Hostmedic Emergency Medicine for Hosting & Server Admins
Subscribe to rss feed
05
June
1 Comment

how to protect your MacBook Pro

This week while at the Greater NJ Annual Conference of the United Methodist Church something sad happened at the very end.

One of the key musicians, Mark’s laptop was stolen.   He had just purchased the laptop just a few days earlier (Tuesday I believe he said.)  This happened from what we can tell right at the end of the conference – and of course there were vendors and conference folks all over the place helping tear down – thus who knows where it is…  We are hoping it was just collected up by someone who mistook it for theirs…  (alas i think we are dreaming… anyhow)

I remember a posting from @ClifGuy who had his laptop stolen right out of another #CITRT members car in Florida – and at that time Windows PC security options were discussed – but not Apple/MAC.

So – here you go MAC Fans:

  1. Never EVER leave your MacBook unattended, not even briefly. Be aware of your laptop, as you would a purse, in airports, hotel rooms, restaurants, libraries, dorm rooms, and even @ a Church gathering.
    -
  2. Always Back up your data regularly. You should do this anyway, in case of hardware failure or software bugs, but it is also critical in case or loss of theft.  Mac makes this easy with the Time Machine option – however a good online backup application would be wise to use
    -
  3. Use a security cable. Simply put – its like a bicycle chain for your machine.   They simply can’t cut it and walk off w/o someone noticing…  we would hope… and even if they could – it stops the simple opportunist from jacking your mac
    -
  4. Use motion sensors, either with hardware (Targus DEFCON, MicroSaver Alarmed Lock) or software (TheftSensor) .
    -
  5. Be less conspicuous.  Carry your MacBook in a backpack instead of a laptop case…  people might not know whats in there.
    -
  6. Choose appropriate passwords and make use of them. Don’t use guessable passwords. Log out when not using your MacBook.
    -
  7. Set a firmware password. Use EFI (Intel) or Open Firmware (PPC) to set a password that prevents booting from another disk.
    -
  8. Use encryption. Consider which data on your MacBook is most sensitive and take care to protect it. Use Apple’s FileVault feature on your home directory or utilize the Disk Utility or DropDMG for convenience.
    -
  9. Install anti-theft software. Use a software package that “phones home” on the Internet or over a phone line (Undercover, LoJack for Laptops).
    -
  10. Have separate logins. You might have one login for your routine documents but for important secure files – use FileVault on another login. By having a third login, with no password, you invite a thief to log in that way, making it more likely that they will connect to the Internet and activate the anti-theft software.
    -
  11. Recordkeeping. Record your MacBook serial number and keep this information on paper somewhere- or even better take pictures and upload them to somewhere online you can always get to – and make sure that is password protected of course.   Register your purchase. Keep track of what personal information you have on your MacBook, so you know what you’ve lost, what passwords to change, etc.
    -
  12. Insurance. Check if loss or theft of your MacBook is already covered under an insurance policy you have – such as your credit card.  If not, get renter’s insurance, a rider on a homeowner’s policy, or some other type of coverage- and make sure the deductible is low enough for it not to matter if it gets lost.
    -
  13. Be sure to Avoid viruses/adware/spyware. Install all security updates to Mac OS X or other software.  At present you don’t need any special software for Macs – I suggest using the ClamAV for MAC located here:  http://www.clamxav.com/index.php .
    -
  14. Keep your personal computer personal.In other words – NEVER LEND IT OUT.   And if you need to – use a separate login for them – thus insuring the security on your system.

Any other suggestions – please feel free to add them .

15
May
No Comments

MySQL Cluster Bandwidth Relief

I have been toying with having offsite backups for our MySQL databases -  The idea is – all data could be offsite in case of a major fire or another issue.

I setup a radio link between our new office and our old using a Ubiquity NanoStation – and the bandwidth is Awesome – however… so is the amount of informaiton.

MySQL replication however – as its nature is – any Insert, Update, or Delete statements are written to the binary log, then sent from the master server in the datacenter to our new office.

I have been running this setup now for a short time – however I noticed today – that the slave server has been crawling – and unable to keep up.  So – in hunting – I cound that there is a sizable amount of bandwidth flowing between the two – not counting the other file backups going over the same link.

It seems that there is not enough bandwidth over this radio link to keep up with the replication… After a bit of hunting -  I found the slave_compressed_protocol setting in MySQL which allows the master and slave to compress the replication data between the two servers exists..  After enabling that, the slave was able to catch up within a matter of minutes and has stayed caught up just fine. The bandwidth usage has dropped a huge amount.    Next is coming the SSH compression – and I think the logs – which go through the SSH tunnel will most likely have similar success.

15
May
No Comments

MySQL Dump to another server

Recently – while doing some work for COR.org – I was asked how to dump a database from one server to another… (mysql)

The first thought was to run mysqldump dump on the destination machine, and to access the database over the network. That however, doesn’t compress or encrypt the data. Plus I would have had to create a mysql user with permission to access the database remotely.

The solution used instead worked out well: mysqldump directly to the remote host with this command:

mysqldump <DATABASE_NAME> [mysqldump options] | gzip -c | ssh user@remotehost "cat > /path/to/some-file.sql.gz"

In short – this method pipes the mysqldump command through gzip, then to through and SSH connection. SSH on the remote side runs the ‘cat’ command to read the stdin, then redirects that to the actual file where you want it saved.

14
May
No Comments

Sleeping for a random amount of time in a shell script

Ever want to make a shell script pause…

You can use the special $RANDOM environment variable to get a random number and then divide it by the maximum number of seconds that you want to wait. Use the remainder as the number of seconds to sleep since it will always be between zero and the max you specified. This example will sleep anywhere between zero and 10 minutes (600 seconds)

 /bin/sleep/sleep   `/usr/bin/expr $RANDOM % 600`

Of course – those who really are keen will note that it isn’t truly random. The maximum value for $RANDOM is 32767 which is not evenly divisible by most likely values – but its close enough for me ;-)

05
March
No Comments

MySQL optimization post 1

Well recently after moving MySQL to a remote server – we noticed it simply just locked up.

After peeking I noticed someone changed the my.cnf file around -and thus this is my own quite little slap on the head to that person ;-)

The MySQL server has a ton of variables – and depending on how they are adjusted MySQL will work well – or …. just stop all together.

One of the largest issues w/ a bad my.cnf configuration will be seen in I/O workload.  If you are running, like we are, InnoDB and MyISAM (as well as I guess I should include Berkeley DB (DBD) and also HEAP for that matter) – there are some variables that will impact memory and I/O.

for InnoDB – these generally do not matter as much:

·         bulk_insert_buffer_size

·         key_buffer_size

·         key_cache_age_threshold, key_cache_block_size, key_cache_division_limit

·         read_buffer_size, read_rnd_buffer_size

however – for the case of this writeup – I will list the many that apply to virturally all storage engines.

·         join_buffer_size – A buffer used for full join. If you have  large joins without indexes, increase this buffer size to improve the efficiency.

·         sort_buffer_size – A buffer used for the sort result set allocated by each thread. This can speed up GROUP BY as well as ORDER BY queries.

·         query_cache_size – Simply set this variable to a nonzero value to enable query caching and change as needed.

·         query_cache_limit – The maximum size of the cached result set.  Keep in mind – the larger result set won’t be cached .

·         query_cache_min_res_unit –This allocates query cache memory blocks with the minimum size set by this variable.  Sadly – when the application has a lot of small query results – the default block size of 4K can lead to memory fragmentation…  So – with small result sets simply decreasing it to 1024 or 2048 bytes may improve performance.   Conversely – with large query result sets increasing it to 8192, 16384 or more may improve performance.

More to follow later :-)

Looking into testing mysql on a SDD drive soon enough

18
February
No Comments

3G Funny AT&T punked

Ok – so this is really funny…

15
February
No Comments

WiGig

The newly formed Wireless Gigabit (WiGig) Alliance is aiming to go faster than the wired networks, and the players it has in its camp are some Pretty Hefty Batters – including Atheros Communicaitons, Broadcom, Dell, Intel, Nokia, Toshiba and others.    This past December the WiGiG Alliance stated it is on track to complete the 6 Gpbs wireless network specification utilizing the 60GHz radio spectrum.

What is not spoken about is the ability perhaps to integrate the WiGig with the WiFi networks already in production such as A, G and N.  With 3 of the largest chip manufacturers – Intel, Broadcom and Atheros are eyeing commercial chips by 2011

Imagine what WiGig could mean to the Data Center environment – the end to Cross Connect fees between racks in the same building – but feet or rooms away…  I wonder how long it will take Motorolla and/or Ubiquity to catch on and see how much magic they could perform with this new up and coming standard.

04
February
No Comments

Classifying an ISP – New Regulations by the FCC

FCC to use Title II of the Communications Act:

Title II of the Communications Actthe section that regulates telecommunications common carriers is now being considered by the FCC to oversee broadband.  FCC Commissioner Robert M. McDowell during a talk he gave to the Free State Foundation asked:  (see First Do No Harm: A broadband plan for Amercia)

“Exactly what kind of companies might get tangled up into this regulatory Rubik’s Cube?…Any Internet company that offers a voice application?” … “With this newfound authority, why stop at voice apps? Isn’t voice just another type of data app? As the distinction between network operators and application providers continues to blur at an eye-popping rate, how will the government be able to keep up?”

Is Broadband able to be classified as a common carrier service?  The FCC most assuredly believes this is well within its authority – and is exercising these “policies” not just over the agency’s ability to regulate the NET – but if it can be classified as a common carrier service.

Comcast is suing the FCC over its Order sanctioning the company for P2P blocking – so their ability to “regulate” needs to be clearly defined – of course re-defining a government entity is not an easy task… however defining ISPs as common carriers would seem suited to the FCC’s purposes, especially if given Title II’s clear definition of what a common carrier can’t do:

“It shall be unlawful for any common carrier to make any unjust or unreasonable discrimination in charges, practices, classifications, regulations, facilities, or services for or in connection with like communication service, directly or indirectly, by any means or device, or to make or give any undue or unreasonable preference or advantage to any particular person, class of persons, or locality, or to subject any particular person, class of persons, or locality to any undue or unreasonable prejudice or disadvantage.”

McDowell stated, “At the same time, broadband companies create and maintain software with millions of lines of code inside their systems. They also own app stores that are seamlessly connected to their networks. As technology advances, will the government be able to make the distinctions between applications and networks necessary under a new regulatory regime?…  Will it (the government) be able to do so in Internet Time?”

One thing is clear -  If we were able to agree on some basic tenets providers could utilize to ensure all accounts are serviceable based upon not only “bandwidth” but also “throughput”  most of these arguments would simply be a mute point.




This past October (2009) The FCC laid out its draft for network neutrality rules which appears to allow to the greater extent a “free and open Internet.”  The principles already existing from 2005:

  • Consumers are entitled to access the lawful Internet content of their choice
  • Consumers are entitled to run applications and use services of their choice, subject to the needs of law enforcement
  • Consumers are entitled to connect their choice of legal devices that do not harm the network
  • Consumers are entitled to competition among network providers, application and service providers, and content providers.

Those principles along with two new additional principles are now going to be made “binding:

  • A provider of broadband Internet access service must treat lawful content, applications, and services in a nondiscriminatory manner
  • A provider of broadband Internet access service must disclose such information concerning network management and other practices as is reasonably required for users and content, application, and service providers to enjoy the protections specified in this rulemaking

In this ever changing world of the INTERNET -  I do not think it is reasonable to agree ISP’s are able to perform Network management based on ambiguity:

  • To manage congestion on networks
  • To address harmful traffic (viruses, spam)
  • To block unlawful content (child porn)
  • To block unlawful transfers of content (copyright infringement)
  • For “other reasonable network management practices”
The ambiguity of that last item is alarming to both camps in the war for “net-neutrality.”  The FCC is going to at some point – have to define the other reasonable network practices” for this to have any real meaning after all.  The question remains:  Congress has never given the FCC any authority to regulate the Internet for the purpose of ensuring net neutrality has it?
01
February
No Comments

iPad missing FCC Approval

ok – so you want that iPad… guess what – The US Government has not determined it legal yet.
The specs on the iPad page mention the lack of FCC approval in tiny print that is easy to miss. And nobody seriously expects the iPad won’t be approved

Apple writes “Some features and applications are not available in all areas… Application availability and pricing are subject to change. This device has not yet been authorized as required by the rules of the Federal Communications Commission. This device is not, and may not be, offered for sale or lease, or sold or leased, until authorization is obtained.”

31
January
No Comments

iPad’s place in ministry…

Can you think of the any practical and realistic uses for the iPad in a ministry context? I have a few right off the top of my head…

  • Musicians Sheet Music (and words pushed if needed…)
  • You Version Notes & Biblical Text (preach right from the pad)
  • Get rid of prayer books and hymnals… place iPads and WiFi in the pew – into the home…
  • Translate the Bible in real time – have a concordance (or 10 of them even) right @ your disposal…
  • Write an app and control the sound board, cameras, lighting…
  • Give them to the Welcome teams – have interactive maps,
  • Child Check in stations – real time wifi collection to a db application – During emergencies they could be used for attendance and security checks
  • Google Wave Client for conferences?
  • Push out premium sermon content – the added extras, additional biblical texts etc.
  • No one that knows sign language on staff today? That’s okay – listen and type out the words for those who can “read” them in real time.
  • Cheap information Kiosk’s

Can you add to these?

Next Entries →

Mac Data Recovery

Powered by: VineHosting