If you have a moment, I’d love for any readers to take a quick poll on iPhone/iPod Touch security practices. The only pre-requisite is that you own one or the other. It’s just 7 short questions.
To perform the poll, I took advantage of the great Google Docs. You won’t need to sign in or leave any personal data.
The poll can be found
Thanks for your time.
Update: We had a good number of responses come thru and have no shutdown the poll. Thanks for taking the time.
We know we have quite a few folks who are planning to get a Mac mini hosted with us soon. For them (and any others) we’re having a Macminicolo Black Friday Sale. Anyone who signs up today will have their December charges waived. Just mention Black Friday in the comments section when you sign up.
(This can also apply to any machines added by current customers.)
We hope your holidays get off to a good start.
I have yet to find a really good application to monitor all traffic coming to/leaving from a Mac, but this one is close.
With Net Monitor Sidekick you just start the application, choose your network interface, and watch the traffic flow. The program offers a few preferences, but pretty much does as expected out of the box.
Right now, the program is in beta and can be downloaded free. Though there is a warning that the beta will expire on Mar 31, 2009.
You can down the application here.
We get messages all the time asking about Mac minis and their future. Well, the short term future is much like the present since Apple has confirmed no new products thru the holidays.. But have no fear, we are still certain of the future of the Mac mini.
But there is some good news in the mean time. Apple has lowered the costs for upgrades on the Mac mini. For instance, when the Mac mini was first released, it cost $150 to upgrade to 2GB of RAM. It was later lowered to $100 and just recently changed to $75. This is great news for those who run mac mini servers and we’ve updated our prices to be in line with Apple.
In addition, we’ve updated our inventory list of used Mac minis.
We recently had a customer send in a Mac mini for their business data retention. I asked him to share a bit more with me to share with other customers.
In summary, he told me that because of the recent FRCP (Federal Rules of Civil Procedure) changes, he knew his company needed to be better about keeping full archived of all their email. It’s not enough to have nightly backups to disk or tape. He said, “What if I received an email from a customer and then delete the email. By the time the nightly backups run, that email will have come and gone. We needed something more thorough.”
He told me that in their mail server, they have the option to send all mail to a specific address. This would include all mail coming to their users, as well as mail that is sent from their servers. They decided to send a copy of all mail to firstname.lastname@example.org. Then, on the Mac mini they have in our data center, they have an account in Mail that is set up with POP retrieval of that email address. So everything is downloaded from the server and stored on the Mac mini in our data center. He also has that Mac mini cloned to an external drive here.
He said that there are a lot of other options out there for archiving mail, but he chose this option for three reasons.
First, the mail will be stored on their own hardware so they know it’s available and no one else has access to the email history.
Second, Using Mail.app gives you the benefit of spotlight searches. One of the new rules according to the FRCP is that the data should be searchable so quick and easy retrieval is possible for civil litigation.
Finally, he chose this way so hid email archives would be in a different physical location than his email server. He didn’t want his email server to also act as the archive to avoid loss from fire, theft, etc.
He also uses the Mac mini for archiving iChat transcripts in a similar way.
If you’re a business owner, it’s become quite critical to pay attention to data retention. Google has provided two great white papers on the FRCP changes and how best to align your company with the new guidelines. (I’ve made both available in a zip file here.)
Mac OS X has a great VPN server built into it. If you use the Server version, it provides a nice GUI to setting it up. Unfortunately, regular OS X doesn’t have that GUI. This is where iVPN comes is quite useful.
If you want to take advantage of the security that a VPN offers, iVPN makes it quite easy to setup a VPN. “All you have to do to set it up is to enter the user name and password that you want your VPN clients to use, the IP address range you want to give to your clients and then click start server. iVPN will handle all the other settings and start the VPN server.” Of course, this is especially useful if you have a Mac server that is always on and available at a static address.
iVPN is £14.99 and is available here.
If you’re reading this blog, you probably have a Mac server setup somewhere that requires your attention occasionally. For those of you with an iPhone, I hope to help you out.
This last weekend, a good friend of mine called and told me that his office and been broken into early Sunday morning. The thieves stole 7 20″ iMacs and a cd player. (Luckily they didn’t steal the 24″ iMac or the Mac mini server with all the data on it. We keep that server hidden good.)
Thank goodness my friend had business insurance and we picked up 7 new iMacs and had them all setup and running by Monday afternoon. We look at it as an inconvenient, but inexpensive way to upgrade the iMacs.
So now the matter is whether the police will get the iMacs back. The chances are small.
However, this week Macosxhints.com published a nice post that would have been great to have had last week. It is titled, “An advanced script/web solution to track stolen Macs .” Basically it consists of a couple of scripts that stay hidden on your machine. If your Mac were to be stolen, and later connected to the internet, it could send it’s whereabouts and photos of the thief (assuming their is a built-in iSight camera.)
How does this pertain to a site about servers? Well, you can easily turn your Mac server into an FTP server that can accept the photos and information.
Anyhow, if you’re looking for a fun weekend project that you may be REALLY thankful for later, go take a look here.
The other day, a customer asked me to setup an FTP account for his clients to use in uploading files to his machine. And while the built-in file serving of Leopard is nice, it’s not made for this sort of thing. For instance, creating a “Sharing Only” user account will only allow AFP and SMB connections.
When you start the application, there are just a few general questions that are asked to help the setup. You can then create users, assign them to certain folders or directories.
There are plenty of options and it makes it real easy to have a powerful file server. The app is free from the developer’s site, though donations are appreciated.
Every once and a while, I’ll get an email asking if we can take a load balancer in our cage. Load balancing is a technique to spread work between two or more computers. So naturally, a load balancer is hardware that makes this possible. The idea is to have multiple Mac minis to host a website so it continues to perform well for high traffic. Since our network and racks are tailored specific for Mac minis, we don’t install load balancers. But, we recommend a much better and less expensive way to do load balancing. We suggest DNS, or more specifically, round robin DNS.
Round robin DNS is a way for one domain to be spread between multiple machines. This way, each time the domain name is called, the request will be forwarded to a different machine. Below is an example of what it might look like courtesy of DNSMadeEasy.com)
So in this case, half of the requests would be sent to 192.168.1.2 and the other half would go to 10.2.54.4. Now each machine only handles 50% of the load. You can easily use up to 13 different ip addresses to really spread the load.
As you can imagine, there are some nice benefits to using Round Robin DNS:
- No extra hardware to purchase. (Load Balancers can cost thousands.)
- When used with DNS Failover, you could have one Mac mini go down and not have it apparent to the end users. It just gets dropped from thr Round Robin until it comes back online.
- Rather than using just one Xserve, you can use five or six Mac minis. Place them on different power strips, attached to different switches, and behind different routers. This way, should any of hardware fail (XServe, power, switch or router), there are still machines available.
- It’s easy to setup, and to add additional machines later. When your budget allows for another machine, just put it in the circle.
We have a few customers doing this now and it’s worked great. If it’s something that might help your company, we’d love to work with you. Just let us know.