Posted on

Add a Mac Mini Server to your network

Have you ever considered adding a Mac server to your gadget collection, but were afraid of the hassle? Does your Mac work group need a server to share essential resources like your media library, without cluttering up your individual machines? Have you ever wondered if you could set up a Mac server to control your Mac work stations?

Well the answer may be to get yourself a Mac Mini, preloaded with Snow Leopard Server. You can buy one of these little dynamite machines for less than £900 including VAT in UK, or $950 US, and be up and running in less than an hour. The standard Apple Mac Mini Server comes with a 2.66GHz Intel Core 2 Duo processor, 4 GB RAM, and two 500 GB Hard drives as standard, with a Geforce 320M graphics adapter, and of course Snow Leopard Server 2 installed.

Be warned, however, that this machine does not include an optical drive, as does it’s client cousin, or a keyboard or mouse, and you will need your own display. It does have two graphics ports, a HDMI port, with an included HDMI to DVI conversion lead. It also includes Wi-Fi wireless networking (based on 802.11n specification; 802.11a/b/g compatible), Gigabit Ethernet wired networking (10/100/1000BASE-T), Bluetooth 2.1 + EDR (Enhanced Data Rate) for connecting with peripherals such as keyboards, mice and cell phones, and four USB 2.0 ports and a FireWire 800 port. Not bad in such a tiny form factor!

If you want to use a VGA display you can buy an optional adapter Mini DisplayPort to VGA adapter, which allows you run up to 2560-by-1600 resolution. Please note that the Mac Mini Server has a Mini DisplayPort, not a Mini DVI port, so you need an Apple MB572Z/A Mini Display Port to VGA Adapter cable, or equivalent. See the link below for a suitable product, or contact Apple.

The setup is quite simple, with a Mac quality Assistant to guide you through the process. One note of caution is offered here; if the server you are setting up will serve as an Open Directory Master and DNS server, you should not set up a new Open Directory domain until you have read and understand the implications. One of the pitfalls of simply walking through Mac OS X Server’s automatic Server Assistant tool, is that the Assistant offers you the option of setting up a new Open Directory domain. This can cause problems if the server you are setting up will serve as an Open Directory Master and DNS server. See Understanding Mac OS X Open Directory later for more information.

Another thing to be aware of of if you are a hands on person and just want to get going. Make sure you have the server software serial number cards that are essential during the setup process! That is one of the first things the Server Assistant requires, and if you have thrown away the packaging in your enthusiasm to get going, you will have a problem. Not that anyone we know would have done that, you understand!

In use, the Mac Mini Server runs cooler that the client version with its built in internal optical drive. Is seems that the internal optical drive generate most of the heat in a Mini, while the disk drives generate very little, which contributes to the heat savings claimed by Apple. As a benchmark, a Mini with Snow Leopard Server should handle a work-group or small business of 25 users with a bit of room to spare.

For the corporately minded, who like the server bolted into a 19″ rack, there is even a nifty little attachment you can buy, which allows two Mac Mini Servers to be secure in a 1U rack mounted enclosure. Neat!

Further reading about Mac OS X server:

Posted on

How to Use Remote Desktop on an iMac

Have you ever wanted to access something on your iMac without going back to your desk? Wouldn’t it be cool to remotely access you iMac and check on your email without even being there? Did you know that Mac OS X comes with Remote Desktop software included, which allows you to connect to your iMac from another machine?

To set this up and try it out for yourself, follow the following sequence on the target Mac:

  • Go into System Preferences
  • Select Sharing
  • Check Remote Management
  • Note down the the IP address of the Mac, you will need this later
  • Click on Computer Settings
  • Check VNC viewers may control screen with password,
  • Enter a suitable password and the click OK

Your Mac is is now ready to receive input from another machine on the network. Now go to the machine you want to use to control your Mac and install a VNC client such as Chicken of the VNC, (for a Mac) or TightVNC (for Windows).

Using Chicken of the VNC

  • Open Chicken of the VNC and at the VNC Login screen check if the target Mac is listed. If not, click on New Server, and enter the IP address you noted earlier and the password, and click Connect. If the Mac is listed, select it and enter the password, then click Connect.

Using TightVNC for Windows

  • Open TightVNC Viewer (for a default Windows installation this will be under Start, All Programs, in the TightVNC folder)
  • In the New TightVNC Connection enter the IP address you noted earlier and Click Connect.
  • At the Standard VNC Authentication dialogue enter the password and click OK

Remember if you want to make a remote connection though a firewall, you will need to set up Port Forwarding, and point port 5900 to the IP address of your machine. You can do this by logging into the router with the administrator name and password.

You can now access your Mac OS X machine across the network as if you were sitting at it. Enjoy!

If you are interested in using your desktop Mac remotely, the links below may be usefull:

Posted on

Microsoft Floors The Coreflood Botnet

With headlines like “More Than 2 Million Computers Infected with Keylogging Software as Part of Massive Fraud Scheme”, the U.S. Department of Justice (DoJ) and Federal Bureau of Investigation announced the filing of a civil complaint, the execution of criminal seizure warrants, and the issuance of a temporary restraining order as part of the most complete and comprehensive enforcement action ever taken by U.S authorities to disable an international botnet.

The U.S. Attorney’s Office for the District of Connecticut has filed a civil complaint against 13 “John Doe” defendants, alleging that the defendants engaged in wire fraud, bank fraud and illegal interception of electronic communications.

The Coreflood botnet is a particularly harmful type of malicious software that records keystrokes and private communications on a computer. Once a computer is infected with Coreflood, it can be controlled remotely from another computer, known as a command and control (C & C) server.

Interestingly, the US Government also obtained a temporary restraining order (TRO), granting authorization to respond to signals sent from infected computers in the United States in order to stop the Coreflood software from running, thereby preventing further harm to hundreds of thousands of unsuspecting users of infected computers.

Essentially the DoJ was allowed to impersonate the commanding servers and send a Stop command to the botnet agents that were tethered to the 5 illegal computers, known as a command and control (C&C or CnC) servers. This is believed to be a precedent, and opens the door for more active countermeasures against these criminal money-making machine networks.

Following on from the earlier successes against the Rustock botnet in March, and the Waledac botnet in February, this action takes the war against these cyber crimanls a stage further.

Other links on the subject:

Posted on

Microsoft Claims Rustock Botnet Takedown

Have you missed your daily dose of spam emails advertising everything from Viagra to fake pharmaceuticals and watches this week? According to a link spotted on eWeek, Microsoft is claiming responsibility for the takedown of the massive Rustock botnet, which stopped sending out spam midmorning on 16 March 2011.

This operation, known as Operation B107, is the second high-profile takedown in Microsoft’s joint effort between Microsoft Digital Crimes Unit (DCU), Microsoft Malware Protection Center and Trustworthy Computing – known as Project MARS (Microsoft Active Response for Security) – to disrupt botnets and begin to undo the damage the botnets have caused.

The previous operation against the Waledac botnet (B49) followed a judgement by the US District Court of Eastern Virginia, that upheld a recommendation to grant Microsoft’s motion for the transfer of the domains behind the Waledac botnet to Microsoft.

The Rustock Botnet is estimated to have infected up to 1.7 million computers worldwide, and up to the end of 2010 may have been responsible for almost 50% of the spam sent worldwide. At times Rustock was capable of sending 30 billion spam e-mails per day.

The Rustock Botnet was identified as being more complicated than the Waledac botnet, using hard coded IP addresses rather than domain names, and peer-to peer command and control servers. To combat this Microsoft obtained a court order allowing them to work with the U.S. Marshals Service to physically capture evidence onsite and, in some cases, take the affected servers from hosting providers for analysis.

The amount of computers which can be linked in a botnet is mind boggling, and because the bots are so versatile their use is limited only be the imagination of their controller, or bot-herder.

In order to combat botnets, Microsoft encourage every computer owner to make sure their machine isn’t doing a criminal’s dirty work. If you believe your computer may be infected by Rustock or other type of malware, we encourage you to visit support.microsoft.com/botnets for free information and resources to clean your computer.

Further links and resources

Finally, for everyone who likes comics, check out the Microsoft comic strip Terrifying Tales of Digital Delivery

Posted on

Microsoft launches Internet Explorer 9

Microsoft has launched the finished version of its Internet Explorer 9 web browser, and at the same time started a campagn to rid the world of the dreaded IE6. The site called The Internet Explorer 6 Countdown, appears to be set on moving the world off Internet Explorer 6 – and about time too!

However, the joy at the launch of IE9 may not be ubiquitous; While Windows Vista or Windows 7 users can now download the full release version of IE9, XP users and Mac OS X or Linux users are not so fortunate. There are plenty of other browsers of course, including Firefox, Chrome, Safari, Opera, and many others to chose from, so there are plenty of alternatives to IE6.

Meanwhile on another front, a Downing Street petition is calling for the UK government to drop IE6 and move to a more modern browser. The petition highlights IE6 security flaws and uses outdated technology, creating a burden for developers. The petition comes as the Department of Health advised the NHS to move away from the old browser. How long will it be before other government departments catch on and realize that it is time to ditch the bad egg, which is well past it’s use by date.

If you are running Windows Vista or Windows 7, you can click here to download IE9

For a more critical view of the new browser from the Microsoft stable, read Five Reasons not to “Upgrade” to Windows’ Internet Explorer 9

Posted on

Microsoft Takes Down The Waledac Botnet

In a post on the Official Microsoft blog, entitled Cracking Down on Botnets, Microsoft announced the takedown of the Waledac botnet, one of the 10 largest botnets in the United States and a major distributor of spam globally. Microsoft achieved this after a federal judge granted a temporary restraining order cutting off 277 Internet domains believed to be run by criminals.

In a complaint filed in the Eastern District of Virginia on the 22 February against John Does 1-27 et al, Microsoft alleged that the “Doe defendants have undertaken the forgoing acts with the knowledge that such acts would cause harm through the .com domains located in Virginia and through user computers located in Verginia, therby injuring Microsoft, its customers and others both in Virginia and elsewhere in the United States”. This argues that the Virginia Court has jurisdiction over the case regardless where the perpetrator reside.

The takedown of the Waledac botnet, or Operation B49 as it was known internally in Microsoft, was the result of months of investigation. The Waledac botnet is believed to have had the capacity to send over 1.5 billion spam emails per day. From Microsoft’s analysis, between 3-21 December 2009, approximately 651 million spam emails attributable to Waledac were directed to Hotmail accounts alone.

This legal and industry operation against Waledac is the first of its kind, but hopefully it won’t be the last. Microsoft has acted with experts from the international security communication to combat this menace to computer users everywhere. However, taking down the botnet is not the end of the story.

Thousands of computers are still infected with the Waledac computer worm, a self-replicating malware computer program. Although the zombies are now largely out of the bot-herders’ control, they are still infected with the original malware. Microsoft advise users people running Windows machines to visit the Microsoft Security Web site, where they can find Microsoft’s Malicious Software Removal Tool, which removes Waledac.

Links and resources relating to Microsoft Takes Down The Waledac Botnet:

Posted on

Important WordPress Security Update Announced

In a direct email from Matt Mullenweg via the WordPress.org announcement list, news has reached our ears about an important WordPress Security Update, WordPress version 3.0.4.

Apparently, they have fixed a critical vulnerability in WordPress’ core HTML sanitation library, and because this library is used lots of places it’s important that everyone update as soon as possible.

We have already been busy updating dozens of WordPress sites we support, mostly without incident. We recommend you back up your site before upgrading, but upgrade soon.

We would like to wish all our readers, supporters and colleagues a merry Christmas break and a Happy New Year. Blog On!

Posted on

How To Add New Fonts To Your Graphics

While we were experimenting with layouts for a news letter for a project currently in the marketing department, we came upon the need for some additional font options for the headline and titles. While the built in fonts on a Mac are impressive, the headline wanted something more futuristic and stylized than those provided by default. A quick Google search identified that there are several sites which offer free fonts, and as the newsletter must be re-creatable, we wanted a freely available font for the headline on the style guide. After all you don’t want to pay for a custom font which you have to license for every user who may recreate the newsletter in the future.

On a Mac it is simple to install extra fonts. You just download them and then open the Zip or Archive file in Finder and then double click the font so that it opens in Font Book. If the font is what you are looking for just click the Install Font button. OpenType fonts work in Mac OS X, and TrueType fonts work in Mac OS X and earlier versions.

There is a little bit more to do in Windows, and you must be an Administrator on the target machine to install or remove fonts.

To install a font in Windows the hard way, follow these steps:

  1. Click Start, and then click Run.
  2. Type the following command, and then click OK:
    %windir%\fonts
  3. On the File menu, click Install New Font.
  4. In the Drives box, click the drive that contains the font that you want to add.

Alternatively, you can also browse to a file in Explorer and then either

  • right-click on the font file, and then select ‘Install’ from the drop-down menu.
  • double-click on the font file to open the font preview and click the ‘Install’ button.

We are installing the new font for embedding in a header graphic, so everyone will see the same result. We tend not to use these custom fonts on web pages as most viewers will not have them installed, and you dont want to lose fancy twirls and long descenders.

A great site to visit is dafont.com where they have an excelent selection of Free, Shareware, Free for Personal Use and Public domain/GNU GPL fonts which will meet most needs. We particularly liked the Sci-Fi selection which includes gems like Star Jedi and terminator! We discounted fonts marked “Free for personal use” as this newsletter is to support a database which is launching in a corporate market.

Why not explore the wonderful world of fonts and give you next newsletter some character?

Posted on

Quick Tip For Adding PayPal Buttons In WordPress

Setting up a WordPress blog for promoting a service or product of your own is a great way to get up and running on the Internet. You can be up and blogging in a few hours, and maintain the site for yourself. However, if you want to attract payment through your site, you may find that your PayPal Buttons do not work correctly in your posts or pages.

Here is a simple WordPress guide to add a PayPal payment button within posts on your blog. Follow these seven steps to add PayPal to your site and monetize your online presence.

Seven Quick steps to putting a PayPal Button on your WordPress Blog

  • Install WP Simple Adsense Insertion, which is a simple WordPress plugin to insert Google Adsense into posts, pages, sidebars.
  • Activate the plugin, which will add a new Simple Adsense Insertion menu option under the settings menu option.
  • Login to your PayPal account, then go to Merchant Services and then chose your option from the available list.
  • For the purpose of this exercise we will select Sell Single Items, and fill in the boxes for your service or product.
  • Highlight the code for your Button under the Website tab and press Cmd +C (Mac) or Ctrl + C (Windows) to copy the code for the button.
  • In WordPress click on Simple Adsense Insertion and then click into the top text field next to Adsense Ad Campaign 1 Code and Cmd +V (Mac) or Ctrl + V (Windows), and then click Update Options
  • Back in your new post or page, paste the code into the edit box where you want the button to appear, and click Publish to save your entry.

Use this simple guide to add a PayPal payment button within posts on your WordPress blog, and start to earn money!

Posted on

The Network for the Post-Bureaucratic Age Featured Blog

The featured Blog this week is The Network for the Post-Bureaucratic Age, which is a WordPress Blog hosted at WordPress.com. It uses the Freshy theme by Jide and may be described as a comparative newcomer in the blogosphere, with its first post date-stamped on 28th June 2010.

The current headline post dated 8th September 2010 is a leader for a report entitled Better for Less: How to make Government IT deliver saving. This critical report by Liam Maxwell investigates the quagmire of government IT. In fact you might say that he has slammed the whole way that Government IT procurement is handled. The report is linked from the site, and should be read by anyone in government IT with responsibility for procurement.

The main reasons for singling out this site as a featured blog, is more about what it represents rather than it’s august history. This is a Think Tank, close to government which is criticizing the status quo. We consider that at least five of the seven examples of potential saving have merit, and the others may be examples where savings could be made without massive changes to the infrastructure

  • A test environment for development companies with easy access to rack-space
  • Open Source on the desktop through the use of Open Document Format
  • New models sought for software framework (may we suggest Apache, My SQL, PHP for a start)
  • Commoditization of Email and office productivity
  • Common Security Framework
  • Migrating Schools to Free email services
  • Prizes for IT innovation in education

Plaudits to The Network for the Post-Bureaucratic Age for hosting this message on WordPress.com and using the most popular blogging platform on the planet – WordPress!

Click here to visit The Network for the Post-Bureaucratic Age