lucerne                   #
#            Model:             Cisco 3500                    #
#                                                             #
# WARNING, unauthorized access to this network is prohibited. #
#                                                             #
# Unauthorized access will lead to prosecution according to   #
# the law                                                     #
#########################################
^ 

Now the basic configuration of the running configuration is done. The last thing we do is copy the running configuration to the startup configuration by entering

MySwitch1#write

In a second Post we will create the uplink using port channel and vlans. If you are now hot to hack a little bit around. I found an free trial of a simulator on
http://www.certexams.com/buy.htm. It is very limited but it a good starting point.

Cheers Konrad

One of the hard tasks in the daily live of an IT administrator is to ensure that the network and the server are secure. The perfect security is not possible. There will always be some small leaks either provoked through the behavior of the user in version 1.0 or the administrator of the system. Not to mention design leaks in the software itself. Most environments are too large and too complex for a manual checkup of all security patches and service packs. One other factor is most users need some higher rights on their machine to do their work. This often results in disabling the windows firewall. These two scenarios are big the root of all evil.

A good tool to find security issues is the “Microsoft Baseline Security Analyzer” aka. MBSA. Which is released in version 2.1. The MBSA can be obtained for free from the Microsoft homepage. My recommendation is to install the tool on one centrally accessible client or server. Because it need’s full RPC access to all machines that are to be tested. Some heretic may say that a client that needs RPC ports through the whole network is a security problem in high secure environment, and maybe he is right, but this is another topic. After a short installation of the MBSA it’s ready to use. The tool is the solution for scanning whole networks and domain. Please keep in mind that the tool needs some performance on the scanned server or workstation

Let us start with a report for one server. A notice to my chef: “This is not a corporate server, it’s an special virtual machine for this blog, so relax when you see the report at the end J”. One of the nice features is the possibility to set the patch repository to a local WSUS. So if there is a problem with a windows patch you decide to not install it doesn’t show up as an error. I recommend in most cases to use the Microsoft update as repository. Maybe you’ll find out some dark secrets of the WSUS administrator

After a scan that runs approximately for 40 seconds a nice report is created by the tool.

Special remarkable is that Microsoft gives a short description how to correct the problem.

A small summary is that the tool can’t make wonders, but it’s an nice way to ensures that the big risk’s are closed even when you don’t have detail knowledge of the software like SQL Server. The tool is not perfect so checkup the recommended solution. “Some potentially unnecessary services are installed“ means in my test lab the “save service” which is a virus scanner. After all it’s a good tool. Read you soon !!

Cheers Konrad