Jun 30
Disk images are one the great things that Mac OS X supports natively. There are so many things that can be done with them like store important data in them securely with the built-in encryption. The encrypted disk images can be taken anywhere and can be opened on any Mac.
All of this can be done through Disk utility, but if you do it repeatedl, creating a little script can save time. For example, in Terminal:
hdiutil create -encryption -stdinpass -srcfolder private encryptedfolder.dmg
So, it would look something like this:
hdiutil create -encryption -stdinpass -srcfolder /Users/Myaccount/Documents encryptedfolder.dmg
Note that the command is entered all in the terminal as one line with a return. This will encrypt the folder to a disk image called encryptedfolder.dmg and bring up a password dialogue box for you to enter a password. If you want to enter the password in the script then try this.
echo -n “password” | hdiutil create -encryption -stdinpass -srcfolder private encrypted.dmg
This will create the disk image with the password of “password” with bringing up an interactive dialogue box. Be warned that anyone with access to the computer may be able to read this script and see you password, but that is not a problem if you take the disk image away from the computer
Jun 16
Disk images make the perfect backup file. Without any extra software or cost, Mac OS X will compress and encrypt the data into a single file that can be copied anywhere.
While most backup programs need to be installed on a computer in order to be able to decrypt and read the backup, encrypted disk images can be opened on any Macintosh.
Creating the disk image with Disk Utility.
Disk Utility is located in the Applications/Utilities folder on the hard drive. Most people only use Disk Utility to repair disks and permissions, but it can also be used as a backup program.
Go under the File menu and select New. A pop-up menu will show up with two options: Blank Disk Image and Disk Image from Folder. Choose the Disk Image from Folder and a dialogue box comes up and asks you to select the folder that you wish to backup. After selecting the folder that you want to back up another dialogue box appears asking you to name the disk image to be created and specify the type of disk image to be created. For backups, select compressed for Image Format and 128-bit AES encryption for Encryption. Mac OS X 10.5 Leopard adds the option for 256-bit AES encryption with is more secure, but takes longer to create and open up. Next a box appears asking you to enter a password for the encrypted disk image. Choose a difficult password because disk images can be opened if someone can guess your password. Microsoft offers a free online password strength tester and notes about creating passwords that cannot be easily guessed.
Selecting the Save Password in Keychain option means that the password to the disk image will be stored under your account information on that Mac. The image can be opened up by manually entering a password. If you are the only user of that computer, then this option can save time. However, if you share the computer with other people and do not have separate user accounts, then they can open the backup file too.
Now that the file is created, the image can be moved to another computer or flash drive in case the primary hard drive fails.
Jun 02
Route-maps allow to you deal with traffic on your router by policy rather than traditional means.
In this example, we will route traffic by source address, or who is sending the traffic, rather than by destination, or where the traffic is going. Typically routers just look at where traffic is headed, compare that destination to their routing table and send the packets on their way. To override basic routing on a Cisco router, a route-map configuration is required.
What are route-maps?
Essentially, Route-maps are like a scripting language for routers. They define traffic and then process it according to a defined list of statements almost like a miniature computer program.
Why would you want to route by source address?
Perhaps you have internet connections from two internet service providers along with IP addresses provided by both and you want to send traffic from the IP address that belongs to each ISP to the correct internet connection. Another application of router-maps would be to migrate traffic from one firewall to another in steps rather than all at once.
Understanding the Route-Map structure
Route-maps inherit their structure from if-then statements in programming. First, it creates a step (10 and 20 in this example), matches a criteria in each step and then performs an action.
route-map permit 10
perform-action-1
route-map route-map-name permit 20
match criteria-2
set perform-action-2
Configuring the Route-Map for routing traffic by source
Step1: Define the traffic with an access-List
RouterA(config)#access-list 25 10.10.25.0 0.0.0.255
Step 2: Create a Route-Map with an action
RouterA(config)# route-map Traffic_to_ISP_A 10
RouterA(config-route-map)#match ip 25
RouterA(config-route-map)#set next hop 10.15.15.1
Step 3: Apply the Route-Map to the router interface that the traffic enters into
RouterA(config)#interface gig0/1
RouterA(config-int)#ip policy Traffic_to_ISP_A
Now all traffic from the 10.10.25.0 network will be forced to the router at 10.15.15.1 rather than looking at the routing table in the router.
Now that the traffic is routed correctly by policy, perhaps you find one server within the 10.10.25.0 network that needs to be routed normally rather than being forced to a new network by the route-map. To have the server 10.10.25.10 bypass, just create a new route-map step.
Read the rest of this entry »
